PUP.Adware.Heuristic / bcnexum
Liebe Leute,
Irgendwann ist mir die domain bcnexum.com in meinem Firefox-Verlauf aufgefallen. AdwCleaner hat "PUP.Adware.Heuristic" festgestellt und "HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b" entfernt. 7 Tage später tauchte bcnexum wieder auf und PUP.Adware.Heuristic ist auch bei jedem Neustart wieder da. Das geht schon eine Weile so, die DIY-Tips zum endgültigen Entfernen, die ich gefunden habe ( https://hackerdose.com/malware/bcnexum-com-redirect/ und https://praxistipps.chip.de/pup-adware-heuristic-entfernen-so-gehts_96925 ) , konnte ich nicht erfolgreich umsetzen, und ich bin mit meinem Latein am Ende.
Danke, dass ihr euch um so Sachen kümmert!
FRST-Logs: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
durchgeführt von Páll (Administrator) auf DESKTOP-8H8CSAR (Micro-Star International Co., Ltd. MS-7C56) (17-04-2025 10:29:20)
Gestartet von C:\Users\Páll\Downloads\FRST64.exe
Geladene Profile: Páll
Plattform: Microsoft Windows 11 Pro Version 24H2 26100.3775 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.983.1\DropboxCrashHandler.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe ->) (Native Instruments GmbH -> ) C:\Program Files\Common Files\Native Instruments\NTK\crashpad_handler.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FCDBLog.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSettings.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiTray.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Users\Páll\Downloads\adwcleaner.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2501.31.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0413647.inf_amd64_d320f14af0da075c\B413137\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0413647.inf_amd64_d320f14af0da075c\B413137\atieclxx.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.056.0324.0003\Microsoft.SharePoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(explorer.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <20>
(RuntimeBroker.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Users\Páll\Downloads\adwcleaner.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0413647.inf_amd64_d320f14af0da075c\B413137\atiesrxx.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\scheduler.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_1da2893e2ffb6838\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe <2>
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25031.45.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(sihost.exe ->) (Musecy SM Ltd. -> Muse) C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.exe
(svchost.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.1.4.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe [2389976 2024-12-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330040 2014-02-11] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9238408 2025-04-15] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\Páll\AppData\Local\Microsoft\Teams\Update.exe [2588640 2023-12-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Keine Datei)
HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013832 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [829304 2021-06-17] (OpenVPN Inc. -> )
HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\Microsoft.SharePoint.exe [1031976 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\...\Run: [AMDNoiseSuppression] => C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe [164840 2024-06-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-460348F480E8}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\Páll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitCleaner Tasker.lnk [2024-03-03] <==== ACHTUNG
ShortcutTarget: BitCleaner Tasker.lnk -> C:\Users\Páll\AppData\Roaming\BitCleaner\BitCleaner Tasker.exe (BINARYLABS LIMITED -> Binarylabs LTD) <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {56C2FFB7-9E96-4F0B-A26B-B70B0B72CB77} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {362B8CE5-631B-402F-AEA5-88E1D0AA1B2A} - System32\Tasks\AMD Install Manager - Check For Updates => C:\Program Files\AMD\AMDInstallManager\AMDInstallManager.exe [55232720 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) -> C:\Program Files\AMD\AMDInstallManager\\-CheckForUpdates
Task: {B4F7D5C2-BD32-4F03-A6DD-1469A0B3DCA9} - System32\Tasks\AMD Install Manager - Install Updates => C:\Program Files\AMD\AMDInstallManager\AMDInstallManager.exe [55232720 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) -> C:\Program Files\AMD\AMDInstallManager\\-InstallUpdates -Auto
Task: {1DCDB645-2256-4947-85FC-0E076AC80B78} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1038544 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {AD52520A-8DA2-448A-908F-D8A72A78BC57} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [191184 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {ECC45768-467E-428B-897E-9F9978818079} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2024-11-29] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A6E810A8-EB72-4985-B86D-BEB3998B3D20} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2024-11-29] (Dropbox, Inc -> Dropbox, Inc.)
Task: {256F55DA-28C2-4606-AFAD-0F6F0FE32A3C} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {CFD0E61C-F4CC-4A51-8805-864BC6E0B7D7} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {01F091ED-1616-455E-8809-9E3FC90145BD} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {A31A605F-71C1-46E5-81AB-DFB7297DA840} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {38A49F5C-5207-42A3-97EC-E7E342BF51A4} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [68328 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {946C804A-9975-4E88-A267-EEBCD8601040} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {607778FF-ADDC-4A1A-B589-E2A61F3A375F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE55396D-89E9-4D36-87B8-7CB36B33D319} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2530059-9DDE-4153-8FE0-F06901055A17} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [204400 2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB280622-400B-4808-BC22-05DE35242278} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4536760 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {24FB97BB-3BD5-4424-904B-FE137BA70AC6} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\WINDOWS\system32\AccountHealth.dll [258048 2025-03-31] (Microsoft Windows -> Microsoft Corporation)
Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Keine Datei)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei)
Task: {86A85C57-D7F8-4E72-8EA7-ACD8AE47F874} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Keine Datei)
Task: {E5FCB0C7-1A4A-4A60-9918-E2A6F399A651} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (Keine Datei)
