Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Win 10 : WLAN-USB-Sticks nicht migriert - WLAN-Verbindung kann kurz etabliert werden, bricht dann wieder ab (https://www.trojaner-board.de/217930-win-10-wlan-usb-sticks-migriert-wlan-verbindung-kurz-etabliert-bricht-dann-ab.html)

EndeVomLatei 04.01.2026 13:12
Win 10 : WLAN-USB-Sticks nicht migriert - WLAN-Verbindung kann kurz etabliert werden, bricht dann wieder ab
 
Hallo liebe Virenjäger,

das Problem (nicht auf meinem PC) äußert sich wie folgt, hier der zeitliche Ablauf in Kurzform:

1. Realtek WLAN-Stick funktionierte plötzlich nicht mehr
2. Gerätemanager: Gerät funktioniert, aber in den Ereignissen "nicht migriert"
3. Im Gerätemanager deinstallieren (inkl. Treiber): keine Besserung
4. Windows Update: seit 07/2024 keine Updates mehr gefahren. Updates nachgeholt (Netzwerk per USB-Tethering problemlos möglich)
5. Diverse unnütze Tools (CCleaner, "PC-schneller-macher", etc.) entfernt
6. SFC /SCANNOW: Einige Probleme entfernt, keine Besserung
7. BIOS Update (um eine Version), keine Besserung
8. Alternativen WLAN-Stick (UGreen) ohne mein Beisein installiert, funktioniert nicht.
9. Finde neuen WLAN-Stick als Memory-Stick im Gerätemanager (??). Wieder Ereignismeldung "nicht migriert"
10. Im Gerätemanager deinstallert, Treiber heruntergeladen, über Treibersetup neu installiert
11. Wieder Ereignismeldung "nicht migriert"
12. WLAN-Verbindungsaufbau (Netzwerk sehen und auswählen, Paßwort eingeben, verbinden) dennoch erfolgreich (??)
13. Nach ca. 30 sec WLAN-Verbindung wieder weg (schlechtes Signal ausgeschlossen, Rechner steht 3m neben Fritzbox). Erneuter Aufbau nicht erfolgreich.
14. FRST ausgeführt, Logs siehe unten (FRST.txt in diesem Beitrag, Addition.txt im nächsten)
15. SFC /SCANNOW : keine Integritätsverletzungen

Bei Punkt 13 begann ich mich zu fragen ob hier ein Virenbefall vorliegt.

Windows Defender zeigt keine Probleme an.
Es war auf dem Rechner mal ein Avira Antivir, wurde entfernt.