Task: {CEC27C84-275A-40B7-AD7A-879856542C2A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {F744877B-71CD-4852-BB31-BF53264D1D0D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {860E698E-5C6A-4973-9AA0-5399C82D45AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2B7E138-2F2E-4DCF-818B-01FAE35CFFD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {98BC770D-5721-4428-AF0C-54FEA1C08BB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {44BF852D-C173-4890-9067-11D72C3EAD31} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4930081-AEE1-4A45-8467-92B65689C015} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA00A83C-5C01-4687-9835-F23506E72563} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {A0464567-5C7E-4B6E-8CC2-1561125ABBC4} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\CEIP.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {BC53EF15-3974-42B8-AD79-1A2031531E1E} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {6352B3E7-8D16-4F8B-A90C-112B17EE1A8D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DFB9E7F-60E4-40CE-A0D6-C9ABB2DA8923} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1038544 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {E792D9D9-60B8-4726-9648-41E190A077D5} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2129917812-2419563499-1881424802-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {1AF9B551-A0A2-4D62-AB4C-4DC455E9F70E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-04-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {6681352A-F2C6-4351-9F9A-A4D071A334E5} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4157E1A3-50D1-4723-8041-1E808F97D891} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2129917812-2419563499-1881424802-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F49D432F-26BC-47D3-96C2-AE881199E49B} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2129917812-2419563499-1881424802-1001 => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {638D8052-6C94-46ED-9B7C-30552073C18B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [142544 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {B6FF67DD-A57A-4C81-B95B-34380DF9F284} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [309968 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 217.69.224.73 213.187.64.1
Tcpip\..\Interfaces\{b0cd0ea0-d7b3-47c8-8482-2fa35f02c9a7}: [DhcpNameServer] 217.69.224.73 213.187.64.1
Tcpip\..\Interfaces\{d1049e77-17bf-4cfd-af2e-b55a841ad76c}: [DhcpNameServer] 130.208.165.87 130.208.72.10
Edge:
=======
Edge Profile: C:\Users\Páll\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\Páll\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-16]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Bitcleaner Surfguard) - C:\Users\Páll\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gidnhakgfijhghmilgiiffidakihnbnb [2024-03-03]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Páll\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-03]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [gidnhakgfijhghmilgiiffidakihnbnb]
FireFox:
========
FF DefaultProfile: 6wug9kbj.default
FF DefaultProfile: b3abstqg.default
FF ProfilePath: C:\Users\Páll\AppData\Roaming\Zotero\Zotero\Profiles\6wug9kbj.default [2025-03-25]
FF ProfilePath: C:\Users\Páll\AppData\Roaming\Mozilla\Firefox\Profiles\b3abstqg.default [2025-04-16]
FF ProfilePath: C:\Users\Páll\AppData\Roaming\Mozilla\Firefox\Profiles\zgkz7p2r.default-release [2025-04-17]
FF Extension: (uBlock Origin) - C:\Users\Páll\AppData\Roaming\Mozilla\Firefox\Profiles\zgkz7p2r.default-release\Extensions\uBlock0@raymondhill.net.xpi [2025-04-16]
FF Extension: (Return YouTube Dislike) - C:\Users\Páll\AppData\Roaming\Mozilla\Firefox\Profiles\zgkz7p2r.default-release\Extensions\{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2025-04-16]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13862104 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2024-11-29] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2024-11-29] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48528 2025-04-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\222.4.5042\DropboxElevationService.exe [1659280 2025-04-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [437328 2023-07-18] (Fortinet Technologies (Canada) ULC -> Fortinet Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncHelper.exe [3545416 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Datei ist nicht signiert]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-03-10] (HP Inc. -> HP Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MuseHub Updater Service; C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.Updater.exe [7815248 2025-02-06] (Musecy SM Ltd. -> Muse.Updater)
R2 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [16953568 2024-07-02] (Native Instruments GmbH -> Native Instruments GmbH)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveUpdaterService.exe [3892568 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73592 2021-06-17] (OpenVPN Inc. -> The OpenVPN Project)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559320 2025-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_1da2893e2ffb6838\amdfendrmgr.sys [36136 2024-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV28; C:\Windows\system32\AMDRyzenMasterDriver.sys [61264 2025-02-24] (Advanced Micro Devices -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_66bdd11a4e97edd1\amdsafd.sys [112840 2024-05-02] (AMD Test Build -> Advanced Micro Devices)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0413647.inf_amd64_d320f14af0da075c\B413137\amdkmdag.sys [111263168 2025-03-12] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [63008 2024-05-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2023-07-18] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [165072 2023-07-18] (Fortinet, Inc. -> Fortinet Inc)
S3 FortiTransCtrl; C:\WINDOWS\System32\drivers\FortiTransCtrl.sys [84136 2023-07-18] (Fortinet, Inc. -> Fortinet Inc)
R3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [75888 2023-07-18] (Fortinet, Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70368 2023-07-18] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2024-06-21] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-31] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-03-31] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2024-06-21] (WireGuard LLC -> WireGuard LLC)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-04-17 10:29 - 2025-04-17 10:29 - 000031065 _____ C:\Users\Páll\Downloads\FRST.txt
2025-04-17 10:29 - 2025-04-17 10:29 - 000000000 ____D C:\FRST
2025-04-17 10:28 - 2025-04-17 10:28 - 002404864 _____ (Farbar) C:\Users\Páll\Downloads\FRST64.exe
2025-04-17 10:23 - 2025-04-17 10:23 - 000707760 _____ C:\WINDOWS\system32\perfh007.dat
2025-04-17 10:23 - 2025-04-17 10:23 - 000478860 _____ C:\WINDOWS\system32\perfh008.dat
2025-04-17 10:23 - 2025-04-17 10:23 - 000400580 _____ C:\WINDOWS\system32\perfh006.dat
2025-04-17 10:23 - 2025-04-17 10:23 - 000150734 _____ C:\WINDOWS\system32\perfc007.dat
2025-04-17 10:23 - 2025-04-17 10:23 - 000081052 _____ C:\WINDOWS\system32\perfc008.dat
2025-04-17 10:23 - 2025-04-17 10:23 - 000071570 _____ C:\WINDOWS\system32\perfc006.dat
2025-04-17 09:32 - 2025-04-17 10:06 - 000592574 _____ C:\WINDOWS\ntbtlog.txt
2025-04-17 09:32 - 2025-04-17 10:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2025-04-17 08:52 - 2025-04-17 08:52 - 000003900 _____ C:\WINDOWS\system32\Tasks\AMD Install Manager - Install Updates
2025-04-17 08:47 - 2025-04-17 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2025-04-16 16:16 - 2025-04-16 16:16 - 000002034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2025-04-16 16:16 - 2025-04-16 16:16 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-04-16 16:16 - 2025-04-16 16:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-04-16 16:16 - 2025-04-16 16:16 - 000000000 ____D C:\Users\Páll\AppData\Roaming\Mozilla
2025-04-16 16:16 - 2025-04-16 16:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-04-16 16:14 - 2025-04-16 16:14 - 000382392 _____ (Mozilla) C:\Users\Páll\Downloads\Firefox Installer.exe
2025-04-16 16:03 - 2025-04-16 16:03 - 000035968 _____ C:\Users\Páll\Downloads\rtet.csv
2025-04-16 15:59 - 2025-04-16 15:59 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2025-04-15 20:34 - 2025-04-16 16:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-04-15 13:06 - 2025-04-15 13:06 - 000048528 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2025-04-13 09:55 - 2025-04-13 09:55 - 040056876 _____ C:\Users\Páll\Desktop\Riff 25.03.30 lang.wav
2025-04-11 21:17 - 2025-04-11 21:17 - 000000000 ____D C:\inetpub
2025-04-11 21:07 - 2025-04-11 21:07 - 009575227 _____ C:\Users\Páll\Downloads\Old World-Official User Manual.pdf
2025-04-11 13:49 - 2025-04-11 13:49 - 000001700 _____ C:\Users\Páll\Downloads\Riff 30.03.2025.tg
2025-04-10 08:59 - 2025-04-17 08:49 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-09 18:13 - 2025-04-11 13:41 - 040056876 _____ C:\Users\Páll\Desktop\Riff 30.03.2025.wav
2025-04-08 21:24 - 2025-04-08 21:24 - 000069260 _____ C:\Users\Páll\Downloads\Überweisung Hochschulsport.pdf
2025-04-07 17:38 - 2025-04-07 17:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-04-07 14:11 - 2025-04-07 14:11 - 000135524 _____ C:\Users\Páll\Downloads\GMX - RE_ Insurance deposit refund-1.pdf
2025-04-07 14:11 - 2025-04-07 14:11 - 000073928 _____ C:\Users\Páll\Downloads\Corresp. Sparkasse Giessen.pdf
2025-04-07 14:05 - 2025-04-07 14:10 - 000020197 _____ C:\Users\Páll\Downloads\AW_Problem_bei_Auslandsueberweisung.pdf
2025-04-07 14:05 - 2025-04-07 14:05 - 000019396 _____ C:\Users\Páll\Downloads\S_20250407_140535_AW_Problem_bei_Auslandsueberweisung.ZIP
2025-04-07 13:53 - 2025-04-07 13:53 - 000118632 _____ C:\Users\Páll\Downloads\Hochschulsport.pdf
2025-04-06 20:56 - 2025-04-06 20:56 - 000204743 _____ C:\Users\Páll\Downloads\DB_Ticket_869549164029.pdf
2025-04-05 18:47 - 2025-04-05 18:47 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-04-04 23:21 - 2025-04-04 23:21 - 035835948 _____ C:\Users\Páll\Desktop\Riff 25.02.28.wav
2025-03-31 21:42 - 2025-03-31 21:42 - 000053050 _____ C:\Users\Páll\Documents\Rundfunkbeitrag - Bestätigung.pdf
2025-03-31 13:04 - 2025-03-31 13:04 - 000208442 _____ C:\Users\Páll\Downloads\image-1000-805f01d16bd722eff86baa7a53f2fa8d.jpeg
2025-03-31 11:26 - 2025-03-31 11:26 - 000000667 _____ C:\Users\Páll\Downloads\Riff 2 30.03.2025.tg
2025-03-31 11:18 - 2025-03-31 11:18 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-03-31 11:18 - 2025-03-31 11:18 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-03-25 10:53 - 2025-03-25 10:53 - 000135524 _____ C:\Users\Páll\Downloads\GMX - RE_ Insurance deposit refund.pdf
2025-03-25 09:30 - 2025-03-25 09:30 - 000096657 _____ C:\Users\Páll\Downloads\Paul Theissen Income 03.25.pdf
2025-03-25 09:30 - 2025-03-25 09:30 - 000002737 _____ C:\Users\Páll\Downloads\20250325-42064635-umsatz(2).CSV
2025-03-25 09:29 - 2025-03-25 09:29 - 000002737 _____ C:\Users\Páll\Downloads\20250325-42064635-umsatz.CSV
2025-03-25 09:29 - 2025-03-25 09:29 - 000002737 _____ C:\Users\Páll\Downloads\20250325-42064635-umsatz(1).CSV
2025-03-22 07:25 - 2025-03-22 07:25 - 000807361 _____ C:\Users\Páll\Downloads\Beowulf by All - 9781641894746.pdf
2025-03-20 17:28 - 2025-03-20 17:28 - 006277616 _____ (GOG.com ) C:\Users\Páll\Downloads\setup_old_world_expansion_1_76679_(64bit)_(80422)(1).exe
2025-03-20 17:27 - 2025-03-20 17:27 - 000000000 ____D C:\Users\Páll\AppData\LocalLow\MohawkGames
2025-03-20 17:06 - 2025-04-13 10:39 - 000000000 ____D C:\WINDOWS\Minidump
2025-03-19 10:48 - 2025-03-19 10:48 - 000063808 _____ C:\Users\Páll\Documents\Isländisch Sprachkurs Rechnung.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-04-17 10:29 - 2025-02-06 11:58 - 000000000 ____D C:\Users\Páll\AppData\Local\Muse Hub
2025-04-17 10:28 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-17 10:23 - 2025-03-16 20:02 - 002661938 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-17 10:23 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-17 10:20 - 2023-10-13 12:03 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-04-17 10:19 - 2024-11-29 21:34 - 000000000 ____D C:\Users\Páll\AppData\Roaming\Dropbox
2025-04-17 10:19 - 2024-11-29 21:34 - 000000000 ____D C:\Users\Páll\AppData\Local\Dropbox
2025-04-17 10:18 - 2025-03-16 15:00 - 000003116 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2025-04-17 10:18 - 2025-03-16 15:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-17 10:18 - 2025-03-16 14:58 - 000002920 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-17 10:18 - 2025-02-06 11:58 - 000000000 ____D C:\Users\Páll\AppData\Local\MuseSampler
2025-04-17 10:18 - 2024-07-13 17:54 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-04-17 10:18 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-17 10:18 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-17 10:18 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-17 10:18 - 2023-10-13 17:57 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-17 09:26 - 2023-12-01 14:51 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-17 08:52 - 2025-03-16 15:00 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-04-17 08:52 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-17 08:47 - 2024-11-29 21:34 - 000000000 ____D C:\Program Files (x86)\Dropbox
2025-04-16 19:38 - 2023-10-13 12:44 - 000000000 ____D C:\Program Files (x86)\Steam
2025-04-16 19:27 - 2023-10-13 14:50 - 000000000 ____D C:\Users\Páll\Desktop\Noten etc
2025-04-16 19:02 - 2024-01-16 20:54 - 000000000 ____D C:\Users\Páll\AppData\Roaming\landnama
2025-04-16 16:05 - 2023-12-01 09:16 - 000000000 ____D C:\Users\Páll\AppData\Roaming\Microsoft\Teams
2025-04-16 16:05 - 2023-10-13 12:00 - 000000000 ____D C:\Users\Páll\AppData\Local\D3DSCache
2025-04-16 15:59 - 2023-10-13 22:50 - 000000000 ____D C:\Program Files\Common Files\VST3
2025-04-16 15:59 - 2023-10-13 22:47 - 000000000 ____D C:\Program Files\VstPlugIns
2025-04-15 20:33 - 2025-03-16 15:00 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2129917812-2419563499-1881424802-1001
2025-04-15 20:33 - 2025-03-16 15:00 - 000003552 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2129917812-2419563499-1881424802-1001
2025-04-15 20:33 - 2025-03-16 15:00 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-04-15 20:33 - 2023-11-30 12:34 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-13 10:40 - 2025-03-16 14:58 - 000000000 ____D C:\Users\Páll
2025-04-13 10:39 - 2025-03-16 14:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-13 10:38 - 2025-03-16 14:00 - 001108270 ____N C:\WINDOWS\Minidump\041325-15703-01.dmp
2025-04-12 20:36 - 2023-10-13 17:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-12 08:17 - 2025-03-16 14:00 - 000868767 ____N C:\WINDOWS\Minidump\041225-10328-01.dmp