FRST.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
durchgeführt von Horst (Administrator) auf DESKTOP-7PAH99J (Gigabyte Technology Co., Ltd. Q170M-D3H) (04-01-2026 12:00:17)
Gestartet von B:\SIK Handy Papa 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\Downloads\scoped_dir9560_2142170738\FRST64.exe
Geladene Profile: Horst
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.6466 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser nicht gefunden!
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\125.0.5729.49\opera_crashreporter.exe
(C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2587.9.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\143.0.3650.96\msedgewebview2.exe <6>
(DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxEM.exe
(explorer.exe ->) (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH) C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck_Broker.exe
(explorer.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2587.9.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msdt.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <29>
(Geek Software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(PrintCtrl.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe <2>
(services.exe ->) () [Datei ist nicht signiert] C:\Windows\System32\atwtusb.exe <2>
(services.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (AIC Semiconductor (Shanghai) Co., Ltd. -> AIC Semiconductor) C:\Program Files\Ugreen\AicWifiService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\IntelCpHeciSvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [595080 2019-03-21] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [MacrokeyManager] => C:\WINDOWS\system32\WTMKM.exe [7329792 2011-06-01] () [Datei ist nicht signiert]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Ashampoo Backup] => "C:\Program Files\Ashampoo\Ashampoo Backup 2023\bin\backupClient-ab.exe" --hidden (Keine Datei)
HKLM\...\Run: [Ashampoo Backup PB] => C:\Program Files\Ashampoo\Ashampoo Backup Pro 17\bin\backupClient-abpb.exe [955240 2023-12-05] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-25] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [PDF24] => B:\Programme\PDF24\pdf24.exe [669920 2025-06-23] (Geek Software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [PDF24] => C:\Program Files (x86)\PDF24\pdf24.exe [576224 2025-09-15] (Geek Software GmbH -> geek software GmbH)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ACHTUNG
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ACHTUNG
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [] => [X]
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPGE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPGE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45741280 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [MicrosoftEdgeAutoLaunch_6E2C73815817D7E02B41C013F4C55849] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4228688 2025-12-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [Opera Stable] => C:\Program Files\Opera\opera.exe [2088408 2025-12-22] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe [1027600 2023-05-22] (MAGIX Software GmbH -> MAGIX)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [Spotify] => C:\Users\Horst\AppData\Roaming\Spotify\Spotify.exe [35433288 2025-03-11] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [com.doctolib.pro.desktop] => C:\Program Files\Doctolib\Doctolib.exe [180509488 2024-07-26] (Doctolib SAS -> Doctolib)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [OpenOffice Updater] => C:\Users\Horst\AppData\Roaming\OpenOffice Updater\Updater.exe [367480 2021-07-28] (Arne Koenig -> ) <==== ACHTUNG
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\MountPoints2: {bcec7c50-56f3-11ed-b1c9-806e6f6e6963} - "E:\Adobe CS6\Set-up.exe"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [6089584 2025-12-22] (Microsoft Windows -> Microsoft Corporation) <==== ACHTUNG
HKLM\...\Windows x64\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll [51848 2018-09-14] (ActMask Group Co., Ltd -> ActMask Co.,Ltd)
HKLM\...\Windows x64\Print Processors\hpcpp103: C:\Windows\System32\spool\prtprocs\x64\hpcpp103.dll [323584 2010-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP560 series: CNMLMA0.DLL (Keine Datei)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [336896 2009-04-03] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\EPSON XP-960 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBPGE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\EverDoc: C:\WINDOWS\system32\mfilemon.dll [972000 2016-02-17] (Open Source Developer, Lorenzo Monti -> Monti Lorenzo)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files (x86)\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\143.0.7499.170\Installer\chrmstp.exe [2025-12-27] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StartRLCMS.lnk [2021-02-24]
ShortcutTarget: StartRLCMS.lnk -> C:\ProgramData\Reallusion\RLRunUtility.exe (Reallusion Inc. -> )
BootExecute: autocheck autochk * bddel.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1A6AE2FB-C6E6-4320-B8E8-576D227C9E04} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {DB83630F-E04C-4DF1-AE07-E3A08F471FC4} - \FreeDownloadManagerNetworkMonitor -> Keine Datei <==== ACHTUNG
Task: {097F5BEC-6A24-448D-9255-3E9963341D8A} - System32\Tasks\{0882A554-C370-450E-BEA8-6C820776BEBB} => C:\Windows\System32\pcalua.exe [91136 2025-12-22] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\Adobe\Acrobat8\Adobe Acrobat 8 Professional\instmsia.exe" -d "C:\Program Files (x86)\Adobe\Acrobat8\Adobe Acrobat 8 Professional"
Task: {45566E1D-9E2B-447E-A4FB-E0D8D0621779} - System32\Tasks\{379498D6-842E-44B9-B87D-06A708419469} => C:\Windows\System32\pcalua.exe [91136 2025-12-22] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Horst\Downloads\APRO23_Win_ESD1_WWEFG.exe -d C:\Users\Horst\Downloads
Task: {0BE90A69-C33D-4C38-BC7D-B5EAAD27F8EA} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-7PAH99J-Horst => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B42EDF9F-F32D-4E30-AB6F-E88CF0059F44} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {51F44CB4-2023-475C-824D-5EF6D42DB0C2} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [11065256 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C012D1EB-A351-4A91-9F2C-223A0C7161D6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {9ECC77DF-A90B-4E1B-80F7-188C8390619F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {F6BF46C4-BD43-4B41-B6E1-E74D89F5E48F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "1e4c18f7-3906-405b-934e-816f7137dc7f" --version "6.38.0.11537" --silent
Task: {10C01E53-9628-4F59-BF0D-DB4A6EDC2FFF} - System32\Tasks\CCleanerSkipUAC - Horst => C:\Program Files\CCleaner\CCleaner.exe [39575776 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {64700C20-8F60-44B1-9E1C-39DFA6998F45} - System32\Tasks\EPSON XP-960 Series Update {EEA69949-4F01-4179-8AA6-3B8FC338600E} => C:\Windows\System32\spool\drivers\x64\3\E_YTSPGE.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {762A5246-5556-4A8B-8132-59E4094E6897} - System32\Tasks\GMX Update => C:\Users\Horst\AppData\Local\1&1 Mail & Media GmbH\MCDS\1\Application\1\GMX_Update.exe [1467320 2021-04-20] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Task: {39F54204-4FFC-47CE-B968-0767A9B1F565} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem144.0.7547.4{355534B7-F9CB-4F05-BD58-1FB49FEFDA4B} => C:\Program Files (x86)\Google\GoogleUpdater\144.0.7547.4\updater.exe [7056536 2025-12-08] (Google LLC -> Google LLC)
Task: {27DC19EB-2DF5-4D25-86F6-7E86BE21A2BF} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [11507504 2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {648224D2-F2DA-4A4E-A0D4-8D912799CB57} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D455488-DB27-4886-A3FC-AE58ED370DB8} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\opushutil.exe [61728 2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E7B3555-3E08-4099-B317-E7C1D5E2F872} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {53EE5140-04B4-4E25-A03C-E7EE18C1B621} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [230656 2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BCB6923-EF1D-470C-A1DC-58AE21358096} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [230656 2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD687DA7-3338-47B0-AFB9-C92B69375374} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [11507504 2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {056825A5-328E-4D1B-B2F8-90D6829A7625} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AED84AFC-3C29-45E4-9661-30840D456B83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {12FE138F-7FA7-4B0B-AE93-267ACD897969} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7D2FE94-5B8C-491F-802E-7779303B0223} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9080701E-47AE-4DA5-B0A2-9573112709ED} - System32\Tasks\NCH Software\MixPadUpdateCheck => C:\Program Files (x86)\NCH Software\MixPad\mixpad.exe [10931200 2025-11-24] (NCH Software, Inc. -> NCH Software)
Task: {EA7B1BAB-3A10-44FF-90BD-6E5A748C770B} - System32\Tasks\NCH Software\SwitchUpdateCheck => C:\Program Files (x86)\NCH Software\Switch\switch.exe [6256632 2025-12-15] (NCH Software, Inc. -> NCH Software)
Task: {383E2531-81BA-4AC7-ADBB-972DB9E5E125} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [15140336 2025-10-10] (NCH Software, Inc. -> NCH Software)
Task: {2A7777B1-2F10-4196-BE3F-E3737F79F729} - System32\Tasks\NCH Software\VideoPadUpdateCheck => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [15140336 2025-10-10] (NCH Software, Inc. -> NCH Software)
Task: {773D90A8-88DE-4D2E-A88E-2C5E55B51A6E} - System32\Tasks\NCH Software\WavePadUpdateCheck => C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe [10205680 2025-12-02] (NCH Software, Inc. -> NCH Software)
Task: {4C34F98E-6AB6-4B42-9880-53F5AFF56214} - System32\Tasks\Opera scheduled assistant Autoupdate 1582821198 => C:\Program Files\Opera\autoupdate\opera_autoupdate.exe [6233560 2025-12-18] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --installdir="C:\Program Files\Opera\assistant" --producttype=assistant $(Arg0)
Task: {BCD66482-BDC6-488D-8561-BCFF63B89F24} - System32\Tasks\Opera scheduled Autoupdate 1505550991 => C:\Program Files\Opera\autoupdate\opera_autoupdate.exe [6233560 2025-12-18] (Opera Norway AS -> Opera Software)
Task: {2B4826E9-83F0-4EEC-AD6E-B060778107CC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5751664 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {5C6012C4-50A8-48BA-8941-26B0122BE354} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6191000 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {7970172B-21BC-4F02-AFBC-2E844D497B48} - System32\Tasks\SEO => C:\Users\Horst\AppData\Roaming\SEO\SEO.exe  (Keine Datei) <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-960 Series Update {EEA69949-4F01-4179-8AA6-3B8FC338600E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPGE.EXE:/EXE:{EEA69949-4F01-4179-8AA6-3B8FC338600E} /F:UpdateWORKGROUP\DESKTOP-7PAH99J$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.68.204
Tcpip\..\Interfaces\{426751f0-7da5-4fc1-9ed5-96f93f71afc4}: [DhcpNameServer] 192.168.68.204
Tcpip\..\Interfaces\{81597995-380e-4483-8ef9-4e2404d531b7}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{81597995-380e-4483-8ef9-4e2404d531b7}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{a8743275-c269-41a2-b64f-63cba816211a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a8743275-c269-41a2-b64f-63cba816211a}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{a8743275-c269-41a2-b64f-63cba816211a}\35F657E6462416273556475707F563335493: [DhcpNameServer] 10.10.10.254
Tcpip\..\Interfaces\{c94ac666-3758-47d9-8756-47598b969e9e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c94ac666-3758-47d9-8756-47598b969e9e}: [DhcpDomain] fritz.box
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default [2026-01-04]
Edge DownloadDir: Default -> G:\Downloads
Edge Notifications: Default -> hxxps://de.softonic.com; hxxps://web.whatsapp.com; hxxps://www.chip.de; hxxps://www.computerbild.de; hxxps://www.facebook.com; hxxps://www.mein-schoener-garten.de; hxxps://www.tah.de; hxxps://www.youtube.com
Edge HomePage: Default -> hxxps://
Edge Extension: (Avira Safe Shopping) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2025-12-27]
Edge Extension: (Avira Password Manager) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2025-03-21]
Edge Extension: (Coole Cursor für Chrome ™) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\empjidjbllcmlgaobahepkijkfmfkjdb [2023-07-30]
Edge Extension: (SFL) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\epoipicdijmpedfdkjamnjfgodfjojad [2024-10-05]
Edge Extension: (Google Docs Offline) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-12-20]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-12-12]
Edge Extension: (Edge relevant text changes) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (The Mist) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npkohagpnckpnhenpjeeggdngjphfgkn [2025-08-26]
Edge Profile: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2025-11-21]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2019-10-23] [] [ist nicht signiert]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-12-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2011-07-26] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-12-12] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default [2025-12-14]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "hxxps://"
CHR DefaultSearchURL: Default -> hxxps://search-io.com/search?iid=34f25b56-3e5a-4ebe-8e4b-0f07b728f16b&src=chrome&q={searchTerms}
CHR DefaultSearchKeyword: Default -> chromesearch
CHR DefaultNewTabURL: Default -> hxxps://activelysearching.com
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2025-04-18]
CHR Extension: (Avira Safe Shopping) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2025-11-13]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-12-12]
CHR Extension: (Coole Cursor für Chrome ™) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\empjidjbllcmlgaobahepkijkfmfkjdb [2024-01-01]
CHR Extension: (SFL) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\epoipicdijmpedfdkjamnjfgodfjojad [2024-10-06]
CHR Extension: (Google Docs Offline) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-13]
CHR Extension: (Saferduck) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjdjgnojiionckfmaobhcgeahdndmhgf [2021-08-02]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-12-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-07]
CHR HKU\S-1-5-21-947909773-2885354443-2675781160-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\opera.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2017-09-26] (Adobe Systems) [Datei ist nicht signiert]
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-12-12] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [11081128 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AicWifiServiceD80; C:\Program Files\Ugreen\AicWifiService.exe [35352 2024-03-21] (AIC Semiconductor (Shanghai) Co., Ltd. -> AIC Semiconductor)
S3 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 17\bin\backupService-abpb.exe [39272 2023-12-05] (Ashampoo GmbH & Co. KG -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13419408 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
S3 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe [133736 2025-08-27] (Intel Corporation -> Intel)
S3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe [133224 2025-08-27] (Intel Corporation -> Intel)
S3 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 GMX_MailCheck_Update; C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck_Update.exe [933784 2022-08-10] (1&1 Mail & Media GmbH -> Pixality Computersysteme GmbH)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [244232 2025-12-29] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-13] (Macrovision Corporation) [Datei ist nicht signiert]
S4 Lightkey Service; C:\Program Files (x86)\Lightkey Sources LTD\Lightkey\LightkeyCentralService.exe [134288 2021-08-15] (LIGHTKEY SOURCES LTD -> LIGHTKEY SOURCES LTD)
S4 LightkeyNeural; C:\Program Files (x86)\Lightkey Sources LTD\Lightkey\LightkeyNeuralService.exe [43648272 2021-08-15] (LIGHTKEY SOURCES LTD -> )
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpDefenderCoreService.exe [2063376 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero 2017\Nero BackItUp\NBService.exe [287088 2016-08-09] (Nero AG -> Nero AG)
S3 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [18135808 2023-11-15] (Logitech Inc -> Logitech, Inc.)
S3 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [576224 2025-09-15] (Geek Software GmbH -> geek software GmbH)
S3 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S3 RLHostService; C:\Program Files (x86)\Common Files\Reallusion\RLHostService\RLHostService.exe [280072 2021-02-25] (Reallusion Inc. -> Reallusion.Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803064 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\NisSrv.exe [4426832 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe [290704 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTService; C:\WINDOWS\system32\atwtusb.exe [916992 2011-04-27] () [Datei ist nicht signiert]