2025-04-11 21:18 - 2025-03-16 14:57 - 000638208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-11 21:17 - 2024-04-01 18:37 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-04-11 21:17 - 2024-04-01 18:36 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-11 21:17 - 2024-04-01 18:36 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-11 21:17 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-11 21:17 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-11 21:17 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-11 21:17 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-11 21:17 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-11 21:17 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-11 19:19 - 2023-10-15 22:15 - 000000000 ____D C:\Users\Páll\AppData\Roaming\vlc
2025-04-11 08:54 - 2023-10-13 17:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-11 08:50 - 2023-11-30 12:32 - 000000000 ____D C:\Program Files\Microsoft Office
2025-04-10 21:22 - 2025-03-16 13:18 - 000000000 ____D C:\Users\Páll\AppData\Local\AMD_Common
2025-04-08 20:29 - 2025-03-16 14:59 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-06 01:45 - 2023-10-13 13:24 - 000000000 ____D C:\Users\Páll\AppData\Roaming\discord
2025-04-06 01:05 - 2023-10-13 13:24 - 000000000 ____D C:\Users\Páll\AppData\Local\Discord
2025-04-05 19:52 - 2025-03-16 15:00 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-05 19:52 - 2025-03-16 15:00 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-05 19:05 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-04-05 19:02 - 2023-10-13 13:24 - 000002242 _____ C:\Users\Páll\Desktop\Discord.lnk
2025-04-05 18:47 - 2024-04-01 18:37 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-05 18:47 - 2024-04-01 18:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-04-05 18:47 - 2024-04-01 18:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-04-05 18:47 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-04-05 18:47 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-04-05 11:17 - 2023-11-30 12:35 - 000000000 ____D C:\Users\Páll\AppData\Roaming\Microsoft\Word
2025-04-05 09:31 - 2023-10-13 12:00 - 000000000 ____D C:\Users\Páll\AppData\Local\Packages
2025-04-03 21:15 - 2025-03-16 14:00 - 000797220 ____N C:\WINDOWS\Minidump\040325-37312-01.dmp
2025-04-03 21:14 - 2024-11-29 21:35 - 000000000 ___RD C:\Users\Páll\Dropbox
2025-03-31 10:50 - 2025-03-16 14:08 - 000000000 ___DC C:\WINDOWS\Panther
2025-03-31 10:48 - 2025-03-16 14:00 - 001713386 ____N C:\WINDOWS\Minidump\033125-12390-01.dmp
2025-03-26 00:00 - 2024-03-07 20:59 - 000000000 ____D C:\Users\Páll\Zotero
2025-03-25 10:30 - 2023-10-16 00:10 - 000000000 ____D C:\Users\Páll\Desktop\Soundclips
2025-03-25 09:29 - 2023-12-27 08:42 - 000000000 ____D C:\Users\Páll\AppData\Roaming\Microsoft\Excel
2025-03-25 08:46 - 2023-10-16 11:03 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-25 08:46 - 2023-10-16 11:03 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-03-20 17:28 - 2024-06-29 21:09 - 000000000 ____D C:\Users\Páll\Documents\My Games
2025-03-20 17:06 - 2025-03-16 14:00 - 001897265 ____N C:\WINDOWS\Minidump\032025-11937-01.dmp
2025-03-19 20:21 - 2024-06-06 22:22 - 002897472 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-03-19 20:21 - 2024-06-06 22:22 - 000788008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-03-19 20:21 - 2024-06-06 22:22 - 000267816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-03-19 20:21 - 2024-06-06 22:22 - 000243264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-03-19 20:21 - 2024-06-06 22:22 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-03-19 20:21 - 2024-06-06 22:22 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-03-19 20:21 - 2024-06-06 22:22 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-03-19 20:17 - 2023-10-13 12:00 - 000000000 ____D C:\ProgramData\Packages
2025-03-19 10:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-03-18 15:02 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\appcompat
2025-03-18 02:02 - 2023-10-13 12:02 - 000000000 ___RD C:\Users\Páll\OneDrive
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-10-13 22:53 - 2025-02-06 11:59 - 000000048 _____ () C:\Users\Páll\AppData\Roaming\msregsvv.dll
2024-09-23 19:25 - 2024-09-23 19:25 - 000003469 _____ () C:\Users\Páll\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-04-2025
durchgeführt von Páll (17-04-2025 10:30:41)
Gestartet von C:\Users\Páll\Downloads
Microsoft Windows 11 Pro Version 24H2 26100.3775 (X64) (2025-03-16 13:01:01)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-2129917812-2419563499-1881424802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2129917812-2419563499-1881424802-503 - Limited - Disabled)
Gast (S-1-5-21-2129917812-2419563499-1881424802-501 - Limited - Disabled)
Páll (S-1-5-21-2129917812-2419563499-1881424802-1001 - Administrator - Enabled) => C:\Users\Páll
WDAGUtilityAccount (S-1-5-21-2129917812-2419563499-1881424802-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.20435 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Install Manager (HKLM\...\{64763D96-BC41-442A-A10F-4C9EF1783BCB}) (Version: 24.30.25071.1901 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 25.3.1 - Advanced Micro Devices, Inc.)
Amped - Roots version 2.0.0 (HKLM\...\Amped - Roots_is1) (Version: 2.0.0 - )
Amped - Stevie T version 1.0.2 (HKLM\...\Amped - Stevie T_is1) (Version: 1.0.2 - )
AmpliTube 5 version 5.7.1 (HKLM\...\{D831D61F-EBF5-4158-AEE1-F58A7B8C04C8}_is1) (Version: 5.7.1 - IK Multimedia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
Audacity 3.7.3 (64 Bit) (HKLM\...\Audacity_is1) (Version: 3.7.3 - Audacity Team)
AusweisApp (HKLM\...\{780E63F7-FD7F-4FD4-8224-56C65E7BF2D8}) (Version: 2.2.2 - Governikus GmbH & Co. KG)
Banished (HKLM-x32\...\1207660783_is1) (Version: 1.0.7 - GOG.com)
BitCleaner (HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\...\BitCleaner) (Version: 1.0.8.0 - BinaryLabs LTD) <==== ACHTUNG
Blackguards 2 (HKLM-x32\...\1207667233_is1) (Version: 2.2.0.5 - GOG.com)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{08B38F11-2B6D-434D-B5D5-8C2FE3D70A66}) (Version: 7.4.0 - Kovid Goyal)
Custom Shop 2.0.0 (HKLM\...\5b86c39c-6f2f-52a0-a1b0-9b9fc743254c) (Version: 2.0.0 - IK Multimedia)
Custom Shop version 2.0.0 (HKLM\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 2.0.0 - IK Multimedia)
DIE SIEDLER - Das Erbe der Könige (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Discord (HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\...\Discord) (Version: 1.0.9019 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 222.4.5042 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.983.1 - Dropbox, Inc.) Hidden
FortiClient VPN (HKLM\...\{FF46D152-9845-4ACE-8258-DBA7E3BE9785}) (Version: 7.0.9.0493 - Fortinet Technologies Inc)
GIMP 2.10.34 (HKLM\...\GIMP-2_is1) (Version: 2.10.34 - The GIMP Team)
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 15.0.15309.1258 - Hewlett-Packard)
HP LaserJet Pro MFP M127-M128 Fax (HKLM\...\{C5835004-643A-4EB6-A280-706F9F62F985}) (Version: 32.0.44.0 - Hewlett-Packard Co.) Hidden
HP LaserJet Pro MFP M127-M128 Fax (HKLM-x32\...\{FAE97B40-E8E2-4B52-9A9E-219C3CCC0107}) (Version: 32.0.44.0 - Hewlett-Packard Co.) Hidden
HP LaserJet Pro MFP M127-M128 Fax Driver (HKLM\...\{65072E52-F51B-4280-9DA6-EA5F1EE72C3A}) (Version: 32.0.44.0 - Hewlett-Packard Co.) Hidden
HP LaserJet Pro MFP M127-M128 HP Device Toolbox (HKLM-x32\...\{612631AC-0D84-4116-9D8A-D2D63467B7BF}) (Version: 32.0.28.0 - Hewlett-Packard Co.) Hidden
HP LJ M127128 Scan HP Scan (HKLM-x32\...\{2F518061-89DB-4AF0-9A7A-2BF73B60E6F0}) (Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (HKLM-x32\...\{1A8F20ED-C9CC-43FD-A678-20970BB83A9E}) (Version: 4.0.0.8895 - Hewlett-Packard Company) Hidden
HP Unified IO (HKLM\...\{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}) (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (HKLM-x32\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLJProMFPM127M128 (HKLM-x32\...\{B5409C23-DE0C-4B48-8C8A-50AE38694955}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM127_128 (HKLM-x32\...\{2C886751-51BD-4A8C-B33A-B4C513AB5B9A}) (Version: 008.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{7504A7B0-003E-4875-A454-B627E127E9D9}) (Version: 100.040.00218 - Hewlett Packard) Hidden
hpStatusAlertsM127-M128 (HKLM-x32\...\{10D7EBAF-A550-48CD-8511-7D947184EE44}) (Version: 080.046.00112 - Hewlett-Packard) Hidden
IK Product Manager (HKLM\...\a401809f-3509-5ed7-a6dc-34dc618bf372) (Version: 1.0.9 - IK Multimedia)
Inkulinati (HKLM-x32\...\1788295898_is1) (Version: 1.48.1.0 - GOG.com)
Java(TM) SE Development Kit 22 (64-bit) (HKLM\...\{0A90CDCF-216E-51BC-89BE-70E263109A25}) (Version: 22.0.0.0 - Oracle Corporation)
LibreOffice 7.6.2.1 (HKLM\...\{69CAC3E6-C2D7-4221-9351-1F27CCBA92F1}) (Version: 7.6.2.1 - The Document Foundation)
MAGIX Analogue Modelling Suite Plus (HKLM\...\{F485F2FE-1D3D-4F6D-AD4E-13FA5FB22A88}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Analogue Modelling Suite Plus (HKLM\...\MX.{F485F2FE-1D3D-4F6D-AD4E-13FA5FB22A88}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Vandal VST-PlugIn (HKLM\...\{24F96DED-7B99-49C4-B877-CDCDC37762FA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Vandal VST-PlugIn (HKLM\...\MX.{24F96DED-7B99-49C4-B877-CDCDC37762FA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX VariVerb II VST-PlugIn (HKLM\...\{7A97538C-6D3F-4BB5-B2A1-D0ECFB199A4C}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX VariVerb II VST-PlugIn (HKLM\...\MX.{7A97538C-6D3F-4BB5-B2A1-D0ECFB199A4C}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Vintage Effects Suite (HKLM\...\{48978B41-9CD5-4274-9519-B622DD89727D}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Vintage Effects Suite (HKLM\...\MX.{48978B41-9CD5-4274-9519-B622DD89727D}) (Version: 1.0.0.0 - MAGIX Software GmbH)
Microsoft .NET Host - 8.0.8 (x64) (HKLM\...\{3BA242F8-BDB5-4096-9FBC-333CD663BBAD}) (Version: 64.32.18380 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.8 (x64) (HKLM\...\{7FE24458-0796-4428-99C2-9A0F8DAB93CC}) (Version: 64.32.18380 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.8 (x64) (HKLM\...\{9ACB23DB-4D32-49ED-A5E3-F4E2F8D9D2AA}) (Version: 64.32.18380 - Microsoft Corporation) Hidden
Microsoft 365 Apps for enterprise - da-dk (HKLM\...\O365ProPlusRetail - da-dk) (Version: 16.0.18623.20178 - Microsoft Corporation)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.18623.20178 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.73 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.73 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.056.0324.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.8 (x64) (HKLM\...\{663E7053-3B36-4AE5-8223-234867FAEAE6}) (Version: 64.32.18376 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.8 (x64) (HKLM-x32\...\{33832ff3-5583-4b81-b270-d9fd42760e1a}) (Version: 8.0.8.33916 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 14.41.137.0 - Microsoft Corporation)
MODO DRUM version 1.5.0 (HKLM\...\{A795A974-32B1-421C-AA21-B03288C5C562}_is1) (Version: 1.5.0 - IK Multimedia)
Mount and Blade: Warband - Viking Conquest (HKLM-x32\...\1207666933_is1) (Version: 2.068 - GOG.com)
Mount and Blade: Warband (HKLM-x32\...\1207666913_is1) (Version: 2.064 (GOG) - GOG.com)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 137.0.2 (x64 de)) (Version: 137.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 137.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Native Access 3.12.1 (HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.12.1 - Native Instruments)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.8.0.0 - Native Instruments)
Native Instruments Kontakt 7 (HKLM-x32\...\Native Instruments Kontakt 7) (Version: 7.10.5.0 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.19.0.0 - Native Instruments)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0406-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Old World (HKLM-x32\...\2010300617_is1) (Version: 76679 - GOG.com)
Old World Expansion 1 (HKLM-x32\...\1721325518_is1) (Version: 76679 - GOG.com)
OpenVPN 2.5.3-I601 amd64 (HKLM\...\{E5931AF4-2A8F-48A5-AFC8-460348F480E8}) (Version: 2.5.022 - OpenVPN, Inc.)
Pathologic 2 (HKLM-x32\...\1076642617_is1) (Version: 1.5.30038-rel-dev-st + mn - GOG.com)
ProjectSAM The Free Orchestra (HKLM-x32\...\ProjectSAM The Free Orchestra) (Version: 2.0.0.1 - ProjectSAM)
Realms of Arkania 2 - Star Trail (HKLM-x32\...\1207661983_is1) (Version: 1.0 v2 - GOG.com)
RyzenMasterSDK (HKLM\...\{EA69F3F4-94A3-4B3D-8A87-08C1D6ED87B4}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Samplitude Pro X2 Silver (HKLM\...\{C3A3C7A2-0118-4EAA-B51D-E8F26B22D320}) (Version: 13.1.3.176 - MAGIX Software GmbH) Hidden
Samplitude Pro X2 Silver (HKLM\...\MX.{C3A3C7A2-0118-4EAA-B51D-E8F26B22D320}) (Version: 13.1.3.176 - MAGIX Software GmbH)
Samplitude Pro X2 Silver Independence Free (HKLM\...\{E52AC3D4-3700-41D3-8E0E-2FD3C8A8CD3D}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Samplitude Pro X2 Silver Independence Free (HKLM\...\MX.{E52AC3D4-3700-41D3-8E0E-2FD3C8A8CD3D}) (Version: 1.0.0.0 - MAGIX Software GmbH)
Samplitude Pro X2 Silver Objekt-Synthesizer (HKLM\...\{0E9CFDBD-B513-42E5-B46F-D6CD1214FF77}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Samplitude Pro X2 Silver Objekt-Synthesizer (HKLM\...\MX.{0E9CFDBD-B513-42E5-B46F-D6CD1214FF77}) (Version: 1.0.0.0 - MAGIX Software GmbH)
Shadowrun Returns (HKLM-x32\...\1207660413_is1) (Version: 2.3.0.12 - GOG.com)
Soundpaint 3.1.2 (HKLM\...\{78841126-C6F3-4136-A6AF-DB43EB9DDF9F}_is1) (Version: 3.1.2 - 8Dio)
Spitfire Audio version 3.4.10 (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.4.10 - Spitfire Audio Holdings Ltd)
STAR WARS Battlefront II (HKLM-x32\...\1421404701_is1) (Version: 1.1 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold HD (HKLM-x32\...\1207658712_is1) (Version: 1.41 - GOG.com)
Syntronik 2 version 2.1.1 (HKLM\...\{D1F669F8-F75C-442E-B303-107C052DD42C}_is1) (Version: 2.1.1 - IK Multimedia)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
TuxGuitar (HKLM\...\TuxGuitar 1.6.6) (Version: 1.6.6 - TuxGuitar)