S3 LibreOfficeMaintenance; "B:\Program Files\LibreOffice\program\update_service.exe" [X]
S4 RunSwUSB; C:\Windows\runSW.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 aicloadfw; C:\WINDOWS\System32\drivers\aicloadfw.sys [1060984 2024-05-08] (AIC Semiconductor (Shanghai) Co., Ltd. -> )
R3 aicusbwifi; C:\WINDOWS\System32\drivers\aicusbwifi.sys [1219688 2024-05-13] (AIC Semiconductor (Shanghai) Co., Ltd. -> )
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation -> B.H.A Corporation)
S3 cpuz161; C:\ProgramData\CPUID Software\cpu-z\KICxMQHHatRI [44680 2025-12-22] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [175824 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [33768 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_7e337195b92a35b6\e1d.sys [611936 2023-08-31] (Intel Corporation -> Intel Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-14] (Martin Malik - REALiX -> REALiX(tm))
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [79624 2022-01-25] (Intel Corporation -> Intel Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333192 2025-12-22] (Microsoft Windows -> Microsoft Corporation)
S3 MirayVirtualDisk; C:\WINDOWS\System32\drivers\mvdo.sys [405200 2022-10-14] (Miray Software AG -> Miray)
S3 mmrv-abpb; C:\Program Files\Ashampoo\Ashampoo Backup Pro 17\bin\mmrv-abpb.sys [59424 2023-12-05] (Ashampoo GmbH & Co. KG -> )
R3 moufiltr; C:\WINDOWS\System32\drivers\moufiltr.sys [7680 2009-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S3 NewAudioTechnologySpatialSoundCard; C:\WINDOWS\System32\drivers\vacnatkd.sys [114008 2020-06-15] (New Audio Technology GmbH -> NEW AUDIO TECHNOLOGY)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 PCWinSoft; C:\WINDOWS\System32\drivers\scrcamnetdriver_x64.sys [241800 2012-10-12] (PCWinSoft Systems Informatica Ltda -> Windows (R) Server 2003 DDK provider)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-10-16] (Corel Corporation -> Corel Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12423864 2025-08-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174264 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 vhidmini; C:\WINDOWS\System32\drivers\walvhid.sys [7552 2009-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21928 2025-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [635272 2025-12-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102792 2025-12-22] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; kein ImagePath
U1 avgbdisk; kein ImagePath
U3 dmwappushsvc; kein ImagePath
S3 MpKsl508b8475; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B783D0E7-2F4D-4516-A1FB-5BFAE2CE29B6}\MpKslDrv.sys [X]
S3 MpKsl621d7010; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B783D0E7-2F4D-4516-A1FB-5BFAE2CE29B6}\MpKslDrv.sys [X]
S3 MpKsl7b9fff18; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B783D0E7-2F4D-4516-A1FB-5BFAE2CE29B6}\MpKslDrv.sys [X]
S3 MpKsle9233a68; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B783D0E7-2F4D-4516-A1FB-5BFAE2CE29B6}\MpKslDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Drei Monate (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-01-04 11:59 - 2026-01-04 12:01 - 000000000 ____D C:\FRST
2026-01-04 11:57 - 2026-01-04 11:57 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2026-01-04 11:57 - 2026-01-04 11:57 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2026-01-04 11:13 - 2026-01-04 11:15 - 544383370 _____ C:\Users\Horst\Documents\registry 2026-01-04.reg
2026-01-04 10:49 - 2026-01-04 11:58 - 000004944 _____ C:\WINDOWS\AicWifiServiceLog.txt
2026-01-04 10:49 - 2026-01-04 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ugreen
2026-01-04 10:49 - 2026-01-04 10:49 - 000000000 ____D C:\Program Files\Ugreen
2026-01-04 10:49 - 2024-05-13 06:05 - 001219688 _____ C:\WINDOWS\system32\Drivers\aicusbwifi.sys
2026-01-04 10:49 - 2024-05-08 03:42 - 001060984 _____ C:\WINDOWS\system32\Drivers\aicloadfw.sys
2026-01-04 10:48 - 2024-11-29 06:51 - 000000000 ____D C:\Users\Horst\Desktop\CM762_Driver_V1.2
2025-12-30 17:39 - 2025-12-30 17:39 - 000000000 ____D C:\Users\Horst\Desktop\2012_06_16 - Goldene Hochzeit Waltraud und Wilfried in Alten´s Ruh´, Wunstorf__ Sicherheitskopie in FOTO_Laufwerk Z
2025-12-29 15:49 - 2026-01-02 20:35 - 000000000 ____D C:\Users\Horst\Desktop\Urlaub Eifel
2025-12-27 20:34 - 2025-12-27 20:38 - 000000000 ___HD C:\$WinREAgent
2025-12-23 21:55 - 2025-12-23 21:55 - 000500736 _____ (Realtek) C:\WINDOWS\SwUSB.exe
2025-12-23 21:55 - 2025-12-23 21:55 - 000044760 _____ () C:\WINDOWS\runSW umbenannt.exe
2025-12-23 21:43 - 2025-12-23 21:43 - 000000000 ____D C:\Program Files (x86)\Cisco
2025-12-23 21:37 - 2025-12-23 21:37 - 000003542 _____ C:\WINDOWS\system32\Tasks\SEO
2025-12-23 20:48 - 2025-12-23 20:48 - 000000887 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2025-12-23 20:48 - 2025-12-23 20:48 - 000000000 ____D C:\Users\Horst\AppData\Local\VS Revo Group
2025-12-22 23:20 - 2025-12-22 23:20 - 000000000 ____D C:\Users\Horst\Desktop\mb_bios_ga-q170m-d3h_f23d
2025-12-22 23:11 - 2025-12-22 23:11 - 000000884 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2025-12-22 23:11 - 2025-12-22 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2025-12-22 23:11 - 2025-12-22 23:11 - 000000000 ____D C:\ProgramData\CPUID Software
2025-12-22 23:11 - 2025-12-22 23:11 - 000000000 ____D C:\Program Files\CPUID
2025-12-22 22:35 - 2025-12-22 22:35 - 000000000 ____D C:\inetpub
2025-12-22 22:20 - 2025-12-22 22:20 - 000023734 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-12-22 22:17 - 2025-12-22 22:17 - 000023734 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-12-22 21:57 - 2024-10-17 03:54 - 000174264 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2025-12-22 21:51 - 2024-10-17 03:53 - 000175824 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2025-12-22 21:43 - 2025-12-22 21:43 - 000004006 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1505550991
2025-12-22 21:43 - 2025-12-22 21:43 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2025-12-22 19:38 - 2025-12-23 18:28 - 005616792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-12-21 14:33 - 2025-12-21 14:33 - 000000000 ____D C:\Users\Horst\.openjfx
2025-12-21 14:33 - 2025-12-21 14:33 - 000000000 ____D C:\Users\Horst\.deepartcreator
2025-12-21 14:29 - 2025-12-18 12:31 - 000001513 _____ C:\Users\Horst\Desktop\Aktivierungsanleitung.txt
2025-12-21 14:27 - 2025-12-21 14:28 - 393076295 _____ C:\Users\Horst\Downloads\CHIP_-_DeepArt_Creator (2).zip
2025-12-21 14:26 - 2025-12-21 14:27 - 393076295 _____ C:\Users\Horst\Downloads\CHIP_-_DeepArt_Creator.zip
2025-12-21 14:25 - 2025-12-21 14:26 - 005235880 _____ (BurdaForward GmbH) C:\Users\Horst\Documents\Vollversion_ Deep Art Creator - KI-Bildgenerator - CHIP Installer _35vFv.exe
2025-12-19 19:24 - 2025-12-19 19:27 - 000000000 ____D C:\Users\Horst\Desktop\VIDEOBEARBEITUNG MUSIK - RECORDER - SOUNDBEARBEITUNG
2025-12-18 20:52 - 2025-12-18 20:52 - 000000039 _____ C:\Users\Horst\AppData\Local\kritadisplayrc
2025-12-18 12:19 - 2025-12-18 12:19 - 005235880 _____ (BurdaForward GmbH) C:\Users\Horst\Documents\Vollversion_ BeckerCAD 12 3D - CHIP Installer _fhw6v.exe
2025-12-18 11:18 - 2025-12-18 11:18 - 000000000 ____D C:\Users\Horst\Documents\VideoPad Projekte
2025-12-17 19:06 - 2025-12-17 19:06 - 000001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video-Editor.lnk
2025-12-17 19:06 - 2025-12-17 19:06 - 000001347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Audio-Converter.lnk
2025-12-17 19:05 - 2025-12-17 19:05 - 000001415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc-Brennprogramm.lnk
2025-12-17 19:05 - 2025-12-17 19:05 - 000001357 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixPad Musikstudio-Software.lnk
2025-12-17 19:05 - 2025-12-17 19:05 - 000000000 ____D C:\Users\Horst\Documents\Mixpad Projects
2025-12-17 19:04 - 2025-12-17 19:04 - 000001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Audio-Editor.lnk
2025-12-17 18:59 - 2025-12-17 18:59 - 000001233 _____ C:\Users\Public\Desktop\MyKeyFinder.lnk
2025-12-17 18:59 - 2025-12-17 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyKeyFinder
2025-12-17 18:59 - 2025-12-17 18:59 - 000000000 ____D C:\Program Files (x86)\MyKeyFinder
2025-12-17 18:53 - 2026-01-02 23:32 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Ashampoo Snap 16
2025-12-17 18:00 - 2025-12-18 21:50 - 000000000 ____D C:\Users\Horst\HDR Projects 9 Pro
2025-12-17 17:52 - 2025-12-17 17:53 - 227531339 _____ C:\Users\Horst\Downloads\CHIP-Ashampoo_Snap_16.zip
2025-12-17 17:47 - 2025-12-17 17:48 - 008688680 _____ (Abelssoft ) C:\Users\Horst\Documents\MyKeyFinder_setup.exe
2025-12-17 17:36 - 2025-12-17 17:36 - 029255160 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Horst\Documents\ashampoo_winoptimizer_27_47122.exe
2025-12-16 15:04 - 2025-12-16 15:04 - 001262796 _____ C:\Users\Horst\Downloads\CHIP_Ascomp_Backup_Maker.zip
2025-12-16 15:02 - 2025-12-16 15:02 - 005235880 _____ (BurdaForward GmbH) C:\Users\Horst\Documents\Vollversion_ Backup Maker Professional - CHIP Installer _hEj6v.exe
2025-12-15 23:23 - 2025-12-15 23:23 - 000000000 ____D C:\Users\Horst\Desktop\IMG_20241214_214816_DRO.sharpendata
2025-12-15 22:36 - 2025-12-15 22:37 - 378915001 _____ C:\Users\Horst\Downloads\3-in1-Paket_fuer_Schwarz-Weiss-Fotografie (2).zip
2025-12-15 22:10 - 2025-12-15 22:10 - 000001474 _____ C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WO27.lnk
2025-12-15 22:05 - 2025-12-15 22:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Translation
2025-12-15 22:05 - 2025-12-15 22:05 - 000000000 ____D C:\WINDOWS\SysWOW64\data
2025-12-15 19:43 - 2025-12-15 22:44 - 000000000 ____D C:\Users\Horst\BlackWhite Projects 6 Pro
2025-12-15 19:36 - 2025-12-15 19:37 - 378915001 _____ C:\Users\Horst\Downloads\3-in1-Paket_fuer_Schwarz-Weiss-Fotografie.zip
2025-12-15 19:27 - 2025-12-15 19:53 - 000000000 ____D C:\Users\Horst\AppData\Roaming\neroaiu
2025-12-15 19:27 - 2025-12-15 19:27 - 000000000 ____D C:\Users\Horst\Documents\NeroAIU
2025-12-15 19:16 - 2025-12-15 19:16 - 000000000 ____D C:\WINDOWS\nsxCDF2.tmp
2025-12-15 19:15 - 2025-12-15 19:35 - 000000000 ____D C:\Users\Horst\AppData\Roaming\nerostart
2025-12-15 19:12 - 2025-12-15 19:13 - 165313141 _____ C:\Users\Horst\Downloads\CHIP_Nero_AI_Image_Upscaler_Pro (2).zip
2025-12-15 19:10 - 2025-12-15 19:11 - 165313141 _____ C:\Users\Horst\Downloads\CHIP_Nero_AI_Image_Upscaler_Pro.zip
2025-12-15 19:06 - 2025-12-15 19:06 - 016754854 _____ C:\Users\Horst\Downloads\CHIP_Wise_Care_365 (2).zip
2025-12-15 13:24 - 2025-12-15 13:24 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Wise Utilities
2025-12-14 22:57 - 2025-12-23 21:15 - 000000004 ___SH C:\WINDOWS\wisefs.dat
2025-12-12 11:26 - 2025-12-12 11:26 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials Vision SE 2026.lnk
2025-12-12 11:21 - 2025-12-12 11:21 - 006762626 _____ C:\Users\Horst\Downloads\CHIP_Audials_Vision_2026_SE (3).zip
2025-12-12 11:17 - 2025-12-12 11:17 - 006762626 _____ C:\Users\Horst\Downloads\CHIP_Audials_Vision_2026_SE (2).zip
2025-12-12 11:13 - 2025-12-12 11:13 - 006762626 _____ C:\Users\Horst\Downloads\CHIP_Audials_Vision_2026_SE.zip
2025-12-12 11:11 - 2025-12-12 11:11 - 005235880 _____ (BurdaForward GmbH) C:\Users\Horst\Documents\Vollversion_ Audials Vision 2026 SE - CHIP Installer _pderv.exe
2025-12-12 10:19 - 2025-12-15 19:16 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-12-06 20:12 - 2025-12-06 20:12 - 000000000 ____D C:\Users\Horst\.ms-ad
2025-12-05 22:37 - 2025-12-05 22:37 - 001860782 _____ C:\Users\Horst\Documents\NIK-ColorEfex.pdf
2025-12-02 14:15 - 2025-12-02 14:15 - 000000000 ____D C:\Plugins SHARPEN #5 professional
2025-12-02 14:14 - 2025-12-02 14:15 - 000000000 ____D C:\Anleitungsvideos
2025-12-01 20:43 - 2025-12-01 20:43 - 000000000 ____D C:\Users\Horst\.fop
2025-11-29 11:27 - 2025-11-29 11:27 - 000000000 ____D C:\Users\Horst\AppData\Roaming\com.example
2025-11-29 11:23 - 2025-11-29 11:23 - 025196296 _____ (WinZip Computing) C:\Users\Horst\Documents\winzip77-bing.exe
2025-11-28 19:37 - 2025-11-28 19:38 - 005235880 _____ (BurdaForward GmbH) C:\Users\Horst\Documents\7-Zip (64 Bit) - CHIP Installer _suDJv.exe
2025-11-26 17:34 - 2025-11-26 17:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Sfxs
2025-11-26 17:34 - 2025-11-26 17:34 - 000000000 ____D C:\WINDOWS\SysWOW64\lang
2025-11-26 17:34 - 2025-11-26 17:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Icons
2025-11-26 17:34 - 2025-11-26 17:34 - 000000000 ____D C:\WINDOWS\SysWOW64\HELP
2025-11-23 23:14 - 2026-01-02 20:04 - 000000000 ____D C:\Users\Horst\Desktop\BILDBEARBEITUNG - CAT - PRESETS - HINTERGRÜNDE
2025-11-23 20:48 - 2025-12-18 19:41 - 000000000 ____D C:\Users\Horst\Sharpen 5 Pro
2025-11-22 19:44 - 2025-11-22 19:44 - 000000000 ____D C:\WINDOWS\nstEAB2.tmp
2025-11-21 19:55 - 2025-11-21 19:55 - 002566832 _____ C:\Users\Horst\Documents\FreeImage_23-04-25.zip
2025-11-21 18:25 - 2025-11-21 18:27 - 000000000 ____D C:\Users\Horst\Desktop\2017 Weihnachten
2025-11-20 21:14 - 2025-11-20 21:44 - 1152595296 _____ C:\Users\Horst\Documents\LUT-1_professional_Video-Anleitung.zip
2025-11-20 20:24 - 2025-11-20 20:23 - 006588086 _____ C:\Users\Horst\Documents\SHARPEN projects professional - Handbuch.pdf
2025-11-16 20:03 - 2025-11-16 20:03 - 000000000 ____D C:\Users\Horst\Documents\makehuman
2025-11-15 16:11 - 2025-12-20 23:39 - 000000000 ____D C:\Users\Horst\Desktop\Wartung
2025-11-14 21:31 - 2025-11-14 21:31 - 000004214 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582821198
2025-11-14 15:28 - 2025-11-14 15:28 - 213710989 _____ C:\Users\Horst\Documents\70-Free-Overlays-Download-by-Fotoworkshop-Stuttgart-de.zip
2025-11-13 21:55 - 2025-12-31 13:35 - 000000000 ____D C:\Users\Horst\Desktop\2015-25-12 - Heiligabend__Sicherheitskopie in Laufwerk SIKO Foto (Z)
2025-11-13 21:55 - 2025-11-13 21:59 - 000000000 ____D C:\Users\Horst\Desktop\2015-23-07 - Ballonflug  - Datensicherung in Laufwerk SIKO Foto (Z)
2025-11-11 21:35 - 2025-11-11 21:35 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoZoom Pro 9
2025-11-11 21:35 - 2025-11-11 21:35 - 000000000 ____D C:\Program Files\PhotoZoom Pro 9
2025-11-11 21:03 - 2025-11-11 21:03 - 000097970 _____ C:\Users\Horst\Documents\franzis.de_checkout_finish_sUniqueID_90X17340YY668854P.pdf
2025-11-11 20:30 - 2025-11-11 20:33 - 559563662 _____ C:\Users\Horst\Documents\31607-3_SHARPEN-projects-5-professional_winde.zip
2025-11-08 21:22 - 2025-11-08 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2025-11-08 21:20 - 2025-11-08 21:22 - 000000000 ____D C:\Program Files (x86)\PDF24
2025-11-06 12:33 - 2025-11-06 12:33 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS2.lnk
2025-11-04 22:18 - 2025-11-04 22:23 - 000012705 _____ C:\Users\Horst\P1070679_80_81_82_83_84_85.neatProject
2025-11-04 22:18 - 2025-11-04 22:23 - 000000000 ____D C:\Users\Horst\P1070679_80_81_82_83_84_85.neatdata
2025-11-04 22:14 - 2025-11-04 22:14 - 000003409 _____ C:\Users\Horst\Meine Farb-Ebenen.cml
2025-10-30 19:15 - 2025-10-30 19:15 - 000024660 _____ C:\Users\Horst\Documents\pastor-juergen-**********-20251029-140445.pdf
2025-10-29 22:38 - 2025-10-29 22:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUserPEH
2025-10-29 19:13 - 2025-10-29 19:12 - 000369631 _____ C:\Users\Horst\Documents\Ashampoo_Snap_Mittwoch, 29. Oktober 2025_12h43m37s (1).pdf
2025-10-29 19:13 - 2025-10-29 19:12 - 000346536 _____ C:\Users\Horst\Documents\Ashampoo_Snap_Mittwoch, 29. Oktober 2025_12h17m48s (1).pdf
2025-10-29 19:13 - 2025-10-29 19:12 - 000204195 _____ C:\Users\Horst\Documents\Ashampoo_Snap_Mittwoch, 29. Oktober 2025_18h27m15s (1).pdf
2025-10-29 18:38 - 2025-10-29 18:36 - 000369631 _____ C:\Users\Horst\Documents\Ashampoo_Snap_Mittwoch, 29. Oktober 2025_12h43m37s.pdf
2025-10-29 18:38 - 2025-10-29 18:36 - 000346536 _____ C:\Users\Horst\Documents\Ashampoo_Snap_Mittwoch, 29. Oktober 2025_12h17m48s.pdf
2025-10-29 18:38 - 2025-10-29 18:36 - 000204195 _____ C:\Users\Horst\Documents\Ashampoo_Snap_Mittwoch, 29. Oktober 2025_18h27m15s.pdf
2025-10-29 18:34 - 2025-10-29 18:33 - 000346536 _____ C:\Users\Horst\Documents\Ashampoo_Snap_Mittwoch, 29. Oktober 2025_ - Citycare24- 12h17m48s.pdf
2025-10-29 18:09 - 2025-10-29 18:09 - 000329024 _____ C:\Users\Horst\Documents\Ashampoo_Snap_Mittwoch, 29. Oktober 2025_12h43m37s.tif
2025-10-29 11:19 - 2025-10-29 11:19 - 000000000 ____D C:\WINDOWS\nsqDED5.tmp
2025-10-28 22:34 - 2025-10-28 22:34 - 000000000 ____D C:\Program Files (x86)\LibreOffice Maintenance Service
2025-10-28 20:59 - 2025-10-28 20:59 - 011965080 _____ (WiseCleaner.com ) C:\Users\Horst\Documents\WDRSetup_6.2.2.520.exe
2025-10-24 11:26 - 2025-10-24 11:26 - 000000000 ____D C:\WINDOWS\nsv5D78.tmp
2025-10-23 21:15 - 2025-10-23 21:15 - 000000000 ____D C:\Users\Horst\Documents\Adobe Scripts
2025-10-23 20:40 - 2025-11-20 11:08 - 000000000 ____D C:\Users\Horst\ProjectData
2025-10-21 14:53 - 2025-10-21 14:53 - 000000000 ____D C:\ProgramData\MuseHubUpdater
2025-10-16 18:52 - 2025-10-16 18:52 - 000159724 _____ C:\Users\Horst\Documents\Nora001.pdf
2025-10-15 18:11 - 2025-10-15 18:11 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2025-10-14 19:27 - 2025-10-14 19:27 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Avanquest
2025-10-13 21:27 - 2025-10-13 21:27 - 000000000 ____D C:\ProgramData\Avanquest
2025-10-13 21:25 - 2025-10-13 21:26 - 014920672 _____ (Avanquest Software) C:\Users\Horst\Documents\inPixioPhotoStudio12Installer.exe