TuxGuitar (HKLM-x32\...\TuxGuitar 1.5.6) (Version: 1.5.6 - TuxGuitar)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Zoom (HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\...\ZoomUMX) (Version: 5.17.11 (34827) - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 6.0.36 (x86 en-US)) (Version: 6.0.36 - Corporation for Digital Scholarship)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-11] (Microsoft Windows)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-03-16] ()
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2025-04-17] (Dropbox Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_158.2.1134.0_x64__v10z8vjag6ke6 [2025-04-03] (HP Inc.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-03-19] (Microsoft Corporation)
MuseHub -> C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6 [2025-03-16] (Muse) [Startup Task]
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-04-11] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.52.354.0_x64__dt26b99r8h8gj [2025-03-16] (Realtek Semiconductor Corp)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0 [2025-04-14] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-11] (Microsoft Windows)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2129917812-2419563499-1881424802-1001_Classes\CLSID\{04271989-C4D2-DB05-E5F6-C88623FBD62F} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2129917812-2419563499-1881424802-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2129917812-2419563499-1881424802-1001_Classes\CLSID\{41AD5CCC-26E6-46CC-821E-81569059CA8D} -> [Dropbox] => C:\Users\Páll\Dropbox [2024-11-29 21:35]
CustomCLSID: HKU\S-1-5-21-2129917812-2419563499-1881424802-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Páll\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Keine Datei
CustomCLSID: HKU\S-1-5-21-2129917812-2419563499-1881424802-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Páll\Dropbox [2024-11-29 21:35]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-04-02] (Dropbox, Inc -> Dropbox, Inc.)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\HPTcpMUI.dll
2023-07-18 15:12 - 2023-07-18 15:12 - 000155648 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Fortinet\FortiClient\legacy.DLL
2023-07-18 15:12 - 2023-07-18 15:12 - 006030336 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Fortinet\FortiClient\libcrypto-3-x64.dll
2023-07-18 15:12 - 2023-07-18 15:12 - 000776192 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Fortinet\FortiClient\libssl-3-x64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-07] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\...\sharepoint.com -> hxxps://cmsa3-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 11:14 - 2025-04-17 10:18 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Calibre2\;C:\Program Files\dotnet\
HKU\S-1-5-21-2129917812-2419563499-1881424802-1001\Control Panel\Desktop\\Wallpaper -> D:\Bilder\2017 Dansk pĺ Askov\20170825_063400.jpg
DNS Servers: 217.69.224.73 - 213.187.64.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
Network Binding:
=============
Ethernet 2: Fortinet Virtual Ethernet Adapter (NDIS 6.30) -> ftvnic.sys
OpenVPN Wintun: Wintun Userspace Tunnel -> wintun.sys
LAN-Verbindung: TAP-Windows Adapter V9 -> tap0901.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Ethernet 3: Fortinet SSL VPN Virtual Ethernet Adapter -> ftsvnic.sys
ft_fortifilter: FortiClient NDIS 6.3 Packet Filter Driver
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{8E0434B3-06C2-478E-92F3-D7EC27A8694C}C:\gog games\pathologic 2\pathologic.exe] => (Block) C:\gog games\pathologic 2\pathologic.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{D252EC65-5FB1-49E6-B3F9-0558F3BD8B32}C:\gog games\pathologic 2\pathologic.exe] => (Block) C:\gog games\pathologic 2\pathologic.exe () [Datei ist nicht signiert]
FirewallRules: [{ABBBC7D4-DC9D-4E8E-BC6E-2959BC0070E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Landnama\Landnama.exe (Godot Engine) [Datei ist nicht signiert]
FirewallRules: [{4865745D-3ABD-4530-86A0-BF58BE78B16F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Landnama\Landnama.exe (Godot Engine) [Datei ist nicht signiert]
FirewallRules: [{DA20D4E1-623E-467D-8AA6-DE0B6A331CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BEAST\Beast.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{4668507F-5438-4821-8FBD-F63C451D5C37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BEAST\Beast.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{05C92B27-3CA7-4F52-99D3-3E55EB745487}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.exe (Musecy SM Ltd. -> Muse)
FirewallRules: [AusweisApp-Firewall-Rule] => (Allow) C:\Program Files\AusweisApp\AusweisApp.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{CC0F8CD2-D0B7-4493-9AC2-D3DF80FF5A2E}] => (Allow) C:\Program Files\AusweisApp\AusweisApp.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{BDBBAADB-1430-4E1C-B344-402B87CF1041}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rome Total War Gold\RomeTW-BI.exe (The Creative Assembly Ltd) [Datei ist nicht signiert]
FirewallRules: [{8180F412-8620-4E3E-98A5-8BE0FB4D9BB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rome Total War Gold\RomeTW-BI.exe (The Creative Assembly Ltd) [Datei ist nicht signiert]
FirewallRules: [{88D99470-889D-45D0-AF4B-890C29DE0DF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rome Total War Gold\RomeTW.exe (The Creative Assembly Ltd) [Datei ist nicht signiert]
FirewallRules: [{CFE9C114-F537-4C00-A06A-41031B8FB60A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rome Total War Gold\RomeTW.exe (The Creative Assembly Ltd) [Datei ist nicht signiert]
FirewallRules: [{ED347C13-0891-49A4-B11A-2FD993CA76F7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{515836BE-5504-42BC-A00F-6A56C8C4D78E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe => Keine Datei
FirewallRules: [{DDA9C3CB-1214-405C-8F43-7778B04F77D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe => Keine Datei
FirewallRules: [{9759CA40-9F76-4B65-8266-56D922F7EEF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hellish Quart\Hellish Quart.exe () [Datei ist nicht signiert]
FirewallRules: [{0BE84599-DE6B-4F26-AE1D-5676CC0E34E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hellish Quart\Hellish Quart.exe () [Datei ist nicht signiert]
FirewallRules: [{3E1E8D2D-7CA2-486F-A152-FB4D098521FB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D22D465-F739-4BFB-A589-4E4E36591D58}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78A567DB-0CB1-48AA-B9D1-2758CBAC402B}] => (Allow) C:\Users\Páll\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{02D02765-9F3F-4300-9CD9-6ED00F32CCCE}] => (Allow) C:\Users\Páll\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{653D25F2-8128-4C65-A0B2-B1DD1662C147}] => (Allow) C:\Users\Páll\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{CF0C24E2-88A0-4E63-A29E-F7258BCBF912}C:\gog games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) C:\gog games\wolfenstein the new order\wolfneworder_x64.exe => Keine Datei
FirewallRules: [TCP Query User{69B489DB-1687-4AE8-8A85-838F05BE4BA3}C:\gog games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) C:\gog games\wolfenstein the new order\wolfneworder_x64.exe => Keine Datei