==================== Drei Monate (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-01-04 12:02 - 2022-10-28 20:19 - 000000000 ____D C:\Users\Horst\AppData\Local\LogiOptionsPlus
2026-01-04 12:00 - 2021-12-17 20:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-01-04 12:00 - 2020-09-17 18:06 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-01-04 12:00 - 2019-12-07 15:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2026-01-04 12:00 - 2019-12-07 15:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2026-01-04 12:00 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2026-01-04 11:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2026-01-04 11:55 - 2024-01-02 15:42 - 000008192 ___SH C:\DumpStack.log.tmp
2026-01-04 11:55 - 2020-09-17 18:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-01-04 11:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-01-04 11:55 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2026-01-04 11:55 - 2017-09-16 09:33 - 000000000 __SHD C:\Users\Horst\IntelGraphicsProfiles
2026-01-04 11:55 - 2017-09-16 09:33 - 000000000 ____D C:\Intel
2026-01-04 11:55 - 2016-07-16 12:47 - 000000227 _____ C:\WINDOWS\win.ini
2026-01-04 11:23 - 2020-09-17 17:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2026-01-04 10:56 - 2020-09-17 17:55 - 000000000 ____D C:\Users\Horst
2026-01-04 10:18 - 2024-07-09 18:27 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2026-01-04 10:18 - 2019-10-03 16:59 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2026-01-03 23:33 - 2017-09-26 18:03 - 000000000 ____D C:\Users\Horst\AppData\Local\Adobe
2026-01-03 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2026-01-02 18:19 - 2024-11-26 22:18 - 000000000 ____D C:\Users\Horst\Desktop\NOCH ZUORDNEN
2026-01-02 15:37 - 2018-05-28 14:05 - 000000000 ____D C:\Users\Horst\AppData\Local\D3DSCache
2026-01-01 23:51 - 2022-11-30 12:39 - 000000000 ____D C:\Users\Horst\Color Projects 6 Pro
2025-12-31 22:28 - 2017-12-05 15:17 - 000000000 ____D C:\Users\Horst\AppData\Local\CrashDumps
2025-12-30 12:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-12-30 12:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-12-30 12:18 - 2018-07-19 10:05 - 000000000 ____D C:\ProgramData\Packages
2025-12-29 15:16 - 2017-12-06 14:17 - 000000000 ____D C:\Users\Horst\AppData\Local\Packages
2025-12-29 15:15 - 2024-09-04 20:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-12-29 15:15 - 2024-01-20 23:25 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-12-28 14:07 - 2024-02-25 23:05 - 000000000 ____D C:\Users\Horst\Desktop\Heizkesel_Puffer_Ausfall_Warttung
2025-12-28 14:04 - 2023-01-14 17:28 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-12-28 13:34 - 2020-05-24 13:32 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-12-28 13:25 - 2020-09-17 18:14 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-12-28 13:25 - 2020-09-17 18:14 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-12-27 22:39 - 2017-09-25 18:58 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-12-27 22:28 - 2020-09-17 18:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2025-12-27 21:55 - 2025-08-08 17:57 - 000000000 ____D C:\Users\Horst\Desktop\HAUS UND GARTEN WESTERENDE UND GARTEN BOKELOH__Sicherheitskopie in Laufwerk EXT. (Y)
2025-12-27 20:55 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-12-23 21:43 - 2020-12-03 20:48 - 000000000 ____D C:\Program Files (x86)\Realtek
2025-12-23 21:43 - 2017-09-16 09:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2025-12-23 21:25 - 2021-05-25 18:32 - 000000000 ____D C:\Users\Public\Documents\Ashampoo
2025-12-23 21:25 - 2020-02-02 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2025-12-23 21:25 - 2020-02-02 23:35 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2025-12-23 21:20 - 2022-07-27 21:23 - 000000000 ____D C:\Program Files (x86)\Wise
2025-12-23 21:10 - 2023-12-19 18:52 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Lavasoft
2025-12-23 21:10 - 2023-12-19 18:52 - 000000000 ____D C:\Users\Horst\AppData\Local\Lavasoft
2025-12-23 20:48 - 2021-12-26 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2025-12-23 20:48 - 2021-12-26 18:46 - 000000000 ____D C:\Program Files\Revo Uninstaller
2025-12-23 18:52 - 2017-09-25 19:20 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2025-12-23 18:47 - 2020-07-09 20:33 - 000000000 ____D C:\Users\Horst\AppData\Roaming\TuneIn
2025-12-23 18:07 - 2025-07-23 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice
2025-12-23 18:03 - 2020-09-05 11:21 - 000000000 ____D C:\Program Files\Reallusion
2025-12-23 17:09 - 2020-02-13 22:16 - 000000000 ____D C:\Users\Horst\AppData\Roaming\SoftMaker
2025-12-23 17:08 - 2020-09-12 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Faceware
2025-12-23 17:08 - 2020-09-12 18:24 - 000000000 ____D C:\Program Files\Faceware
2025-12-23 17:05 - 2019-11-27 21:14 - 000000000 ____D C:\ProgramData\NCH Software
2025-12-23 17:05 - 2019-11-27 21:14 - 000000000 ____D C:\Program Files (x86)\NCH Software
2025-12-23 17:05 - 2017-10-02 19:42 - 000000000 ____D C:\Users\Horst\AppData\Roaming\NCH Software
2025-12-23 16:56 - 2017-09-26 14:42 - 000000000 ____D C:\ProgramData\Adobe
2025-12-23 16:56 - 2017-09-09 21:34 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Adobe
2025-12-23 16:55 - 2022-07-27 18:20 - 000000000 ____D C:\Users\Horst\AppData\Roaming\com.adobe.dunamis
2025-12-23 16:55 - 2017-09-26 22:18 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-12-23 16:52 - 2017-09-26 21:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-12-22 22:55 - 2023-12-13 18:39 - 000000000 ____D C:\Program Files\Common Files\MAGIX Services
2025-12-22 22:35 - 2024-07-23 19:12 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-12-22 22:35 - 2023-12-14 03:56 - 000000000 ____D C:\WINDOWS\InboxApps
2025-12-22 22:35 - 2019-12-07 15:54 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2025-12-22 22:35 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-12-22 22:35 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2025-12-22 22:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2025-12-22 22:16 - 2020-09-17 17:57 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-12-22 21:59 - 2023-10-05 15:46 - 000000000 ____D C:\Users\Horst\AppData\Local\Ashampoo Backup
2025-12-22 21:59 - 2017-10-29 10:59 - 000000000 ____D C:\Program Files (x86)\Nero
2025-12-22 21:55 - 2017-09-16 10:07 - 218369424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-12-22 21:55 - 2017-09-16 10:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-12-22 21:53 - 2022-08-17 18:01 - 000000000 ____D C:\Program Files\dotnet
2025-12-22 21:53 - 2017-09-16 09:37 - 000000000 ____D C:\ProgramData\Package Cache
2025-12-22 21:52 - 2025-04-08 19:24 - 000000000 ____D C:\Program Files (x86)\dotnet
2025-12-22 21:52 - 2018-05-28 13:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-12-22 21:51 - 2023-05-24 14:32 - 000000000 ____D C:\Program Files\RUXIM
2025-12-22 21:43 - 2017-09-16 09:36 - 000000000 ____D C:\Program Files\Opera
2025-12-22 21:39 - 2020-07-21 18:51 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2025-12-22 20:39 - 2020-07-21 18:51 - 000000000 ____D C:\Users\Horst\AppData\Local\BraveSoftware
2025-12-22 20:38 - 2017-09-16 09:36 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Opera Software
2025-12-22 20:38 - 2017-09-16 09:36 - 000000000 ____D C:\Users\Horst\AppData\Local\Opera Software
2025-12-22 19:24 - 2020-11-05 17:52 - 000000000 ____D C:\Users\Horst\AppData\Local\ElevatedDiagnostics
2025-12-21 21:33 - 2024-09-19 21:42 - 000000000 ____D C:\Users\Horst\Projects Series
2025-12-21 13:17 - 2019-06-22 10:49 - 000000000 ____D C:\ProgramData\Reallusion
2025-12-20 23:38 - 2024-12-27 19:30 - 000000000 ____D C:\Users\Horst\Desktop\SAUERBRATEN
2025-12-19 21:06 - 2020-03-02 19:34 - 000000132 _____ C:\Users\Horst\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2025-12-19 19:45 - 2018-03-22 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2025-12-19 19:44 - 2021-12-22 20:45 - 000000000 ____D C:\ProgramData\Audials
2025-12-19 19:43 - 2020-02-13 19:00 - 000000000 ____D C:\Program Files\Ashampoo
2025-12-18 20:52 - 2019-10-24 18:05 - 000038066 _____ C:\Users\Horst\AppData\Local\kritarc
2025-12-18 20:52 - 2019-10-24 18:05 - 000000000 ____D C:\Users\Horst\AppData\Roaming\krita
2025-12-18 11:27 - 2017-12-28 22:49 - 000000000 ____D C:\Users\Horst\AppData\LocalLow\Temp
2025-12-17 19:16 - 2023-12-06 19:00 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Ashampoo Snap
2025-12-17 18:59 - 2018-01-22 19:11 - 000000000 ____D C:\Users\Horst\AppData\Local\Abelssoft
2025-12-17 17:58 - 2023-03-08 14:53 - 000000000 ____D C:\Program Files\Franzis
2025-12-16 20:21 - 2018-05-21 09:52 - 000000000 ____D C:\Users\Horst\AppData\Local\PlaceholderTileLogoFolder
2025-12-16 18:30 - 2021-12-22 20:22 - 000000000 ____D C:\Users\Horst\AppData\Roaming\ASCOMP Software
2025-12-16 15:06 - 2020-11-05 18:43 - 000000000 ____D C:\Users\Horst\AppData\Local\Avira
2025-12-16 13:51 - 2023-01-14 17:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-12-15 23:48 - 2017-09-25 18:58 - 000000000 ____D C:\Users\Horst\AppData\Local\Google
2025-12-15 22:14 - 2019-12-03 14:55 - 000000000 ____D C:\Users\Horst\AppData\Roaming\dvdcss
2025-12-15 22:14 - 2019-09-30 13:28 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Notepad++
2025-12-15 19:27 - 2017-12-03 23:33 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Nero
2025-12-15 19:27 - 2017-10-29 11:05 - 000000000 ____D C:\ProgramData\Nero
2025-12-14 23:39 - 2024-01-17 18:08 - 000000000 ____D C:\Users\_ashbackuppb_
2025-12-14 22:42 - 2023-04-15 18:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\InPixio
2025-12-14 22:42 - 2020-11-05 19:08 - 000000000 ____D C:\Program Files\CCleaner
2025-12-13 20:31 - 2020-12-01 19:50 - 000000000 ____D C:\Program Files\7-Zip
2025-12-12 15:35 - 2017-10-02 19:41 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Intel
2025-12-12 11:27 - 2021-12-22 20:32 - 000000000 ____D C:\Users\Horst\AppData\Local\Audials
2025-12-12 11:26 - 2023-12-08 18:18 - 000000000 ____D C:\Program Files\Audials
2025-12-05 22:38 - 2024-01-03 18:42 - 000000000 ___HD C:\Users\Horst\.opera

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-04-14 21:18 - 2020-04-14 21:20 - 332627677 _____ () C:\Program Files\makehuman-1.1.1-win32.zip
2019-06-24 16:49 - 2017-11-19 12:51 - 000004286 _____ () C:\Program Files (x86)\FalcoGo.ico
2019-06-24 16:49 - 2017-11-19 12:53 - 000000044 _____ () C:\Program Files (x86)\FalcoGo.url
2019-06-24 16:49 - 2016-01-05 12:37 - 000004286 _____ () C:\Program Files (x86)\FalconLine.ico
2019-06-24 16:49 - 2016-01-05 12:25 - 000000047 _____ () C:\Program Files (x86)\FalconLine.url
2019-06-24 16:49 - 2016-12-21 00:39 - 000004286 _____ () C:\Program Files (x86)\FalcoSpace.ico
2019-06-24 16:49 - 2016-12-21 00:36 - 000000047 _____ () C:\Program Files (x86)\FalcoSpace.url
2019-07-07 16:36 - 2019-07-07 16:36 - 007315103 _____ () C:\Program Files (x86)\picturenaut_3_2_1690.zip
2011-01-12 01:00 - 2011-01-12 01:00 - 000146944 _____ () C:\Program Files (x86)\Common Files\dsfFLACDecoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000221184 _____ () C:\Program Files (x86)\Common Files\dsfFLACEncoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000204800 _____ () C:\Program Files (x86)\Common Files\dsfNativeFLACSource.dll
2012-05-11 13:16 - 2012-05-11 13:16 - 000171520 _____ () C:\Program Files (x86)\Common Files\dsfOggDemux2.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000240128 _____ () C:\Program Files (x86)\Common Files\dsfVorbisDecoder.dll
2009-07-11 22:08 - 2009-07-11 22:08 - 000001860 _____ () C:\Program Files (x86)\Common Files\Microsoft.VC90.CRT.manifest
2011-04-18 21:51 - 2011-04-18 21:51 - 000569680 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP90.dll
2011-04-18 21:51 - 2011-04-18 21:51 - 000653136 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR90.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000412672 _____ (Google) C:\Program Files (x86)\Common Files\vp8decoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000701440 _____ (Google) C:\Program Files (x86)\Common Files\vp8encoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000302592 _____ (Google) C:\Program Files (x86)\Common Files\webmmux.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000292352 _____ (Google) C:\Program Files (x86)\Common Files\webmsplit.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000030208 _____ () C:\Program Files (x86)\Common Files\wmpinfo.dll
2022-01-20 17:17 - 2022-01-20 17:17 - 000000246 _____ () C:\Users\Horst\AppData\Roaming\.ptbt1
2018-02-23 23:17 - 2021-11-30 17:09 - 000000132 _____ () C:\Users\Horst\AppData\Roaming\Adobe CS6-AIFF-Format - Voreinstellungen
2018-02-24 22:58 - 2024-01-22 20:27 - 000000132 _____ () C:\Users\Horst\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2021-01-09 20:05 - 2021-04-05 22:13 - 000000132 _____ () C:\Users\Horst\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2020-03-02 19:34 - 2025-12-19 21:06 - 000000132 _____ () C:\Users\Horst\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2017-11-08 18:21 - 2024-08-06 18:07 - 000000132 _____ () C:\Users\Horst\AppData\Roaming\Adobe CS6-Targa-Format - Voreinstellungen
2020-06-11 21:39 - 2020-06-11 21:39 - 001456142 _____ () C:\Users\Horst\AppData\Roaming\AvidLink_Install.log
2020-11-12 20:48 - 2024-10-27 20:01 - 000000632 _____ () C:\Users\Horst\AppData\Roaming\com.cloudapp.windows.plist
2019-10-24 22:10 - 2025-11-24 22:03 - 000000128 _____ () C:\Users\Horst\AppData\Roaming\FotoSketcher.ini
2019-04-05 14:25 - 2019-04-05 14:26 - 000000112 _____ () C:\Users\Horst\AppData\Roaming\main.ini
2019-07-07 16:08 - 2020-06-27 17:41 - 000000009 _____ () C:\Users\Horst\AppData\Roaming\tabbles_hwnd_main
2019-07-07 16:08 - 2020-06-27 17:41 - 000000009 _____ () C:\Users\Horst\AppData\Roaming\tabbles_hwnd_quick_link
2020-05-24 19:15 - 2020-05-24 19:15 - 000018687 _____ () C:\Users\Horst\AppData\Roaming\unins000.dat
2020-05-24 19:15 - 2020-05-24 19:15 - 000013844 _____ () C:\Users\Horst\AppData\Roaming\unins000.msg
2017-11-02 22:54 - 2024-01-11 23:48 - 000001456 _____ () C:\Users\Horst\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2025-12-15 23:48 - 2025-12-15 23:48 - 000111621 _____ () C:\Users\Horst\AppData\Local\dxdiag.log
2025-10-14 20:57 - 2025-12-18 13:06 - 000008180 _____ () C:\Users\Horst\AppData\Local\krita-sysinfo.log
2019-10-24 18:05 - 2025-12-18 20:52 - 000176896 _____ () C:\Users\Horst\AppData\Local\krita.log
2020-07-01 20:54 - 2025-12-18 13:05 - 000051362 _____ () C:\Users\Horst\AppData\Local\kritacrash.log
2025-12-18 20:52 - 2025-12-18 20:52 - 000000039 _____ () C:\Users\Horst\AppData\Local\kritadisplayrc
2019-10-24 18:05 - 2025-12-18 20:52 - 000038066 _____ () C:\Users\Horst\AppData\Local\kritarc
2020-08-06 16:28 - 2020-08-06 16:28 - 000000057 _____ () C:\Users\Horst\AppData\Local\makehuman.conf
2018-10-04 11:18 - 2022-10-28 20:35 - 000000309 _____ () C:\Users\Horst\AppData\Local\oobelibMkey.log
2025-09-16 12:48 - 2025-09-16 12:48 - 000000768 _____ () C:\Users\Horst\AppData\Local\recently-used.xbel
2017-10-01 20:45 - 2020-07-15 20:43 - 000007600 _____ () C:\Users\Horst\AppData\Local\Resmon.ResmonCfg
2022-11-26 18:42 - 2022-12-09 20:24 - 000139264 _____ () C:\Users\Horst\AppData\Local\Tempwd.tmp

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

EndeVomLatei 04.01.2026 14:01
Win 10 : WLAN-USB-Sticks nicht migriert - Addition.txt
 
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2025
durchgeführt von Horst (04-01-2026 12:09:30)
Gestartet von B:\SIK Handy Papa 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\Downloads\scoped_dir9560_2142170738
Microsoft Windows 10 Pro Version 22H2 19045.6466 (X64) (2020-09-17 17:14:40)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-947909773-2885354443-2675781160-500 - Administrator - Disabled)
buhso (S-1-5-21-947909773-2885354443-2675781160-1005 - Limited - Disabled)
DefaultAccount (S-1-5-21-947909773-2885354443-2675781160-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-947909773-2885354443-2675781160-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-947909773-2885354443-2675781160-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-947909773-2885354443-2675781160-1003 - Limited - Enabled)
Horst (S-1-5-21-947909773-2885354443-2675781160-1001 - Administrator - Enabled) => C:\Users\Horst
WDAGUtilityAccount (S-1-5-21-947909773-2885354443-2675781160-504 - Limited - Disabled)
_ashbackuppb_ (S-1-5-21-947909773-2885354443-2675781160-1010 - Administrator - Enabled) => C:\Users\_ashbackuppb_

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

100 Photoshop-Aktionen Vol.1 (HKLM-x32\...\100 Photoshop-Aktionen Vol. 1_is1) (Version:  - )
100 Photoshop-Aktionen Vol.2 (HKLM-x32\...\100 Photoshop-Aktionen Vol. 2_is1) (Version:  - )
4K Video to MP3 (HKLM\...\{8232A6B7-2815-485A-AAF2-10025111DE36}) (Version: 3.0.0.930 - Open Media LLC)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 25.01 (x64) (HKLM\...\7-Zip) (Version: 25.01 - Igor Pavlov)
AbstractCurves x64 (HKLM\...\AbstractCurves AbstractCurves x64 1) (Version: 1.190 - AbstractCurves Software)
Adobe Bridge 1.0 (HKLM-x32\...\{B74D4E10-6884-0000-0000-000000000101}) (Version: 001.000.001 - Adobe Systems) Hidden
Adobe Bridge 2022 (HKLM-x32\...\KBRG_12_0_2) (Version: 12.0.2 - Adobe Inc.)
Adobe Common File Installer (HKLM-x32\...\{8EDBA74D-0686-4C99-BFDD-F894678E5101}) (Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.6.0.79 - Adobe Inc.)
Adobe Help Center 1.0 (HKLM-x32\...\{E9787678-119F-4D52-B551-6739B2B22101}) (Version: 1.0.1 - Adobe Systems) Hidden
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Rush (HKLM-x32\...\RUSH_2_3) (Version: 2.3 - Adobe Inc.)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Adobe Stock Photos 1.0 (HKLM-x32\...\{786C5747-0C40-4930-9AFE-113BCE553101}) (Version: 1.0.1 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe UXP Developer Tool (HKLM-x32\...\UXPD_1_5_0) (Version: 1.5.0 - Adobe Inc.)
AKVIS Coloriage (HKLM\...\{1A751AEE-4021-4611-96D4-EC6FBF119E39}) (Version: 14.0.1492.24452 - AKVIS) Hidden
AKVIS Coloriage (HKLM-x32\...\{c73d6afc-9305-423a-8ee3-e26d6a0af4c2}) (Version: 14.0.1492.24452 - AKVIS)
All Image Downloader (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\{64eac9ac-0b76-44ae-b702-1b8f4a192011}) (Version: 2.0.0 - Imgdownloader)
Amazon Music (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Amazon Amazon Music) (Version: 8.5.0.2261 - Amazon.com Services LLC)
Amazon Photos (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Amazon Photos) (Version: 10.8.0 - Amazon.com, Inc.)
AniMaker Drag (HKLM-x32\...\AniMaker Drag) (Version: 2.1 - AniMaker GmbH)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{FF8455A9-21E8-457D-AC64-510A705D53B3}) (Version: 1.1.2.55 - ArcSoft)
Ashampoo Audio Recorder Free (HKLM-x32\...\{91B33C97-C3B3-7A23-56CA-61CA8472B256}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Backup Pro 17 (HKLM\...\{91B33C97-5909-F165-4B92-42DCE6E18868}_is1) (Version: 17.11 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2021 (HKLM-x32\...\{91B33C97-87D2-CBDB-6C78-9844D71F4195}_is1) (Version: 1.22.0 - Ashampoo GmbH & Co. KG)
Ashampoo Cover Studio 2017 (HKLM-x32\...\{91B33C97-6D7D-102A-7711-56C011AFB81B}_is1) (Version: 3.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Home Design 5 (HKLM\...\{6FE137BD-F8A3-4995-B812-04928FFD3D73}_is1) (Version: 5.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 2020 (HKLM-x32\...\{91B33C97-FFD3-62FA-D018-BCB9A3BC574C}_is1) (Version: 1.8.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.2.1 (HKLM-x32\...\{C92AB6F1-4B66-808A-D77C-25EF81C0176A}_is1) (Version: 10.2.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander Free (HKLM-x32\...\{0A11EA01-CD60-73B5-2FF0-9FCC1502CD64}_is1) (Version: 11.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 9 (HKLM\...\{91B33C97-A7B5-2D2D-BC10-085C65109B0D}_is1) (Version: 9.4.7 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Recovery 2 (HKLM\...\{BB339C1F-657A-6D2A-BD02-EF21B6F35991}_is1) (Version: 2.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Registry Cleaner 2 (HKLM-x32\...\{4209F371-AD80-9E5D-7FD6-99DC6D5D8B7F}_is1) (Version: 2.00.00 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio 2019 (HKLM-x32\...\{91B33C97-4A4D-A9FD-B59A-1256B60F3665}_is1) (Version: 1.4.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 16 (HKLM\...\{0A11EA01-8829-6E65-628A-90709BFA6C2E}_is1) (Version: 16.0.9 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 27 (HKLM-x32\...\{4209F371-B009-83C0-55A2-B0904D2A6CF6}_is1) (Version: 27.00.05 - Ashampoo GmbH & Co. KG)
Ashampoo ZIP Free (HKLM-x32\...\{0A11EA01-5173-F4C2-0973-35C932D5C674}_is1) (Version: 1.0.7 - Ashampoo GmbH & Co. KG)
Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
Audacity 3.7.5 (64 Bit) (HKLM\...\Audacity_is1) (Version: 3.7.5 - Audacity Team)
Audials Vision SE 2026 (HKLM\...\{43349E3F-3B86-4C50-A791-1941558E12EE}) (Version: 26.0.44.0 - Audials AG)
audite! 6.5 (HKLM-x32\...\{F979439C-55CD-41A4-B453-D2F347142DB4}) (Version: 6.5.0 - capella software)
Autodesk SketchBook (HKLM\...\{AE6C5657-8710-4968-BEB5-1E2ED89CB2D2}) (Version: 8.71.0000 - Autodesk)
BenVista PhotoZoom Pro 9.0.2 (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\PhotoZoom Pro 9) (Version: 9.0.2 - BenVista Ltd.)
BLACK WHITE projects 6 professional (64-Bit) (HKLM\...\SILVER_PROJECTS_6_3_28B15F1D_is1) (Version: 6.63 - Franzis Verlag GmbH)
blender (HKLM\...\{7AE80A32-183F-48A8-91A1-B1889B3B6B38}) (Version: 2.93.6 - Blender Foundation)
capella 2008 (HKLM-x32\...\{8D04F5C2-704D-4DB8-84FF-22300783D7F8}) (Version: 6.00.9001 - capella-software)
capella playAlong 3 (HKLM-x32\...\{C9A08B65-CFA7-47E7-A6BD-F54971F51763}) (Version: 3.0 - capella-software)
capella reader 8 (HKLM-x32\...\{d40fe571-3b74-4b1d-9f06-8ea780cfae5f}) (Version: 8 - capella-software AG)
capella-scan 5.0 (HKLM-x32\...\capella-scan 5.0) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 6.38 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloudApp for Windows (HKLM-x32\...\{5D95CFF5-3601-44D9-94B4-4C4EEA836B51}) (Version: 6.0.0.90 - CloudPlus, Inc.)
CODIJY Colorizer Pro (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\{5a136515-5018-4939-93b3-8ede6788feab}) (Version: 4.2.0 - CODIJY)
COLOR projects 6 professional (64-Bit) (HKLM\...\COLOR_PROJECTS_6_3_C935FDA1_is1) (Version: 6.63 - Franzis Verlag GmbH)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.1.0.588 - Corel Corporation)
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (HKLM\...\{46AE421C-BF1B-4B62-BE0E-62FE09C6D5B5}) (Version: 15.1.588 - Corel Corporation) Hidden
CPUID CPU-Z 2.17 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.17 - CPUID, Inc.)
CrazyTalk Animator Standard (HKLM-x32\...\{789567FD-CAA2-4E1C-B38E-9072B3015FFD}) (Version: 1.2.2010.1 - Reallusion Inc.)
CrazyTalk Animator v3.32 PRO (HKLM-x32\...\{6B844167-0760-43FD-BBCA-2463EC967721}) (Version: 3.32.4718.1 - Reallusion Inc.)
Crescendo Notensatz-Editor (HKLM-x32\...\Crescendo) (Version: 10.10 - NCH Software)
CutOut 9 professional (11022020) (HKLM\...\CutOut 9 professional_is1) (Version: 9 - Franzis.de)
darktable (HKLM\...\darktable) (Version: 2.4.1 - the darktable project)
DENOISE projects 3 professional (64-Bit) (HKLM\...\DENOISE_PROJECTS_3_3_FBC348A0_is1) (Version: 3.32 - Franzis Verlag GmbH)
Design & Print (HKLM-x32\...\Design & Print 5.1.0) (Version: 5.1.0 - Avery Zweckform)
Doctolib 2.30.0 (HKLM\...\a23b93d7-c27b-59d6-b1a0-6e4b0d5d056a) (Version: 2.30.0 - Doctolib)
DokuDownloader 2019 (HKLM-x32\...\{28806E83-7109-4E6A-A2C6-B8C43055C59C}_is1) (Version: 1.0 - Abelssoft)
Druckerdeinstallation für EPSON XP-960 Series (HKLM\...\EPSON XP-960 Series) (Version:  - Seiko Epson Corporation)
Easy Photo Scan (HKLM-x32\...\{99364024-626C-4BE1-89C8-2F207023497B}) (Version: 1.00.0018 - Seiko Epson Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.2 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{DE32F90E-1A29-4D74-BCF1-E7DDB25D713A}) (Version: 3.4.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
EverDoc 2018 (HKLM-x32\...\{CE690D98-4029-4620-879D-8018BF9CFBEC}_is1) (Version: 3.26 - Abelssoft)
EverDoc Printer++ (64bit) (HKLM\...\{D8156771-98B2-4A23-8122-C904F2410DF1}) (Version: 1.0.0 - Printer++)
Express Burn Disc-Brennprogramm (HKLM-x32\...\ExpressBurn) (Version: 12.01 - NCH Software)
Facebook Desktop (HKLM-x32\...\{844B8965-E5AA-4F9A-A4D4-4E59D4F44F64}) (Version: 0.8.0 - Eric Zhang)
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version:  - Tone2)
FOCUS projects 3 professional (64-Bit) (HKLM\...\FOCUS_PROJECTS_3_3_EDC5B478_is1) (Version: 3.25 - Franzis Verlag GmbH)
Folder Icon Basic (HKLM-x32\...\{EAF4C8EE-4D58-418D-8960-CA9A1628DA77}) (Version: 5.1.0.0 - MSTech Global Ltd) Hidden
FontForge Version 07-11-2020 (HKLM-x32\...\{56748B9C-19AE-4689-B8C5-5A45AE0A993A}_is1) (Version: 07-11-2020 - FontForgeBuilds)
FotoSketcher 3.60 (HKLM\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
Free FreeCell Solitaire 2017 v3.2 (HKLM-x32\...\Free FreeCell Solitaire_is1) (Version:  - TreeCardGames)
Free GIF Maker (HKLM-x32\...\Free GIF Maker_is1) (Version: 1.3.48.831 - Digital Wave Ltd)
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:  -  )
FreeCAD 0.21.1 (HKLM\...\FreeCAD0211) (Version: 0.21.1 - FreeCAD Team)
FreeCAD 1.0.2 (HKLM\...\FreeCAD102) (Version: 1.0.2 - FreeCAD Team)
FreeRIP MP3 Converter 5.7.1.2 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 5.7.1.2 - GreenTree Applications SRL)
GMX MailCheck für Windows (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.7.10.0 - 1&1 Mail & Media GmbH)
GMX Suche (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\1&1 Mail & Media GmbH DS1) (Version: 1.2.0.0 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 143.0.7499.170 - Google LLC)
Google Earth Pro (HKLM\...\{8D42B7EA-0BF8-4E13-B646-652FE578F998}) (Version: 7.3.6.10441 - Google)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.53.3) (Version: 9.53.3 - Artifex Software Inc.)
HD Writer AE 2.1 (HKLM-x32\...\{AC4BDEB4-E06A-4605-B5D2-2FE6750681A5}) (Version: 2.01.141.1031 - Panasonic Corporation)
HDR projects 9 professional (HKLM\...\HDR_PROJECTS_9_3_3BF7CE82_is1) (Version: 9.23 - Franzis Verlag GmbH)
HDR projects photo (64-Bit) (HKLM\...\HDR_PROJECTS_2_1_3BF7CE82_is1) (Version: 2.26 - Franzis Verlag GmbH)
Helm (HKLM\...\{971514BD-7CC3-414F-9258-B79E6D53EC46}) (Version: 0.9.0.0 - Matt Tytel)
High-Definition Video Playback (HKLM-x32\...\{9193490D-5229-4FC4-9BB9-A6D63C09574A}) (Version: 11.0.12200.1.158 - Nero AG) Hidden
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
indii.org/tintii (HKLM-x32\...\tintii) (Version:  - )
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Intel Driver && Support Assistant (HKLM-x32\...\{90EFD4CC-39A4-4470-AEEB-878CB2BCBC81}) (Version: 25.4.36.6 - Intel) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{4152D055-4116-42A3-BC9E-86D0A17B35A5}) (Version: 25.4.36.6 - Intel)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Krita (x64) 5.2.11 (git a4da714) (HKLM\...\Krita_x64) (Version: 5.2.11.0 - Krita Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Leap Motion Profile v1.0 Trial for Motion LIVE 2D Plug-in (HKLM-x32\...\{CB332079-D416-45F6-9444-A6F651AE663C}) (Version: 1.0.1707.1 - Reallusion Inc.)
LibreCAD (HKLM-x32\...\LibreCAD) (Version: 2.1.3 - LibreCAD Team)
LibreOffice 25.2.5.2 (HKLM\...\{751B7B9A-39A0-428C-963B-0FA2B4BDD27F}) (Version: 25.2.5.2 - The Document Foundation)
Lightkey (HKLM\...\{AB7B36EE-A1FC-42CE-9E9C-ECEF2B2DD2AB}) (Version: 24.0.5.0 - Lightkey Sources LTD) Hidden
Live Billiards 2 (HKLM-x32\...\Live Billiards 2) (Version:  - )
LMMS 1.2.1 (HKLM-x32\...\LMMS) (Version: 1.2.1 - LMMS Developers)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.60.495862 - Logitech)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LOOXIS Faceworx 1.0 (HKLM-x32\...\LOOXIS Faceworx_is1) (Version: 1.0.0.1 - LOOXIS GmbH)
Luminance HDR 2.5.1 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version:  - Luminance HDR Dev Team)
Luminance Studio (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Luminance Studio) (Version:  - )
Luminar 4 (HKLM\...\Luminar 4) (Version: 4.3.4.9699 - Skylum)
LUT #1 (HKLM\...\LUT_1_2_CCD378F6_is1) (Version: 1.12 - Accelerated Vision UG)
makehuman-community (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\makehuman-community) (Version: 20200727 - Makehuman Community)
MakeMe3D (HKLM-x32\...\{C206BC46-62E0-41CB-0001-4DB984666A77}) (Version: 1.2.12.618 - Engelmann Media GmbH)
MediaHuman Audio Converter Version 1.9.7 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.7 - MediaHuman)
MediBang Paint Pro 24.5.1 (64-bit) (HKLM\...\MediBang Paint Pro_is1) (Version: 24.5.1 - Medibang)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.22 (x64) (HKLM\...\{872CDB4B-5DDE-4297-BD19-C93B6C93E386}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.22 (x86) (HKLM-x32\...\{E3308628-44F2-49F2-B618-7735D528FAC2}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.22 (x64) (HKLM\...\{7A046DD7-9D61-4C5D-8F5E-24EE192B1B6A}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.22 (x86) (HKLM-x32\...\{4560BF00-0D8D-4FE8-84BA-83A208E9CB97}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.22 (x64) (HKLM\...\{C43A1A89-0CA5-43FD-BDC4-3B85DAD06A41}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.22 (x64) (HKLM-x32\...\{9a1a4be8-ffdb-48b5-b47b-f787981592d8}) (Version: 8.0.22.35427 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.22 (x86) (HKLM-x32\...\{3BAD90A6-48B6-4C89-97FF-02FEB96227C1}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.22 - Shared Framework (x86) (HKLM-x32\...\{251a18cb-cb97-48e3-ac2c-f57e06f8ed25}) (Version: 8.0.22.25528 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.22 Shared Framework (x86) (HKLM-x32\...\{1DFBD7A0-CB7B-392F-B3B0-76B85C9B01EB}) (Version: 8.0.22.25528 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 143.0.3650.96 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 143.0.3650.96 - Microsoft Corporation) Hidden
Microsoft Expression Design 4 (HKLM-x32\...\{EDF6CEF3-8415-4868-8B1F-8D9E5FF8FC23}) (Version: 8.0.31217.1 - Microsoft Corporation) Hidden
Microsoft Expression Design 4 (HKLM-x32\...\Design_8.0.31217.1) (Version: 8.0.31217.1 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel MUI (German) 2007 (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (HKLM-x32\...\{90120000-00A1-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (HKLM-x32\...\{90120000-001F-0410-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (HKLM-x32\...\{90120000-002C-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}) (Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (HKLM\...\{90120000-002A-0407-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (HKLM-x32\...\{90120000-006E-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.19426.20218 - Microsoft Corporation)
Microsoft Research Cliplets (HKLM\...\{A4DA1935-2F04-4AFF-BE48-085CCC7BD0CB}) (Version: 1.1.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35208 (HKLM-x32\...\{e90abaf0-d749-437b-ba99-cda1c84b6754}) (Version: 14.44.35208.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35208 (HKLM-x32\...\{5A76FFAE-36C5-4648-80BD-4BB5B6E971F0}) (Version: 14.44.35208 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35208 (HKLM-x32\...\{491C67BA-2F2F-4A90-B9DD-4C76BFDBEA02}) (Version: 14.44.35208 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60825 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60825 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.22 (x64) (HKLM\...\{4CCC1CCD-6FA3-4DD5-A06B-E94EA90094CF}) (Version: 64.88.42561 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.22 (x64) (HKLM-x32\...\{a3899eef-6164-4d42-b8c3-95ae6a844821}) (Version: 8.0.22.35428 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.22 (x86) (HKLM-x32\...\{2d077ae0-4556-4d5a-aa87-4ea76e32ec2d}) (Version: 8.0.22.35428 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.22 (x86) (HKLM-x32\...\{AABE221C-DA7E-4DDA-9AD6-322E03B95E2D}) (Version: 64.88.42561 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
MixPad Musikstudio-Software (HKLM-x32\...\MixPad) (Version: 13.54 - NCH Software)
Motion LIVE 2D Plug-in v1.11 Trial for Cartoon Animator (HKLM-x32\...\{E88C8914-A4CC-46EA-BC9B-2CC2E8BA6163}) (Version: 1.11.1915.1 - Reallusion Inc.)
Motion LIVE Plug-in v1.02 Trial for iClone (HKLM-x32\...\{172D3046-1186-4FC8-822A-1120E398B938}) (Version: 1.02.1203.1 - Reallusion Inc.)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.6.1 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 140.1.1 (x64 de)) (Version: 140.1.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MuseScore 3 (HKLM\...\{778D5D3D-5448-40F4-AACC-47D443C3E8A1}) (Version: 3.4.2.9788 - Werner Schweer and Others)
Music Recorder (HKLM-x32\...\{F5EF0BCC-8370-431F-B73E-AC6405C2DA1D}) (Version: 14.1.15600.0 - Audials AG)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyKeyFinder 2026 (HKLM-x32\...\{c6396ed4-bdba-4f98-8739-767cb6bd16e6}_is1) (Version: 15.01 - Abelssoft)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 2.1 - F.J. Wechselberger)
NEAT projects 3 professional (HKLM\...\NEAT_PROJECTS_3_3_Df337A2C_is1) (Version: 3.32 - Franzis Verlag GmbH)
Nero 11 (HKLM-x32\...\{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}) (Version: 11.0.10100 - Nero AG)
Nero 11 Cliparts (HKLM-x32\...\{B160A672-F326-4414-9BB0-A056C61B357C}) (Version: 11.0.10600.6.0 - Nero AG) Hidden
Nero 11 Disc Menus 1 (HKLM-x32\...\{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Disc Menus 2 (HKLM-x32\...\{7DF2B5EE-2C16-4E86-9C71-8678068AD805}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Disc Menus 3 (HKLM-x32\...\{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Disc Menus Basic (HKLM-x32\...\{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Effects Basic (HKLM-x32\...\{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}) (Version: 11.0.10600.6.0 - Nero AG) Hidden
Nero 11 Image Samples (HKLM-x32\...\{F3743A2C-5D5F-4456-8F98-5DF36A954C50}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Kwik Themes 1 (HKLM-x32\...\{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Kwik Themes 2 (HKLM-x32\...\{A4F6BE36-4826-45BA-A396-04F265A3B61D}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (HKLM-x32\...\{5A212B2D-140D-46F4-B625-2D1CA5A00594}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 PiP Effects Basic (HKLM-x32\...\{2CA7225D-CB12-462A-9DD1-50319E158BA5}) (Version: 11.0.10600.6.0 - Nero AG) Hidden
Nero 11 Video Samples (HKLM-x32\...\{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero Audio Pack 1 (HKLM-x32\...\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}) (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (HKLM-x32\...\{EA03E7E5-6757-4A9A-9B36-C0022BE752D2}) (Version: 18.0.3040 - Nero AG) Hidden
Nero BackItUp 11 (HKLM-x32\...\{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}) (Version: 6.0.10700.6.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (HKLM-x32\...\{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}) (Version: 11.0.10000 - Nero AG) Hidden
Nero BackItUp 2017 Essentials (HKLM-x32\...\{0A5CD1E5-5F6E-4E9B-AAE6-E368D1784693}) (Version: 18.1.00100 - Nero AG)
Nero Burning ROM 11 (HKLM-x32\...\{9D8491AD-D0D2-4B51-AA4A-A8B67795A553}) (Version: 11.0.10700.12.100 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (HKLM-x32\...\{53F7746A-96AA-49A5-86B8-59989680DAC5}) (Version: 11.0.10000 - Nero AG) Hidden
Nero ControlCenter (HKLM-x32\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.4.0006 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (HKLM-x32\...\{D4D66270-9147-4BDF-9946-FCA2B303AA8F}) (Version: 11.0.10000 - Nero AG) Hidden
Nero Core Components (HKLM-x32\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.6.0023 - Nero AG) Hidden
Nero CoverDesigner 11 (HKLM-x32\...\{FF44BCE5-5A18-4051-85F0-BC172D7B4695}) (Version: 6.0.10500.8.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (HKLM-x32\...\{55C2143E-FBA5-442F-9AFA-726FF068F39D}) (Version: 11.0.10000 - Nero AG) Hidden
Nero Express 11 (HKLM-x32\...\{E10AAE4A-98B8-420A-BD93-E0520C23D624}) (Version: 11.0.10700.12.100 - Nero AG) Hidden
Nero Express 11 Help (CHM) (HKLM-x32\...\{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}) (Version: 11.0.10000 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{BE814218-3919-4EA3-868A-2F60BC135CB4}) (Version: 1.10.14100.42.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (HKLM-x32\...\{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}) (Version: 11.0.10000 - Nero AG) Hidden
Nero Recode 11 (HKLM-x32\...\{4162E4B4-DB62-4719-9921-A59B2671C1CB}) (Version: 5.0.11300.15.100 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (HKLM-x32\...\{57F80ECF-E27C-4EEE-AB58-E971BACE2639}) (Version: 11.0.10000 - Nero AG) Hidden
Nero RescueAgent 11 (HKLM-x32\...\{034DCAF9-96E7-4936-9A07-712F80B5181E}) (Version: 4.0.10300.7.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (HKLM-x32\...\{D01CE99A-8802-483C-A79F-298B691EB432}) (Version: 11.0.10000 - Nero AG) Hidden
Nero SoundTrax 11 (HKLM-x32\...\{0713D1F9-DD77-42C1-8C7D-54D479E2E743}) (Version: 5.0.10300.3.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (HKLM-x32\...\{390757AA-8830-43DC-AEE0-4E5B6F8439EB}) (Version: 11.0.10000 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video 11 (HKLM-x32\...\{0D7A4289-99CF-4B8D-B812-86BE50A54552}) (Version: 8.0.12900.10.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (HKLM-x32\...\{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}) (Version: 11.0.10000 - Nero AG) Hidden