FirewallRules: [{987BC49B-EEDA-435A-AAC8-82C2F48F89B3}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7CBD212-B228-4F8D-BB4C-D5E909A18BE4}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{865DA2EE-A25A-48FB-83CE-4EC558825E08}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C024BD2-9EDD-4EE5-9BCF-EA34CDC8AF51}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2F85DDE-953A-4CD9-A87B-745FA43A294E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8A3E397D-76C2-47B6-98F9-5FB5947FB0B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{509E010C-D013-4F0C-8CE6-E086ABCD3F02}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56C42688-41D4-4BE4-BDC2-28BAA9A1BDB8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4FAE47C1-E782-4A46-B7DA-91C6873B7F5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe (The Creative Assembly Ltd) [Datei ist nicht signiert]
FirewallRules: [{55D95518-5C71-44F7-8970-DBAE7809AA98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe (The Creative Assembly Ltd) [Datei ist nicht signiert]
FirewallRules: [{2D3030DD-EF64-4FC7-BDA7-FDE25248E9A7}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [Datei ist nicht signiert]
FirewallRules: [{5B025E77-A240-43CF-BC62-F9DAD010FF13}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [Datei ist nicht signiert]
FirewallRules: [{E8C6460E-4795-4838-AB7E-B9814D33B8F0}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\FaxApplications.exe (VistaName -> Hewlett-Packard Co.) [Datei ist nicht signiert]
FirewallRules: [{8C08937A-7C68-4CCA-A23A-7B4A1096083C}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\FaxPrinterUtility.exe (VistaName -> Hewlett-Packard Co.) [Datei ist nicht signiert]
FirewallRules: [{0B7EB188-E76E-4B0E-B817-ED13317B62D5}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [Datei ist nicht signiert]
FirewallRules: [{9CEBF324-1973-40DA-B06B-3AF196ABE28D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\SendAFax.exe (VistaName -> Hewlett-Packard Co.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F6BBA465-91D1-45CD-8D1D-A7672EE76FA0}C:\gog games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) C:\gog games\wolfenstein the new order\wolfneworder_x64.exe => Keine Datei
FirewallRules: [TCP Query User{6217295B-2F67-49A2-AB27-D51FFF71866F}C:\gog games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) C:\gog games\wolfenstein the new order\wolfneworder_x64.exe => Keine Datei
FirewallRules: [{E9F8D213-418C-4F2B-955E-7B7BF91790BD}] => (Block) D:\magix\music maker\27\musicmaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{003CAFAC-FAE9-468F-AA31-8D156FDA42D1}] => (Block) D:\magix\music maker\27\musicmaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [UDP Query User{2A943D1A-DFF0-4C80-A43C-203537D3B9F6}D:\magix\music maker\27\musicmaker.exe] => (Allow) D:\magix\music maker\27\musicmaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [TCP Query User{69301664-18C9-4D38-A1D0-B99AA383262A}D:\magix\music maker\27\musicmaker.exe] => (Allow) D:\magix\music maker\27\musicmaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{FBC110EF-9276-48CF-BA74-3D0122E339F4}] => (Block) C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe => Keine Datei
FirewallRules: [{7EC0AD71-7242-4391-B865-F7CE2A9D2998}] => (Block) C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe => Keine Datei
FirewallRules: [UDP Query User{C6CEBF84-964E-4388-BBC8-BAFCDAF31BEA}C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe => Keine Datei
FirewallRules: [TCP Query User{6EC3D20E-992E-4F5B-906A-A81B4CE8B33F}C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe => Keine Datei
FirewallRules: [{5A5052CB-CD91-45E4-AEE9-D37B50180822}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{628858A9-CBAF-4B47-AC6F-8F0E608F6533}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2E1B84F5-986C-4758-B49E-2DE145C9A6EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A85B0E3E-7CA8-4C4B-80E4-43DB4CE407AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CCA29C79-A347-4A33-B111-05C2FF6A52E2}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.exe (Musecy SM Ltd. -> Muse)
FirewallRules: [{728FD8CD-E9AE-46AC-BB29-0114B5895CD3}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1C8BB13F-EA68-49FF-A50D-2AD349590884}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{B859FD5D-817A-4F19-8190-432318E883AC}C:\gog games\old world\oldworld.exe] => (Block) C:\gog games\old world\oldworld.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{FC29BE39-F928-4D8C-811C-DF80A3A69034}C:\gog games\old world\oldworld.exe] => (Block) C:\gog games\old world\oldworld.exe () [Datei ist nicht signiert]
FirewallRules: [{6454C739-7691-421D-A3E5-69D26A0C888C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D071D613-CB54-473F-98E6-40183666A56E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D2FF42E4-0404-4664-AD0D-038BB62D902C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8E4B3347-F708-4111-9396-08564815351F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7760D861-68DF-4852-9E34-0AAA6125A7DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3023554F-AD3D-4D7D-BF74-0868550055D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D1192CE2-0F54-43FA-B500-B46C5F25AC6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{931FF170-4203-4C59-B9C7-E99F68D843DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{76DB5BDE-35AF-44D3-9D57-7EBE9F2CDFC5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E4EB7055-8E99-4D46-81AD-074FF44612F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D2DDD469-8E0B-4BFF-8E60-B5713A35B19D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BEB3177F-FCA6-4E5A-8FFC-D1F3FF1D7FE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DF652755-783A-42D9-8FB0-13452EC3B625}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CEF517E2-C432-421E-A113-480156B20916}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{981F76D3-53FC-4CD6-94B6-6045B094BC2F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
14-04-2025 17:28:00 Windows Update
16-04-2025 15:59:46 Removed Sitala
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (04/17/2025 10:00:12 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.]
Error: (04/17/2025 08:47:50 AM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.
Error: (04/17/2025 08:47:08 AM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.
Error: (04/16/2025 04:09:18 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-8H8CSAR)
Description: Fehlerhafter Anwendungsname: firefox.exe, Version: 137.0.2.563, Zeitstempel: 0x67fce35b
Fehlerhafter Modulname: xul.dll, Version: 137.0.2.563, Zeitstempel: 0x67fce3c3
Ausnahmecode: 0x80000003
Fehleroffset: 0x00000000054a1611
Fehlerhafte Prozess-ID: 0x3908
Fehlerhafte Anwendungsstartzeit: 0x1dbaed8e43539db
Fehlerhafter Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Fehlerhafter Modulpfad: C:\Program Files\Mozilla Firefox\xul.dll
Berichts-ID: 5e37cec6-4e97-48fe-8f89-f86233615359
Vollständiger Name des fehlerhaften Pakets:
Fehlerhafte paketbezogene Anwendungs-ID:
Error: (04/16/2025 03:53:11 PM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.
Error: (04/15/2025 08:33:48 PM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.
Error: (04/14/2025 05:22:13 PM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.
Error: (04/14/2025 08:26:34 AM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.