Nero WaveEditor 11 (HKLM-x32\...\{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}) (Version: 6.0.10500.3.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (HKLM-x32\...\{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}) (Version: 11.0.10000 - Nero AG) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
O&K Print Router (HKLM-x32\...\O&K Print Router) (Version: 3.0 - O&K Software Ltd.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.17928.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
onlineTV 18 (HKLM-x32\...\{58B7E23E-64FF-4A70-83EB-8CAF8FE5A78B}_is1) (Version: 18.22.11.3 - concept/design GmbH)
OpenOffice 4.1.15 (HKLM-x32\...\{D8DD7A6F-CB70-43AF-9A0C-9A5A4C195068}) (Version: 4.115.9813 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice) <==== ACHTUNG
Opera Mail 1.0 (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 125.0.5729.49 (HKLM-x32\...\Opera 125.0.5729.49) (Version: 125.0.5729.49 - Opera Software)
OptiTrack Profile v1.02 Trial for Motion LIVE Plug-in (HKLM-x32\...\{DF3F118D-8794-48E8-9228-3DF9C437A731}) (Version: 1.02.1130.1 - Reallusion Inc.)
Overlay Effects for Lightroom Version 1.0.3 (HKLM\...\{A2AEED12-A791-4AB5-B9FB-231B4129000E}_is1) (Version: 1.0.3 - Picture Instruments)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 11.27.0 (64 Bit) (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.27.0 - Geek Software GmbH)
PDF24 Creator 11.28.2 (32 Bit) (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.28.2 - Geek Software GmbH)
Perception Neuron Profile v1.0 Trial for Motion LIVE 2D Plug-in (HKLM-x32\...\{3A2CF4BF-6F79-46DC-9DF3-50CB0026D4D6}) (Version: 1.0.1707.1 - Reallusion Inc.)
Perception Neuron Profile v1.02 Trial for Motion LIVE Plug-in (HKLM-x32\...\{436D8673-70A9-4D07-AD78-51DE4BA7B982}) (Version: 1.02.1130.1 - Reallusion Inc.)
PHOTOfunSTUDIO 9.7 PE (HKLM-x32\...\{2A71E3D5-1714-4E8F-88CD-7C06894FA6A2}) (Version: 9.07.706.1031 - Panasonic Corporation)
Photopea PSD Editor Plug-in v1.0 for Cartoon Animator (HKLM-x32\...\{EDAFF67C-096E-4A7B-B3CD-8CFAB4384934}) (Version: 1.0.1016.1 - Reallusion Inc.)
PopcornFX Plug-in v1.01 Trial for iClone (HKLM-x32\...\{D719716D-0502-452D-ABC8-F88235049A9A}) (Version: 1.01.1519.1 - Reallusion Inc.)
Qualisys Profile v1.0 Trial for Motion LIVE Plug-in (HKLM-x32\...\{8B19FF77-91D0-4EEA-86D8-2D1C868D0A7A}) (Version: 1.0.0618.1 - Reallusion Inc.)
QuickTime (HKLM-x32\...\{C78EAC6F-7A73-452E-8134-DBB2165C5A68}) (Version: 7.62.14.0 - Apple Inc.)
RawTherapee Version 5.4 (HKLM\...\RawTherapee5.4_is1) (Version: 5.4 - rawtherapee.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Realtek USB Wireless LAN Driver (HKLM-x32\...\InstallShield_{DBCC4C27-F949-482b-B786-7B3B67587CD2}) (Version: Drv_3.00.0019 - REALTEK Semiconductor Corp.)
Recordify 2023 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 8.03 - Abelssoft)
Revo Uninstaller 2.6.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.6.5 - VS Revo Group, Ltd.)
Rokoko Profile v1.0 Trial for Motion LIVE 2D Plug-in (HKLM-x32\...\{68BED2C8-814B-4F18-825D-AB06C3D06CB7}) (Version: 1.0.1924.1 - Reallusion Inc.)
Rokoko Profile v1.02 Trial for Motion LIVE Plug-in (HKLM-x32\...\{2719BB11-4A27-4C34-9205-0349E860E20F}) (Version: 1.02.1130.1 - Reallusion Inc.)
ScreenCamera.Net registered to GiveAwayOfTheDay Version 1.4.5.41 (HKLM-x32\...\{6C47663A-C5B9-4404-A4BA-E75392F33B2C}_is1) (Version: 1.4.5.41 - PCWinSoft Software)
SHARPEN #5 professional (HKLM\...\SHARPEN_5_3_FCDF957E_is1) (Version: 5.41 - Accelerated Vision UG)
SILKYPIX Developer Studio 3.0 SE (HKLM-x32\...\InstallShield_{B2F25F71-D920-4288-A548-54CD253DEF14}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 8 SE (HKLM-x32\...\{593959B5-2971-430C-82C2-6F51C7EE8B34}) (Version: 8 - Ichikawa Soft Laboratory)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Smart Gallery Plug-in v1.12 for iClone (HKLM-x32\...\{4581D025-E559-40F4-A655-3243C877EABC}) (Version: 1.12.0827.1 - Reallusion Inc.)
Smart Gallery Plug-in v1.31 for Character Creator (HKLM-x32\...\{F33C21BF-AB8E-4196-BAD3-A5FC1BF40632}) (Version: 1.31.2226.1 - Reallusion Inc.)
SmartTools Servicepack 2018 für Excel (HKLM-x32\...\{07B86ED7-55AC-49C0-9814-B070B969DC62}) (Version: 1.0.3.0 - SmartTools Publishing)
Software Informer 1.4.1305.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Spotify (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Spotify) (Version: 1.2.44.405.g81fd6352 - Spotify AB)
Spyder4Elite (HKLM-x32\...\Spyder4Elite) (Version:  - )
SpyderPRINT (HKLM-x32\...\SpyderPRINT) (Version:  - )
SpyderStudio (HKLM-x32\...\SpyderStudio) (Version:  - )
Sqirlz Morph (HKLM-x32\...\Sqirlz Morph) (Version: 2.0 - xiberpix)
Sweet Home 3D version 6.1.2 (HKLM\...\Sweet Home 3D_is1) (Version: 6.1.2 - eTeks)
Switch Audio-Converter (HKLM-x32\...\Switch) (Version: 13.24 - NCH Software)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synfig Studio (64bit) (HKLM\...\synfigstudio) (Version: 1.2.2-286f1 - )
Tablet Driver With Macrokey Manager (HKLM\...\RmTablet) (Version: 4.13 - )
ThunderSoft GIF Converter (3.1.0.0) (HKLM-x32\...\ThunderSoft GIF Converter_is1) (Version: 3.1.0.0 - ThunderSoft)
TuneFab Spotify Music Converter 3.1.23 (HKLM\...\9ff685d9-8f1e-59e1-a273-b7c9e7cf0c17) (Version: 3.1.23 - TuneFab)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Notifier (HKLM\...\{A0CA66DA-49B3-4D6F-92EA-B4CBC60365E0}) (Version: 3.0.0.73 - MAGIX Software GmbH) Hidden
Update Notifier (HKLM\...\MX.{A0CA66DA-49B3-4D6F-92EA-B4CBC60365E0}) (Version: 3.0.0.73 - MAGIX Software GmbH)
Videomizer 2 (HKLM-x32\...\{B84CB121-58A9-4D5E-0001-805171E318F3}) (Version: 2.0.16.504 - Engelmann Media GmbH)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 17.48 - NCH Software)
VideoProc Converter (HKLM-x32\...\VideoProc Converter) (Version: 4.4 - Digiarty, Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC Plus Player Updater (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\AM VLC Plus Player Updater) (Version: 1.0.2 - ) <==== ACHTUNG
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Watermark Software 8.3 (HKLM-x32\...\Watermark Software) (Version: 8.3 - watermark-software.com)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 20.54 - NCH Software)
welcome (HKLM-x32\...\{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}) (Version: 11.0.20000.0.0 - Nero AG) Hidden
WhatsApp (Outdated) (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\WhatsApp) (Version: 2.2326.10 - WhatsApp)
Wi-Fi-Adapter (HKLM\...\{5A93E57B-A092-48B9-9A5A-7F7218FF8F29}_is1) (Version: 1.0.0.10 - Ugreen)
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-12-23] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-12-12] (Adobe Systems Incorporated)
Adobe Photoshop Express: Image Editor, Änderungen, Filter, Effekte, Rahmen -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.6.392.0_x64__mtcwf2zmmt10c [2023-01-26] (Adobe Inc.)
Adobe XD -> C:\Program Files\WindowsApps\Adobe.XD_51.0.12.6_x64__pc75e8sa7ep4e [2023-01-26] (Adobe Inc.)
Adobe-Fresco -> C:\Program Files\WindowsApps\Adobe.Fresco_3.2.0.745_x64__pc75e8sa7ep4e [2023-01-26] (Adobe Inc.)
Amazon.de: Amazon Prime -> C:\Program Files\WindowsApps\www.amazon.de-22BA6F70_1.0.0.1_neutral__v3aseepm5s0mp [2025-12-28] (www.amazon.de)
ARD Audiothek -> C:\Program Files\WindowsApps\www.ardaudiothek.de-6D6467DE_1.0.0.2_neutral__x8af41t9fvg4c [2025-12-28] (www.ardaudiothek.de)
Deutsch - Plattdeutsch Übersetzer - AI Translator  Mr. Dialect -> C:\Program Files\WindowsApps\mr-dialect.com-75DB0486_1.0.0.1_neutral__r4bnghda1b544 [2025-12-28] (mr-dialect.com)
FloraWeb - Willkommen bei FloraWeb -> C:\Program Files\WindowsApps\www.floraweb.de-B816B02A_1.0.0.1_neutral__vc34710g4vf76 [2025-12-28] (www.floraweb.de)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation)
FreeCell -> C:\Program Files\WindowsApps\www.free-freecell-solitaire.com-A837CC6C_1.0.0.2_neutral__x3j35fb5y4knr [2025-12-28] (www.free-freecell-solitaire.com)
FreeCell HD -> C:\Program Files\WindowsApps\32988BernardoZamora.Dummy2_1.26.88.0_x64__1fgex2kbsn6g8 [2025-12-29] (Bernardo Zamora)
FreeCell Solitaire!! -> C:\Program Files\WindowsApps\476931bsyl.FreeCellSolitaire_1.6.0.0_x64__cgv7566y2ek3j [2025-12-16] (1bsyl)
FreeCell Solitär -> C:\Program Files\WindowsApps\TreeCardGames.FreeCellCollectionFree_5.3.2.0_x64__n666hb6ddc5jp [2023-07-12] (TreeCardGames)
Günther Blaich - Europäische Orchideen und andere Pflanzen - European orchids and other plants -> C:\Program Files\WindowsApps\www.guenther-blaich.de-B1F64B0B_1.0.0.0_neutral__8msq1feav1cr6 [2023-03-31] (www.guenther-blaich.de)
Günther Blaich - Europäische Orchideen und andere Pflanzen - European orchids and other plants -> C:\Program Files\WindowsApps\www.guenther-blaich.de-C2737558_1.0.0.1_neutral__8msq1feav1cr6 [2023-10-16] (www.guenther-blaich.de)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_162.3.1128.0_x64__v10z8vjag6ke6 [2025-12-29] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa [2025-12-29] (Apple Inc.) [Startup Task]
Joyn -> C:\Program Files\WindowsApps\www.joyn.de-DEF5F6A1_1.0.0.1_neutral__pcbtsyen7zd6j [2025-12-28] (www.joyn.de)
Klimazonen in Deutschland und Winterhärte -> C:\Program Files\WindowsApps\www.garten-pur.de-3CD2266D_1.0.0.1_neutral__fs8jqsebezzny [2025-12-28] (www.garten-pur.de)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_21.2.500.0_x64__4n2hpmxwrvr6p [2025-12-29] (XBMC Foundation)
Local AI Manager for Microsoft 365 -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\AI [2025-12-23] ()
Mahjong Solitaire -> C:\Program Files\WindowsApps\7333BvG.MahjongSolitaireFree_2.9.4.0_x64__y1s27y3vcjf5c [2025-12-29] (BvG)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation)
Mein schöner Garten: Pflanzen, Garten & Gartentipps. -> C:\Program Files\WindowsApps\www.mein-schoener-garten.de-59EACECB_1.0.0.2_neutral__7cmmreg3ma958 [2025-12-28] (www.mein-schoener-garten.de)
Mein schöner Garten: Pflanzen, Garten & Gartentipps. -> C:\Program Files\WindowsApps\www.mein-schoener-garten.de-FEC576CC_1.0.0.0_neutral__7cmmreg3ma958 [2023-03-31] (www.mein-schoener-garten.de)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.8.4231.0_x86__8wekyb3d8bbwe [2025-12-29] (Microsoft Studios)
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2023-01-26] (Microsoft Platform Extensions)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20610.576.0_x64__8wekyb3d8bbwe [2025-12-29] (Microsoft Corporation)
Microsoft Word - 47_Pflanzenportraet_Sauromatum_guttatum.doc -> C:\Program Files\WindowsApps\www.botanik-bochum.de-1D8C8514_1.0.0.1_neutral__tf53kk577w776 [2025-12-28] (www.botanik-bochum.de)
Microsoft.Office.ActionsServer -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\ActionsServer [2025-12-23] ()
Moser Care and Support Wear -> C:\Program Files\WindowsApps\www.mosercare.de-5945C851_1.0.0.1_neutral__dkwc0jk62d6fr [2025-12-28] (www.mosercare.de)
NaturaDB - Finde die passenden Pflanzen. -> C:\Program Files\WindowsApps\www.naturadb.de-BAD1CB5_1.0.0.1_neutral__b30na7fkwqa6g [2025-12-28] (www.naturadb.de)
Netzkino -> C:\Program Files\WindowsApps\35124netzkino.Netzkino_3.3.1.1_neutral__843rhjq2hbnd4 [2023-01-26] (netzkino) [MS Ad]
Niedersachsens Kliniken im Check Januar 2025: Was leisten sie in der Knie- und Hüftmedizin?  news.de -> C:\Program Files\WindowsApps\www.news.de-DF263BF_1.0.0.1_neutral__wm4rcazk6szy8 [2025-12-28] (www.news.de)
OfficePushNotificationsUtility -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16 [2025-12-23] ()
Öffnen, Bearbeiten und Konvertieren von ATN-Dateien – DateiWiki Blog -> C:\Program Files\WindowsApps\datei.wiki-A4EBD80C_1.0.0.1_neutral__pbgnkrshpkp7g [2025-12-28] (datei.wiki)
OneLaunch -> C:\Program Files\WindowsApps\getmanualssearch.com-DE6DDF6C_1.0.0.3_neutral__eg3srx13a0kee [2025-12-28] (getmanualssearch.com)
Översetter: Hochdeutsch - Plattdeutsch Übersetzer -> C:\Program Files\WindowsApps\www.xn-versetter-z7a.de-BE380337_1.0.0.1_neutral__2v621k8gjawty [2025-12-28] (www.översetter.de)
PayPal -> C:\Program Files\WindowsApps\www.paypal.com-36CE595_1.0.0.1_neutral__vct904jxvz49g [2025-12-28] (www.paypal.com)
PDF Converter -> C:\Program Files\WindowsApps\AnywaySoftInc.PDFConverter_2.0.9.0_x64__0qkrc2qacwvfm [2023-01-26] (AnywaySoft, Inc.) [MS Ad]
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.1.6.0_x64__pwbj9vvecjh7j [2025-12-29] (Amazon Development Centre (London) Ltd)
Promesse de fleurs, Qualitätspflanzen seit 1950 -> C:\Program Files\WindowsApps\www.promessedefleurs.de-649494B7_1.0.0.1_neutral__yfvr7wv0rmg4y [2025-12-28] (www.promessedefleurs.de)
Saatgut-Vielfalt  www.saatgut-vielfalt.de -> C:\Program Files\WindowsApps\www.saatgut-vielfalt.de-59A19251_1.0.0.0_neutral__nx0er27znpjwg [2023-03-31] (www.saatgut-vielfalt.de)
Saatgut-Vielfalt  www.saatgut-vielfalt.de -> C:\Program Files\WindowsApps\www.saatgut-vielfalt.de-FBA683DE_1.0.0.2_neutral__nx0er27znpjwg [2025-12-28] (www.saatgut-vielfalt.de)
Sinar - Fotografie & Videografie Leicht Gemacht -> C:\Program Files\WindowsApps\sinar.ch-D6790AE4_1.0.0.1_neutral__jvgj41ckkxmet [2025-12-28] (sinar.ch)
Solitaire FRVR -> C:\Program Files\WindowsApps\www.msn.com-8E02E2B_1.0.0.0_neutral__q77jw2zwjvy92 [2023-02-12] (www.msn.com)
Solitaire FRVR -> C:\Program Files\WindowsApps\www.msn.com-F79F426E_1.0.0.1_neutral__q77jw2zwjvy92 [2023-10-16] (www.msn.com)
Startseite  Staudenfreunde -> C:\Program Files\WindowsApps\gds-staudenfreunde.de-1C4B8435_1.0.0.1_neutral__qg9r9qvxrk70j [2025-12-28] (gds-staudenfreunde.de)
Staudengärtnerei Gaißmayer (Pflanzendaten) -> C:\Program Files\WindowsApps\www.gaissmayer.de-6C5CE7BE_1.0.0.0_neutral__0k7pksr2c3c5c [2023-03-31] (www.gaissmayer.de)
Staudengärtnerei Gaißmayer (Pflanzendaten) -> C:\Program Files\WindowsApps\www.gaissmayer.de-9769D9E9_1.0.0.1_neutral__0k7pksr2c3c5c [2023-10-16] (www.gaissmayer.de)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2024-07-27] (VideoLAN)
Waldsteinia lobata (Waldsteinia mit Lappen, Barren Erdbeere mit Lappen, Barren Strawberry mit Lappen) - Verwendung, Vorteile und gebräuchliche Namen -> C:\Program Files\WindowsApps\www.selinawamucii.com-E8D51AEE_1.0.0.1_neutral__h77grymjjvpty [2025-12-28] (www.selinawamucii.com)
Was sind Winterhärtezonen? - Plantura -> C:\Program Files\WindowsApps\www.plantura.garden-731F3C29_1.0.0.1_neutral__javay0bkw47v8 [2025-12-28] (www.plantura.garden)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2587.9.0_x64__cv1g1gvanyjgm [2025-12-30] (WhatsApp Inc.) [Startup Task]
Wie man Hybrid-Windröschen anbaut und pflegt -> C:\Program Files\WindowsApps\www.picturethisai.com-B4712BF1_1.0.0.1_neutral__8pemh7k5ekhyc [2025-12-28] (www.picturethisai.com)
Winterhärtezonen im Überblick winterharte Pflanzen · Wächter Pflanzencenter -> C:\Program Files\WindowsApps\www.waechter-pflanzencenter.de-77D2E06F_1.0.0.1_neutral__q6m5ceemv6ndm [2025-12-28] (www.waechter-pflanzencenter.de)
YouTube -> C:\Program Files\WindowsApps\www.youtube.com-54E21B02_1.0.0.2_neutral__pd8mbgmqs65xy [2025-12-28] (www.youtube.com)
Zeigerwerte -> C:\Program Files\WindowsApps\www.oekologie-seite.de-1DA4294D_1.0.0.1_neutral__3n8wxn7ejyg7w [2025-12-28] (www.oekologie-seite.de)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\ChromeHTML: ->  <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-9973BD01F8E3} -> [Creative Cloud Files] => C:\Users\Horst\Creative Cloud Files [2020-06-20 18:33]
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll (Microsoft Corporation) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{7B8A4895-8074-9EBA-2B64-0C2FC00AEDCE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{97D9AC27-40D1-4F2B-973E-C8190480E3D9}\localserver32 -> C:\Users\Horst\AppData\Local\1&1 Mail & Media GmbH\MCDS\1\Application\1\activator.exe (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{9A527227-46B8-45B1-9BDF-62E4C71CC055}\InprocServer32 -> C:\Users\Horst\AppData\Local\1&1 Mail & Media GmbH\MCDS\1\Application\1\dbc.dll (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{AB9B6851-C94E-43B7-A304-F40DEA3FA09F}\localserver32 -> "c:\program files\musehub\current\musehub.exe" ----AppNotificationActivated: => Keine Datei
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{ACEA8D04-E06D-805A-1F4B-6A46CE1EB7EE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{AEBAFF06-B83A-4F24-9CC1-D63F9EAA2F86}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender 2.93\BlendThumb.dll (Stichting Blender Foundation -> )
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files (x86)\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [  AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-12-12] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-12-12] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-12-12] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-12-12] (Adobe Inc. -> )
ContextMenuHandlers1-x32: [ASZipF] -> {e03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\ASZSHLEXT.DLL [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers1: [ASZipF64] -> {e03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\aszshlext64.dll [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers1: [MVDShlext] -> {027B567F-6B25-42C1-9C0B-5CE8E04024BD} =>  -> Keine Datei
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [MGFolderIconBasicShellEx] -> {6b3c2037-775b-3a6e-9773-0bfcc92d8947} => G:\Program Files\MSTechFolderIconBasicShellEx.DLL -> Keine Datei
ContextMenuHandlers4: [MVDShlext] -> {027B567F-6B25-42C1-9C0B-5CE8E04024BD} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxDTCM.dll [2022-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-12-12] (Adobe Inc. -> )
ContextMenuHandlers6-x32: [ASZipF] -> {e03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\ASZSHLEXT.DLL [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers6: [ASZipF64] -> {e03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\aszshlext64.dll [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-08-19] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2006-10-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2006-10-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Horst\Favorites\Fotor for desktop.lnk -> hxxp://www.fotor.com/windows/review.htm
ShortcutWithArgument: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__jolaaineabphadfbdnebehahbneddjib\Mein schöner Garten  Pflanzen, Garten & Gartentipps.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=jolaaineabphadfbdnebehahbneddjib --app-url=hxxps://www.mein-schoener-garten.de/ --app-launch-source=4
ShortcutWithArgument: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__jihamkfopolkefphcacleadneejocbjp\Saatgut-Vielfalt  www.saatgut-vielfalt.de.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=jihamkfopolkefphcacleadneejocbjp --app-url=hxxps://www.saatgut-vielfalt.de/inhalt/geschichte --app-launch-source=4
ShortcutWithArgument: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__hokbbolikgdbclpcibfeflcdfilocfnl\Mahjong Deluxe.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=hokbbolikgdbclpcibfeflcdfilocfnl --app-url=hxxps://www.msn.com/de-de/play/mahjong-deluxe/cg-9pg0crrcqq20?ocid=cgpwa --app-launch-source=4
ShortcutWithArgument: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__gmjobpdpodpojmpfpjljmgfjgikblaak\Staudengärtnerei Gaißmayer (Pflanzendaten).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=gmjobpdpodpojmpfpjljmgfjgikblaak --app-url=hxxps://www.gaissmayer.de/web/shop/themenwelten/mit-stauden-gestalten/wild-und-naturgarten/stauden-fuer-naturnahe-pflanzungen/51/malva-sylvestris-var-mauritiana/8908/ --app-launc
ShortcutWithArgument: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__feeiifojcffkbednfkadleihdgbndnlh\Günther Blaich - Europäische Orchideen und andere Pflanzen - European orchids and other plants.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=feeiifojcffkbednfkadleihdgbndnlh --app-url=hxxp://www.guenther-blaich.de/ --app-launch-source=4
ShortcutWithArgument: C:\Users\Horst\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2017-09-25 21:05 - 2009-04-03 17:51 - 000336896 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enppmon.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\LOOXIS:{4A003100-7400-7300-4200-740077005100} [704]
AlternateDataStreams: C:\LOOXIS:{61004700-7900-7600-6E00-630043005400} [236]
AlternateDataStreams: C:\LOOXIS:{6E005900-4D00-2B00-4F00-4D0078006900} [704]
AlternateDataStreams: C:\ProgramData:NetOptimizer [294]
AlternateDataStreams: C:\Windows:CM_4536bcf519c7a8c697b63cf41dd9239b7eb9593ecc22faca240a5b6a64c20234 [74]
AlternateDataStreams: C:\Windows:CM_a751d84a57a0954e38fd5e625c6d6d4047d58bde2aeb7d4a85f5a8d2724b91d4 [74]
AlternateDataStreams: C:\Users\All Users:NetOptimizer [294]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NetOptimizer [294]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:3241321C [131]
AlternateDataStreams: C:\ProgramData\TEMP:810B9F0D [130]
AlternateDataStreams: C:\ProgramData\TEMP:B56E7461 [302]
AlternateDataStreams: C:\ProgramData\TEMP:DFB59A96 [122]
AlternateDataStreams: C:\Users\Horst\Documents\Apache_OpenOffice_V4.1.15.exe:BDU [0]
AlternateDataStreams: C:\Users\Horst\Documents\ashampoo_backup_2023_38725.exe:BDU [0]
AlternateDataStreams: C:\Users\Horst\Documents\ChromeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Horst\Documents\OperaSetup (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Horst\Documents\Opera_111.0.5168.43_Setup_x64.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {31BD138B-6AC5-484C-96F4-3E49E2D78DFC} URL = hxxps://go.gmx.net/br/ie_search_shopping/splugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {5083A602-2A2F-48B6-9E01-A949E74DF6BB} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {7B0DE5C9-898F-45E0-8C19-FECF88DC9136} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {8DE2F24E-0A2C-40B6-90C7-E11B772EF774} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {D8D808CB-8DD2-4649-906F-5F44064DAE80} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: GMX MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: GMX MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM - GMX MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - GMX MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Toolbar: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> GMX MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Handler-x32: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7942 mehr Seiten.

IE trusted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7946 mehr Seiten.


==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-09-29 14:46 - 2016-07-16 12:45 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts

2019-07-28 16:01 - 2022-07-13 18:04 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Network ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

DNS Servers: 192.168.68.204
 ist aktiviert.

Network Binding:
=============
Ethernet 2: Intel(R) Ethernet Connection (2) I219-LM -> e1d.sys
WLAN: Ugreen WIFI6 Wireless USB NIC -> aicusbwifi.sys
Ethernet 3: SAMSUNG Mobile USB Remote NDIS Network Device -> usb80236.sys

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> ;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Adobe\AGL;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Smart Projects\IsoBuster;Y:\PROGRAMME\QTSystem\;C:\Program Files\dotnet\;
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-947909773-2885354443-2675781160-1010\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\StartupFolder: => "StartRLCMS.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Ashampoo Backup PB"
HKLM\...\StartupApproved\Run: => "PrintDisp"
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKLM\...\StartupApproved\Run: => "MacrokeyManager"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "LogiBolt"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run: => "EPPCCMON"
HKLM\...\StartupApproved\Run: => "Bdagent"
HKLM\...\StartupApproved\Run: => "Ashampoo Backup"
HKLM\...\StartupApproved\Run: => "BraveVpnWireguardService"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKLM\...\StartupApproved\Run32: => "MailCheck IE Broker"
HKLM\...\StartupApproved\Run32: => "Lightkey Control Center"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\StartupFolder: => "Reallusion Hub.lnk"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\StartupFolder: => "mhelper.lnk"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\StartupFolder: => "SearchEngineOptimizer.lnk"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "QMxNetworkSync"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "CloudApp"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "EPSDNMON"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "LogiBolt"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6E2C73815817D7E02B41C013F4C55849"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneLaunchUpdater"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneLaunch"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneLaunchChromium"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "com.doctolib.pro.desktop"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OpenOffice Updater"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Opera Air Stable"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{CBF3F5DB-C621-4568-966F-62883472AD88}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\cdVideoJukebox.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> concept/design GmbH)
FirewallRules: [{09DA3DAC-FFA4-43E1-9D2F-E5658635EE77}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\cdVideoJukebox.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> concept/design GmbH)
FirewallRules: [{DF6CB94B-876E-42D4-8EDC-558B319ECC8C}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\AMasterMain.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> FRANZIS GmbH)
FirewallRules: [{A69A7793-ABAC-492C-848E-68D649807F3B}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\AMasterMain.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> FRANZIS GmbH)
FirewallRules: [{D93DDB5A-D20C-42F0-8811-6AD3E2A92B54}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\AMaster.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> FRANZIS Verlag GmbH)
FirewallRules: [{BBD6EF72-0681-4F96-9636-8371017077F0}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\AMaster.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> FRANZIS Verlag GmbH)
FirewallRules: [UDP Query User{FFF36456-D06A-48D6-8267-C4D634C1047E}C:\program files\presonus\studio one 4\studio one.exe] => (Allow) C:\program files\presonus\studio one 4\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{AC056B47-7D4F-420A-9DC2-7BEDFC5437DE}C:\program files\presonus\studio one 4\studio one.exe] => (Allow) C:\program files\presonus\studio one 4\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{577F997A-40EC-4A20-9385-F690FE09890A}C:\program files\presonus\studio one 4\studio one.exe] => (Allow) C:\program files\presonus\studio one 4\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{3816F851-D0B8-413C-A6D0-1451EB22AA41}C:\program files\presonus\studio one 4\studio one.exe] => (Allow) C:\program files\presonus\studio one 4\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{82AB3EFC-BC92-47F3-891A-365E613F4E16}C:\users\horst\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\horst\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B1C44072-1889-4C14-B73F-154365A5F566}C:\users\horst\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\horst\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{A2F28DC8-BEE4-41AF-B973-8C38283525CD}C:\users\horst\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\horst\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{594DDDCA-D253-4D1F-A983-FED18A7F0998}C:\users\horst\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\horst\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2933A59D-BE09-4E6D-B287-20A5B4B0D617}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [Datei ist nicht signiert]
FirewallRules: [{47F42FA9-2AE2-45CF-89BA-52A82A2F1F6C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [Datei ist nicht signiert]
FirewallRules: [{B83426C5-573C-4E4E-BF45-83B1E070A7FC}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{245F42AB-CAB6-4998-B20B-85D01799D177}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{589FABB2-C469-4BA8-BC19-DEAB760E1843}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37AB8189-FD24-4E63-B90B-684FE3670CA9}] => (Allow) LPort=31931
FirewallRules: [{FDCE0BC9-8514-417D-B704-B55AA2C4F668}] => (Allow) LPort=14714
FirewallRules: [{ADF12E9F-DFD5-4417-9D93-A5C81A3BD473}] => (Allow) LPort=12972
FirewallRules: [{6C290D82-D8A0-490C-B520-3D6152C8F702}] => (Allow) C:\Program Files (x86)\Music Recorder\Music Recorder 2016\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{8C763991-FC71-401C-835B-36770642759A}] => (Allow) LPort=53
FirewallRules: [{540DF1F0-A11D-402E-903D-427DB0B0A088}] => (Allow) LPort=53
FirewallRules: [{CA06D59F-1D64-4F1A-962F-99FE5F043266}] => (Allow) LPort=1542
FirewallRules: [{9707B72F-000D-455A-9664-4446FE315CEF}] => (Allow) LPort=1542
FirewallRules: [{1415630C-F8A8-4463-BC4C-44288E11E5EB}] => (Allow) C:\Program Files (x86)\Apowersoft\Beecut\BeeCut.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{14834C08-FFCD-4AC3-BA2F-47D165CE221D}] => (Allow) C:\Program Files (x86)\Apowersoft\Beecut\BeeCut.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{321DE7B7-E30C-43C0-BCB8-B7F927B77903}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero BackItup\NBService.exe (Nero AG -> Nero AG)
FirewallRules: [{9E138320-5C87-45FD-9E5E-3CB09E47E28B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero BackItup\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{DE10AFAE-0CFA-49E8-BC52-3D421AC3A7D2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{5D95BC7B-479A-4B06-B842-C3B63CFD55CE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2B4797CF-185B-479C-986F-4F983986460D}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{8EE2B736-BC18-458F-B158-85D74EE4E96D}C:\program files\logioptionsplus\logioptionsplus_agent.exe] => (Allow) C:\program files\logioptionsplus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{401CA946-3340-4715-B5AB-0F0887BBB13F}C:\program files\logioptionsplus\logioptionsplus_agent.exe] => (Allow) C:\program files\logioptionsplus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{47167B7B-EDA1-4416-AEBB-51A9C7FE14F6}C:\program files\logioptionsplus\logioptionsplus_agent.exe] => (Block) C:\program files\logioptionsplus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{9C82208F-0D77-4482-82C9-592B1A84FB9D}C:\program files\logioptionsplus\logioptionsplus_agent.exe] => (Block) C:\program files\logioptionsplus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{55E42E98-8ED2-4020-984F-5CE048D1B6BE}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{209FC917-FE9B-458A-A9EB-825F1F137EE8}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{1CC73C07-0143-449E-B92E-13778694A894}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{5D1275F0-AAB5-44A4-BEFA-46DEBFE02E25}] => (Allow) C:\Program Files\Audials\AudialsOneEdition 2024\Audials.exe => Keine Datei
FirewallRules: [{5CCB13C4-878C-4DC1-9869-8DF0E25E17F8}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{15B83743-99F3-4248-807A-1E6F66345B5F}] => (Allow) C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{0F13DFB0-4324-4FCC-8B24-DCBDFF8132EE}] => (Allow) C:\Program Files\Audials\VisionEdition 2024\Audials.exe => Keine Datei
FirewallRules: [{07846DBD-3197-4CC2-B6C3-7E11FF473276}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3D7E19DD-C6CA-46F7-885D-D912A6B16E21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0A6B281-127B-4DE4-B767-16E65C3CB79B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3FFD9D4-00B1-4EE3-84DF-BBF00E55D094}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BABBECB0-D86C-479C-A141-0CBB31C1F8F0}] => (Allow) C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{DBD1B99C-102F-45E4-990E-569CB1915F62}C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe => Keine Datei
FirewallRules: [UDP Query User{3E39EC19-3A86-4AC6-98FC-BB456A4AB0B6}C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe => Keine Datei
FirewallRules: [{3EEA9823-9587-4A40-8CF4-ACEADE2BF39B}] => (Allow) C:\Program Files\Audials\VisionEdition 2026\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [TCP Query User{852AC122-13C2-4221-A926-0902A2897EC8}C:\users\horst\appdata\local\programs\opera air\opera.exe] => (Allow) C:\users\horst\appdata\local\programs\opera air\opera.exe => Keine Datei
FirewallRules: [UDP Query User{18E9A897-542F-48EC-B04A-2BC85CCF87E6}C:\users\horst\appdata\local\programs\opera air\opera.exe] => (Allow) C:\users\horst\appdata\local\programs\opera air\opera.exe => Keine Datei
FirewallRules: [TCP Query User{2CECC440-77E1-4E35-AEEC-BA47A7A6AB54}C:\users\horst\appdata\local\programs\opera air\opera.exe] => (Allow) C:\users\horst\appdata\local\programs\opera air\opera.exe => Keine Datei
FirewallRules: [UDP Query User{66CF8B42-6247-4A12-B4F5-B6C23AEC2D6C}C:\users\horst\appdata\local\programs\opera air\opera.exe] => (Allow) C:\users\horst\appdata\local\programs\opera air\opera.exe => Keine Datei
FirewallRules: [{8D314AFD-F087-46EE-9D92-E41A893C8427}] => (Allow) LPort=80
FirewallRules: [{AF95B744-6AC5-49AD-8843-6311FA0DE95D}] => (Allow) LPort=80
FirewallRules: [{E87837D1-A688-4DF0-9407-80D9FB8B3652}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{FC667696-6E03-4CA6-8C9E-99C67D2BB7F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DD37AE8A-C176-440C-A117-77EB793AE804}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{4F8F8520-650F-4FD0-9AC0-4F1FE315EB9F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{EDD6E01F-A986-40D2-928F-3F4EE384CEA6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{AE81007D-B32E-49F1-8282-5B43924547A9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{5B78A22D-6D3E-46E4-AECD-D0CE4B81F74B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7F6F4EEC-09A8-46FB-9E97-7AFB4A20F629}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{509DA566-F538-4D20-B4A0-421A2EEDAB81}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{990AE47E-2933-4D5E-8CDE-A1579F1F1E47}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

02-01-2026 16:12:55 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager ============

==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (01/04/2026 11:55:51 AM) (Source: CertEnroll) (EventID: 87) (User: NT-AUTORITÄT)
Description: Fehler bei der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Sun, 04 Jan 2026 10:55:51 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 49cacfef-c784-4f03-b06e-e61e964f22ea

Methode: POST(2718ms)
Phase: SubmitDone
Ungültige Anforderung (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (01/04/2026 10:56:51 AM) (Source: CertEnroll) (EventID: 87) (User: NT-AUTORITÄT)
Description: Fehler bei der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Sun, 04 Jan 2026 09:56:50 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 58ab52e2-d721-4f3b-a69f-976a70f6beef

Methode: POST(8547ms)
Phase: SubmitDone
Ungültige Anforderung (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (01/04/2026 10:15:31 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(16ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (01/03/2026 03:52:25 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(94ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (01/02/2026 01:52:08 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(15ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (01/01/2026 05:11:35 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(16ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (01/01/2026 02:11:34 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(78ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (12/31/2025 10:33:20 PM) (Source: CertEnroll) (EventID: 87) (User: NT-AUTORITÄT)
Description: Fehler bei der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Wed, 31 Dec 2025 21:33:20 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f0a177b2-ca3e-4eb2-a5fc-aadd5b837abd

Methode: POST(2297ms)
Phase: SubmitDone
Ungültige Anforderung (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)


Systemfehler:
=============
Error: (01/04/2026 12:00:33 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Die Zertifizierungsstelle/Schlüssel für den sicheren Start müssen aktualisiert werden. Diese Gerätesignaturinformationen sind hier enthalten.
DeviceAttributes: BaseBoardManufacturer:Gigabyte Technology Co., Ltd.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:F23d;OEMModelNumber:Q170M-D3H;OEMModelBaseBoard:Q170M-D3H-CF;OEMModelSystemFamily:Default string;OEMManufacturerName:Gigabyte Technology Co., Ltd.;OEMModelSKU:Default string;OSArchitecture:amd64;
BucketId: 89f33aecfc29e81c14591c9ed947ae2900580226bb9fcbcffa2e6448b96fe9fd
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (01/04/2026 11:55:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WEPHOSTSVC" wurde mit folgendem Fehler beendet:
Bei der Verarbeitung der Steuerungsanforderung ist ein Ausnahmefehler im Dienst aufgetreten.

Error: (01/04/2026 11:55:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "workfolderssvc" ist vom Dienst "WSearch" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (01/04/2026 11:01:32 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Die Zertifizierungsstelle/Schlüssel für den sicheren Start müssen aktualisiert werden. Diese Gerätesignaturinformationen sind hier enthalten.
DeviceAttributes: BaseBoardManufacturer:Gigabyte Technology Co., Ltd.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:F23d;OEMModelNumber:Q170M-D3H;OEMModelBaseBoard:Q170M-D3H-CF;OEMModelSystemFamily:Default string;OEMManufacturerName:Gigabyte Technology Co., Ltd.;OEMModelSKU:Default string;OSArchitecture:amd64;
BucketId: 89f33aecfc29e81c14591c9ed947ae2900580226bb9fcbcffa2e6448b96fe9fd
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (01/04/2026 10:56:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WEPHOSTSVC" wurde mit folgendem Fehler beendet:
Bei der Verarbeitung der Steuerungsanforderung ist ein Ausnahmefehler im Dienst aufgetreten.

Error: (01/04/2026 10:56:32 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "workfolderssvc" ist vom Dienst "WSearch" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (01/04/2026 10:56:31 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎01.‎2026 um 10:40:16 unerwartet heruntergefahren.

Error: (01/04/2026 10:20:23 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Die Zertifizierungsstelle/Schlüssel für den sicheren Start müssen aktualisiert werden. Diese Gerätesignaturinformationen sind hier enthalten.
DeviceAttributes: BaseBoardManufacturer:Gigabyte Technology Co., Ltd.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:F23d;OEMModelNumber:Q170M-D3H;OEMModelBaseBoard:Q170M-D3H-CF;OEMModelSystemFamily:Default string;OEMManufacturerName:Gigabyte Technology Co., Ltd.;OEMModelSKU:Default string;OSArchitecture:amd64;
BucketId: 89f33aecfc29e81c14591c9ed947ae2900580226bb9fcbcffa2e6448b96fe9fd
BucketConfidenceLevel:
UpdateType: 0
HResult: 0


Windows Defender:
================
Date: 2026-01-04 10:47:07
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/DownloadSponsor&threatid=311978&enterprise=0
Name: PUADlManager:Win32/DownloadSponsor
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_B:\SIK Handy Papa 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\Downloads\Vollversion_ Adobe InDesign CS2 - CHIP Installer _RbW9v.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-7PAH99J\Horst
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.443.499.0, AS: 1.443.499.0, NIS: 1.443.499.0
Modulversion: AM: 1.1.25110.1, NIS: 1.1.25110.1

Date: 2026-01-03 22:07:37
Description:
Microsoft Defender Antivirus šςåπ нăş взéй šţôφρēδ ьëƒθŗé ςőмрŀęтîöп.%ñ %τЅĉàʼn ĪĎ:%ъ{E94A7685-C249-4221-81AB-77B4ADF1AC49}%ń %ţЅ¢ąη Τўρê:%вAntimalware%п %ţŠćāŋ Рαѓāmзτёŗŝ:%ъSchnellüberprüfung%ʼn  %тŰšёŕ:%ьNT-AUTORITÄT\SYSTEM%ñ %ťŞтôφ Ґεªšòŋ:%ъЅćн℮δύŀëđ ѕčåй щąš ŝķïρрĕδ ъеċǻúşε ťĥě łάѕτ śυсĉĕѕšƒџļ ѕ¢āη ώªŝ ẃĩτћïл ţħе ℓãşт 7 ďαуŝ

Date: 2026-01-03 17:48:54
Description:
Microsoft Defender Antivirus šςåπ нăş взéй šţôφρēδ ьëƒθŗé ςőмрŀęтîöп.%ñ %τЅĉàʼn ĪĎ:%ъ{70691BE9-230C-4E04-B0CC-9D51D120065D}%ń %ţЅ¢ąη Τўρê:%вAntimalware%п %ţŠćāŋ Рαѓāmзτёŗŝ:%ъSchnellüberprüfung%ʼn  %тŰšёŕ:%ьNT-AUTORITÄT\SYSTEM%ñ %ťŞтôφ Ґεªšòŋ:%ъŔΡ€ ĉοñηĕċţīōп ґůňďöẃň

Date: 2026-01-03 17:43:02
Description:
Microsoft Defender Antivirus šςåπ нăş взéй šţôφρēδ ьëƒθŗé ςőмрŀęтîöп.%ñ %τЅĉàʼn ĪĎ:%ъ{F968E42E-DC9B-45A4-95D8-2B507F3344B8}%ń %ţЅ¢ąη Τўρê:%вAntimalware%п %ţŠćāŋ Рαѓāmзτёŗŝ:%ъSchnellüberprüfung%ʼn  %тŰšёŕ:%ьNT-AUTORITÄT\SYSTEM%ñ %ťŞтôφ Ґεªšòŋ:%ъŔΡ€ ĉοñηĕċţīōп ґůňďöẃň

Date: 2026-01-03 17:35:13
Description:
Microsoft Defender Antivirus šςåπ нăş взéй šţôφρēδ ьëƒθŗé ςőмрŀęтîöп.%ñ %τЅĉàʼn ĪĎ:%ъ{F9CDF4EB-AB6F-453F-8031-DBE1C6BE3384}%ń %ţЅ¢ąη Τўρê:%вAntimalware%п %ţŠćāŋ Рαѓāmзτёŗŝ:%ъSchnellüberprüfung%ʼn  %тŰšёŕ:%ьNT-AUTORITÄT\SYSTEM%ñ %ťŞтôφ Ґεªšòŋ:%ъŔΡ€ ĉοñηĕċţīōп ґůňďöẃň

CodeIntegrity:
===============
Date: 2025-12-22 21:49:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. F23d 02/26/2018
Hauptplatine: Gigabyte Technology Co., Ltd. Q170M-D3H-CF
Prozessor: Intel(R) Core(TM) i5-6600 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 16254.36 MB
Verfügbarer physikalischer RAM: 10290.43 MB
Summe virtueller Speicher: 18686.36 MB
Verfügbarer virtueller Speicher: 12918.46 MB

==================== Laufwerke ================================

Drive b: (System 2) (Fixed) (Total:1863.01 GB) (Free:1621.99 GB) (Model: Intenso SSD Sata III) NTFS
Drive c: (Windows 10) (Fixed) (Total:475.55 GB) (Free:15.75 GB) (Model: SAMSUNG MZ7LN512HMJP-00000) NTFS
Drive m: (INTERN 1) (Fixed) (Total:1862.89 GB) (Free:245.71 GB) (Model: TOSHIBA DT01ACA200) NTFS
Drive z: (EXTERN 0_07.2024_SIKO Foto) (Fixed) (Total:3726.01 GB) (Free:1666.71 GB) (Model: ST4000VX016-3CV104) NTFS

\\?\Volume{805e9cde-1aee-4c53-979f-187b074f8ebc}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{c9c68501-a3db-42c9-a724-a85d64a5765c}\ () (Fixed) (Total:0.84 GB) (Free:0.18 GB) NTFS
\\?\Volume{f27c94eb-b936-4157-8d17-76852eb05c9f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 34F748A4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt =======================
Ich habe noch diese merkwürdigen Verhaltensweisen gefunden:

1. Windows Update hatte ich am 21.12. auf auto gestellt - trotzdem konnte ich heute das neueste Update manuell aufspielen. Aber evtl. war der Rechner noch weiter hinten in der Warteschlange.