Systemfehler:
=============
Error: (04/17/2025 10:18:10 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8H8CSAR)
Description: Fehler "1084" in DCOM, als der Dienst "NPSMSvc_48481" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{BCBB9860-C012-4AD7-A938-6E337AE6ABA5}
Error: (04/17/2025 10:18:10 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8H8CSAR)
Description: Fehler "1084" in DCOM, als der Dienst "NPSMSvc_48481" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{BCBB9860-C012-4AD7-A938-6E337AE6ABA5}
Error: (04/17/2025 10:18:10 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8H8CSAR)
Description: Fehler "1084" in DCOM, als der Dienst "NPSMSvc_48481" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{BCBB9860-C012-4AD7-A938-6E337AE6ABA5}
Error: (04/17/2025 10:18:10 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8H8CSAR)
Description: Fehler "1084" in DCOM, als der Dienst "NPSMSvc_48481" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{BCBB9860-C012-4AD7-A938-6E337AE6ABA5}
Error: (04/17/2025 10:18:07 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8H8CSAR)
Description: Fehler "1084" in DCOM, als der Dienst "UdkUserSvc_48481" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
WindowsUdk.UI.Shell.ViewCoordinator
Error: (04/17/2025 10:18:07 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8H8CSAR)
Description: Fehler "1084" in DCOM, als der Dienst "UdkUserSvc_48481" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
WindowsUdkInternal.System.ActivationService
Error: (04/17/2025 10:18:07 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8H8CSAR)
Description: Fehler "1084" in DCOM, als der Dienst "UdkUserSvc_48481" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
WindowsUdk.UI.Shell.ViewCoordinator
Error: (04/17/2025 10:18:07 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8H8CSAR)
Description: Fehler "1084" in DCOM, als der Dienst "camsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
Windows.Internal.CapabilityAccess.CapabilityAccess
Windows Defender:
================
Date: 2025-04-16 19:38:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-15 21:12:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-15 20:28:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-14 09:06:09
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-11 17:43:03
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2025-04-17 10:11:14
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.296.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x8007043c
Error description: Der Dienst kann nicht im abgesicherten Modus gestartet werden.
Date: 2025-04-17 10:01:12
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: Der Dienst kann nicht im abgesicherten Modus gestartet werden.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2025-04-17 09:32:21
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: Der Dienst kann nicht im abgesicherten Modus gestartet werden.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
CodeIntegrity:
===============
Date: 2025-04-17 10:18:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\222.4.5042\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-17 08:47:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\221.4.5365\vulkan-1.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. A.B0 08/11/2022
Hauptplatine: Micro-Star International Co., Ltd. B550-A PRO (MS-7C56)
Prozessor: AMD Ryzen 5 5600X 6-Core Processor
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 16310.09 MB
Verfügbarer physikalischer RAM: 9793.89 MB
Summe virtueller Speicher: 20918.09 MB
Verfügbarer virtueller Speicher: 10186.05 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.71 GB) (Free:557.08 GB) (Model: Samsung SSD 980 PRO 1TB) NTFS
Drive d: (Archiv) (Fixed) (Total:931.39 GB) (Free:262.13 GB) (Model: TOSHIBA HDWD110) NTFS
Drive e: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{5dd90591-b645-4434-8eb7-f8172c484e0d}\ () (Fixed) (Total:0.69 GB) (Free:0.11 GB) NTFS
\\?\Volume{0152c4ad-1b08-4590-88a8-cb263ce40039}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 84543A49)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt =======================
AdwCleaner-Log: Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-23-2025
# Duration: 00:00:10
# OS: Windows 11 (Build 26100.3775)
# Scanned: 32104
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Adware.Heuristic HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1462 octets] - [29/09/2024 19:22:35]
AdwCleaner[C00].txt - [1632 octets] - [29/09/2024 19:22:52]
AdwCleaner[S01].txt - [1584 octets] - [09/11/2024 09:39:08]
AdwCleaner[C01].txt - [1754 octets] - [09/11/2024 09:39:32]
AdwCleaner[S02].txt - [1664 octets] - [09/11/2024 09:42:28]
AdwCleaner[C02].txt - [1854 octets] - [09/11/2024 09:42:36]
AdwCleaner[S03].txt - [1828 octets] - [25/11/2024 22:14:15]
AdwCleaner[C03].txt - [1998 octets] - [25/11/2024 22:14:30]
AdwCleaner[S04].txt - [1950 octets] - [05/12/2024 09:58:19]
AdwCleaner[C04].txt - [2120 octets] - [05/12/2024 09:58:31]
AdwCleaner[S05].txt - [2072 octets] - [12/12/2024 11:03:57]
AdwCleaner[C05].txt - [2242 octets] - [12/12/2024 11:04:04]
AdwCleaner[S06].txt - [2194 octets] - [21/12/2024 13:18:16]
AdwCleaner[C06].txt - [2364 octets] - [21/12/2024 13:18:23]
AdwCleaner[S07].txt - [2316 octets] - [10/01/2025 22:52:42]
AdwCleaner[C07].txt - [2486 octets] - [10/01/2025 22:52:48]
AdwCleaner[S08].txt - [2438 octets] - [24/01/2025 10:51:58]
AdwCleaner[C08].txt - [2608 octets] - [24/01/2025 10:52:03]
AdwCleaner[S09].txt - [2560 octets] - [04/02/2025 21:20:15]
AdwCleaner[C09].txt - [2730 octets] - [04/02/2025 21:20:21]
AdwCleaner[S10].txt - [2682 octets] - [14/02/2025 12:33:38]
AdwCleaner[C10].txt - [2852 octets] - [14/02/2025 12:33:44]
AdwCleaner[S11].txt - [2804 octets] - [01/03/2025 19:10:57]
AdwCleaner[C11].txt - [2974 octets] - [01/03/2025 19:11:02]
AdwCleaner[S12].txt - [2928 octets] - [10/03/2025 16:11:40]
AdwCleaner[C12].txt - [3098 octets] - [10/03/2025 16:11:44]
AdwCleaner[S13].txt - [3048 octets] - [20/03/2025 16:03:53]
AdwCleaner[C13].txt - [3218 octets] - [20/03/2025 16:03:58]
AdwCleaner[S14].txt - [3170 octets] - [25/03/2025 07:38:35]
AdwCleaner[C14].txt - [3340 octets] - [25/03/2025 07:38:40]
AdwCleaner[S15].txt - [3292 octets] - [05/04/2025 09:26:23]
AdwCleaner[C15].txt - [3462 octets] - [05/04/2025 09:26:30]
AdwCleaner[S16].txt - [3414 octets] - [13/04/2025 11:45:15]
AdwCleaner[C16].txt - [3584 octets] - [13/04/2025 11:45:21]
AdwCleaner[S17].txt - [3536 octets] - [17/04/2025 09:21:16]
AdwCleaner[S18].txt - [3597 octets] - [17/04/2025 09:59:51]
AdwCleaner[S19].txt - [3658 octets] - [17/04/2025 10:18:56]
AdwCleaner[C19].txt - [3828 octets] - [17/04/2025 10:38:16]
AdwCleaner[S20].txt - [3780 octets] - [17/04/2025 18:18:03]
AdwCleaner[C20].txt - [3950 octets] - [17/04/2025 18:18:13]
AdwCleaner[S21].txt - [3902 octets] - [18/04/2025 08:09:16]
AdwCleaner[C21].txt - [4072 octets] - [18/04/2025 08:09:20]
AdwCleaner[S22].txt - [4026 octets] - [21/04/2025 08:56:28]
AdwCleaner[C22].txt - [4196 octets] - [21/04/2025 08:56:32]
AdwCleaner[S23].txt - [4146 octets] - [21/04/2025 14:35:27]
AdwCleaner[C23].txt - [4316 octets] - [21/04/2025 14:35:33]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S24].txt ##########
|