2. Hibernation-Modus nicht im Startmenü vorhanden. In den Energieeinstellungen eingeschaltet, benutzt - nach Wiederhochfahren wieder weg. Dafür kommt beim Hochfahren immer die Admin-Frage ob die Energieeinstellungen gestartet werden dürfen.

3. Rem-VBSworm heruntergeladen um eine vorher an diesen PC angeschlossene externe USB-Festplatte zu prüfen (alle externen USB-Geräte außer WLAN-Stick, Handy für USB-Tethering und Dongle für Tastatur und Maus hatte ich entfernt).
Beim Start kam die Defender-Meldung daß zum Smartscreen keine Verbindung aufgenommen werden kann.
Merkwürdige Beobachtung: Unten in der Meldung gibt es die beiden Buttons "nicht ausführen" und "Laufen". Das zweite klingt wie eine schlechte Übersetzung aus dem Chinesischen. Ist das echt?

Ich hoffe die Infos sind hilfreich. Vielen Dank schonmal im Voraus für Eure Hilfe!

M-K-D-B 04.01.2026 14:02
:hallo:


Mein Name ist Matthias und ich werde dir bei der Analyse und Bereinigung deines Systems helfen.




Ich denke nicht, dass das Problem mit dem WLAN-USB-Stick an Malware liegt.


Allerdings befindet sich Adware und PUP auf deinem System.
Darum sollten wir uns kümmern.




Eine kurze Information vorab:

Downloadquellen
Die folgenden Seiten verteilen Software häufig mit einem sog. "Installer", mit dem Potentiell Unerwünschte Programme (PUP) oder Adware installiert werden können.

WARNUNG!!! Vermeide unbedingt die folgenden Seiten:
  • audacity.de
  • Chip.de
  • computerbild.de
  • gimp24.de
  • jdownloader.org
  • keepass.de
  • openoffice.de
  • office.org
  • Softonic.de
  • sourceforge.net
  • updatestar.com
  • VLC.de

Lade Software immer direkt beim jeweiligen Hersteller / Entwickler.

Alternative:
Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> chocolatey Paketmanager für Windows

Wir empfehlen dringend, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein.
Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch)
Selbstverständlich darfst du auch Fragen zu chocolatey im o.g. Thread zu chocolatey stellen.







Schritt 1 - AdwCleaner
Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.



Schritt 2 - MBAM
Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.



Schritt 3 - Neuer FRST-Scan
  • Starte FRST erneut und klicke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

EndeVomLatei 05.01.2026 22:03
AdwCleaner Resultate
 
Hallo Matthias,

vielen herzlichen Dank für Deine rasche Antwort. Leider habe ich erst jetzt wieder Zugriff auf den infizierten Rechner.
Der AdwCleaner hat 70 (!) problematische Dinge gefunden.
Hier sind die beiden Logdateien:

AdwCleaner[C00].txt
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.7.0.619
# -------------------------------
# Build:    12-17-2025
# Database: 2025-12-16.1 (Cloud)
# Support:  https://help.malwarebytes.com/
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-05-2026
# Duration: 00:00:02
# OS:      Windows 10 (Build 19045.6466)
# Cleaned:  68
# Failed:  2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted      C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted      C:\Program Files (x86)\Lavasoft\Web Companion
Deleted      C:\ProgramData\Digital Protection Services S.R.L
Deleted      C:\ProgramData\IObit\Advanced SystemCare
Deleted      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player
Deleted      C:\Users\Horst\AppData\LocalLow\IObit\Advanced SystemCare
Deleted      C:\Users\Horst\AppData\Roaming\DESKTOPICONAMAZON
Deleted      C:\Users\Horst\AppData\Roaming\IObit\Advanced SystemCare
Deleted      C:\Users\Horst\AppData\Roaming\OpenOffice Updater

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted      HKCU\SOFTWARE\27ce9fa05c3947dc99ac7a6bd52f3e16
Deleted      HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS|AppMaster.exe
Deleted      HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_CLIPCHILDREN_OPTIMIZATION|AppMaster.exe
Deleted      HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING|AppMaster.exe
Deleted      HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE|AppMaster.exe
Deleted      HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_DOCUMENT_ZOOM|AppMaster.exe
Deleted      HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Run|OpenOffice Updater
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\OpenOffice Updater
Deleted      HKCU\Software\OpenOffice Updater
Deleted      HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Deleted      HKLM\Software\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted      HKLM\Software\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted      HKLM\Software\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Deleted      HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted      HKLM\Software\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Deleted      HKLM\Software\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Deleted      HKLM\Software\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Deleted      HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted      HKLM\Software\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
Deleted      HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted      HKLM\Software\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
Deleted      HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted      HKLM\Software\VLCPP
Deleted      HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted      HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted      HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted      HKLM\Software\Wow6432Node\VLCPP
Deleted      HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioCDGrabber2.DLL
Deleted      HKLM\Software\Wow6432Node\\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Deleted      HKLM\Software\Wow6432Node\\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Deleted      HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted      HKLM\Software\Wow6432Node\\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted      HKLM\Software\Wow6432Node\\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Deleted      HKLM\Software\Wow6432Node\\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Deleted      HKLM\Software\Wow6432Node\\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted      HKLM\Software\Wow6432Node\\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Deleted      HKLM\Software\Wow6432Node\\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Deleted      HKLM\Software\Wow6432Node\\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Deleted      HKLM\Software\Wow6432Node\\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted      HKLM\Software\Wow6432Node\\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
Deleted      HKLM\Software\Wow6432Node\\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted      HKLM\Software\Wow6432Node\\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
Deleted      HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted      HKLM\Software\qdu-pr
Deleted      HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted      HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted      HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted      HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted      HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted      HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Not Deleted  HKLM\Software\Microsoft\Internet Explorer\Toolbar|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Not Deleted  HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{C424171E-592A-415A-9EB1-DFD6D95D3530}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9142 octets] - [05/01/2026 21:21:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
AdwCleaner[S00].txt
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.7.0.619
# -------------------------------
# Build:    12-17-2025
# Database: 2025-12-16.1 (Cloud)
# Support:  https://help.malwarebytes.com/
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    01-05-2026
# Duration: 00:00:51
# OS:      Windows 10 (Build 19045.6466)
# Scanned:  32084
# Detected: 71


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\Horst\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\Horst\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Fake.OpenOfficeUpdater C:\Users\Horst\AppData\Roaming\OpenOffice Updater
PUP.Optional.Legacy            C:\Users\Horst\AppData\Roaming\DESKTOPICONAMAZON
PUP.Optional.QuickDriverUpdater C:\ProgramData\Digital Protection Services S.R.L
PUP.Optional.VLCPlusPlayer.DE  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player
PUP.Optional.WebCompanion      C:\Program Files (x86)\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic            HKCU\SOFTWARE\27ce9fa05c3947dc99ac7a6bd52f3e16
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.AppMaster          HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS|AppMaster.exe
PUP.Optional.AppMaster          HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_CLIPCHILDREN_OPTIMIZATION|AppMaster.exe
PUP.Optional.AppMaster          HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING|AppMaster.exe
PUP.Optional.AppMaster          HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE|AppMaster.exe
PUP.Optional.AppMaster          HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_DOCUMENT_ZOOM|AppMaster.exe
PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater
PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\Microsoft\Windows\CurrentVersion\Run|OpenOffice Updater
PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\OpenOffice Updater
PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\OpenOffice Updater
PUP.Optional.FreeMakeConverter  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
PUP.Optional.Legacy            HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy            HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy            HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy            HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy            HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy            HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Legacy            HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
PUP.Optional.Legacy            HKLM\Software\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
PUP.Optional.Legacy            HKLM\Software\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy            HKLM\Software\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
PUP.Optional.Legacy            HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy            HKLM\Software\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
PUP.Optional.Legacy            HKLM\Software\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
PUP.Optional.Legacy            HKLM\Software\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
PUP.Optional.Legacy            HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy            HKLM\Software\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
PUP.Optional.Legacy            HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy            HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy            HKLM\Software\Microsoft\Internet Explorer\Toolbar|{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioCDGrabber2.DLL
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy            HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy            HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Legacy            HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy            HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.QuickDriverUpdater HKLM\Software\qdu-pr
PUP.Optional.ReviverSoft        HKLM\Software\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
PUP.Optional.ReviverSoft        HKLM\Software\Wow6432Node\\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
PUP.Optional.VLCPlusPlayer.DE  HKLM\Software\VLCPP
PUP.Optional.VLCPlusPlayer.DE  HKLM\Software\Wow6432Node\VLCPP
PUP.Optional.WebCompanion      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion      HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion      HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.CyberLinkShellExtension  Registry  HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Hallo Matthias,

hier noch der MBAM Scan-Bericht.

Viele Grüße,

Jörg

Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 05.01.2026
Scan-Zeit: 21:40
Protokolldatei: d34e8cb2-ea76-11f0-9716-408d5cb15b29.json

-Softwaredaten-
Version: 5.4.5.226
Komponentenversion: 146.0.5441
Version des Aktualisierungspakets: 1.0.106143
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.6466)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-7PAH99J\Horst

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 313788
Erkannte Bedrohungen: 51
In die Quarantäne verschobene Bedrohungen: 51
Abgelaufene Zeit: 17 Min., 29 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.DriverMax, HKLM\SOFTWARE\WOW6432NODE\INNOVATIVE SOLUTIONS\DriverMax, In Quarantäne, 4377, 811917, 1.0.106143, , ame, , ,
PUP.Optional.DriverMax, HKU\S-1-5-21-947909773-2885354443-2675781160-1001\SOFTWARE\INNOVATIVE SOLUTIONS\DriverMax, In Quarantäne, 4377, 811919, 1.0.106143, , ame, , ,

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 5
PUP.Optional.DriverMax, C:\PROGRAM FILES (X86)\INNOVATIVE SOLUTIONS\DRIVERMAX, In Quarantäne, 4377, 812207, 1.0.106143, , ame, , ,
PUP.Optional.DriverMax, C:\USERS\HORST\APPDATA\LOCAL\INNOVATIVE SOLUTIONS\DRIVERMAX, In Quarantäne, 4377, 812461, 1.0.106143, , ame, , ,
PUP.Optional.DriverMax, C:\USERS\HORST\APPDATA\ROAMING\INNOVATIVE SOLUTIONS\DRIVERMAX, In Quarantäne, 4377, 812462, 1.0.106143, , ame, , ,
PUP.Optional.StartPage, C:\USERS\HORST\APPDATA\LOCAL\MICROSOFT\EDGE\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , ,
PUP.Optional.StartPage, C:\USERS\HORST\APPDATA\LOCAL\MICROSOFT\EDGE\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 78, 1089830, 1.0.106143, , ame, , ,

Datei: 44
PUP.Optional.SearchEngineOptimizer, C:\$RECYCLE.BIN\S-1-5-21-947909773-2885354443-2675781160-1001\$R0NI876\SEO.EXE, In Quarantäne, 5874, 1299817, 1.0.106143, , ame, , C36F32EF1A0AD22C1C771A368906494E, C73C578DA2DF1D239AC3CD848109D436CDEF964CC48FF3DFE04714AB7E7377BD
PUP.Optional.WebCompanion, C:\$RECYCLE.BIN\S-1-5-21-947909773-2885354443-2675781160-1001\$R5G1Z7O\LAVASOFT.WCASSISTANT.WINSERVICE.EXE, In Quarantäne, 4862, 1219671, 1.0.106143, , ame, , FCB02DD8FE263246A2BC79E4B9B4875E, A47472E7F857EE97B36E1294FB5AD139F0BE05A7D10CB3662052A61D72ABCEC0
PUP.Optional.SearchEngineOptimizer, C:\$RECYCLE.BIN\S-1-5-21-947909773-2885354443-2675781160-1001\$R0NI876\UNINSTALL.EXE, In Quarantäne, 5874, 1299817, 1.0.106143, , ame, , 3A450A1A3B73CD18265F6FCF91B55506, DE0912B303BBBB870FC5D30D352DACC71D994A05B786EE99635AB7C8406BD62C
PUP.Optional.BundleInstaller, B:\SIK HANDY PAPA 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\DOWNLOADS\VOLLVERSION_ ASHAMPOO SNAP 16 - CHIP INSTALLER _3IQ6V.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.BundleInstaller, B:\SIK HANDY PAPA 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\DOWNLOADS\VOLLVERSION_ WISE CARE 365 PRO - CHIP INSTALLER _XSV6V.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.BundleInstaller, B:\SIK HANDY PAPA 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\DOWNLOADS\WRSETUP (1).EXE, In Quarantäne, 82, 1137222, 1.0.106143, , ame, , 1872229E6B90011742E0669504CC15A3, E1777C300861BFD8BC925D9FFF949A62257FAC1D3BDBD06325A534692AAB3762
PUP.Optional.ChipDe, B:\SIK HANDY PAPA 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\DOWNLOADS\VOLLVERSION_ ADOBE INDESIGN CS2 - CHIP INSTALLER _RBW9V.EXE, In Quarantäne, 2745, 562568, 1.0.106143, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
PUP.Optional.BundleInstaller, B:\SIK HANDY PAPA 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\DOWNLOADS\VOLLVERSION_ BECKERCAD 12 3D - CHIP INSTALLER _FHW6V.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.BundleInstaller, B:\SIK HANDY PAPA 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\DOWNLOADS\WRSETUP.EXE, In Quarantäne, 82, 1137222, 1.0.106143, , ame, , 1872229E6B90011742E0669504CC15A3, E1777C300861BFD8BC925D9FFF949A62257FAC1D3BDBD06325A534692AAB3762
PUP.Optional.BundleInstaller, B:\SIK HANDY PAPA 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\DOWNLOADS\VOLLVERSION_ 3-IN1-PAKET F\u00c3\u00bcR SCHWARZ-WEI\u00c3\u009f-FOTOGRAFIE - CHIP INSTALLER _OIW6V.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.BundleInstaller, B:\SIK HANDY PAPA 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\DOWNLOADS\VOLLVERSION_ ADOBE INDESIGN CS2 - CHIP INSTALLER _5OFRV.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.BundleInstaller, B:\SIK HANDY PAPA 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\DOWNLOADS\VOLLVERSION_ NERO AI IMAGE UPSCALER PRO 365 - CHIP INSTALLER _54W6V.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.BundleInstaller, C:\PROGRAM FILES (X86)\FALCO BILLIARD\GAME.EXE, In Quarantäne, 82, 1214487, 1.0.106143, , ame, , 6FFC2812F9E4048FD38B5E590536631E, 48281CC7837D22302280E202702C81832371B5249442B783B656C52E313A8A86
PUP.Optional.ChipDe, C:\USERS\HORST\DOCUMENTS\PHOTOSHOP VORLAGENPAKET - CHIP INSTALLER _ZAD0X.EXE, In Quarantäne, 2745, 562568, 1.0.106143, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
PUP.Optional.StartPage, C:\USERS\HORST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 78, 1089829, 1.0.106143, , ame, , 39E482493E73D825C50E3DDAB05CEEB8, F817E6BE6C02E403896BDD3DEE1197E89F71BD73C3FEA2749F81854A62D31066
PUP.Optional.StartPage, C:\USERS\HORST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 78, 1089830, 1.0.106143, , ame, , 39E482493E73D825C50E3DDAB05CEEB8, F817E6BE6C02E403896BDD3DEE1197E89F71BD73C3FEA2749F81854A62D31066
PUP.Optional.StartPage, C:\USERS\HORST\APPDATA\LOCAL\MICROSOFT\EDGE\USER DATA\Default\Web Data, Ersetzt, 78, 1089829, 1.0.106143, , ame, , 06E80D3163CDCDBD78238040D13C2D49, 2A4EDF0A984D54F0E11855C7058E74E654FE8AD80FE18317E4C6FAF2B3FD355F
PUP.Optional.StartPage, C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\000005.ldb, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , 14245AF5CF50572507F7E00D2AF35D16, 1FA016EF22AFC2C9C55625FA90FDB9E99A6BBA4F9BF60BAF6114E141565ABB4F
PUP.Optional.StartPage, C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\004678.ldb, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , 9DECBCC7D101CB1F137672BE75251CAC, 6B0DEFD1293B42644925AD6DDF9B650DA6055343F4EEB37C7B7B4BB3FA62CDB0
PUP.Optional.StartPage, C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\004681.ldb, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , DF980345B15198754E602147FD31112A, 8BBCE4DB5A17E5702D093107E426E1D21ECAA4239C3701D4281536C523A6AEAA
PUP.Optional.StartPage, C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\004682.log, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , FF5174DAF48247C018AFBC57C97F5B60, 70EDECD3904241C27A943C131FEED35BF5BFA232D4F7302453A7DF8ABD65B597
PUP.Optional.StartPage, C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\004683.ldb, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , E94F2E3F1AD7F9F52576F788A831C130, 5D14098085797A83F1058BF028B126E25C7599412BFDF2BDAD6DDC87955575DD
PUP.Optional.StartPage, C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\CURRENT, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.StartPage, C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOCK, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , ,
PUP.Optional.StartPage, C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , 3CBC2DB3C742F4A6C751ABE19A0F6D13, 155E65398ADF9910CFE8BA5A928A3F5BFFAA18714828FD8FD84107E631B2A2DE
PUP.Optional.StartPage, C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , 494934CE22D6F4A0817B68CCCE773526, DE44293FE41C19CFBEF7DEDBDD5D21D53FFE03A1928C77E6E3D4116670C46864
PUP.Optional.StartPage, C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, In Quarantäne, 78, 1089829, 1.0.106143, , ame, , BE6A1BBA2E7242D5C7D56CE584F72CFA, 1D3B3743A6C383A5CBCE81BDE5F3E4EA60CC0E4488169A1972E8565C1FC67B57
PUP.Optional.StartPage, C:\USERS\HORST\APPDATA\LOCAL\MICROSOFT\EDGE\USER DATA\Default\Web Data, Ersetzt, 78, 1089830, 1.0.106143, , ame, , 06E80D3163CDCDBD78238040D13C2D49, 2A4EDF0A984D54F0E11855C7058E74E654FE8AD80FE18317E4C6FAF2B3FD355F
PUP.Optional.OneStart, C:\USERS\HORST\DOCUMENTS\FONTS\ONESTARTPDFDIRECT.MSI, In Quarantäne, 8147, 1288056, 1.0.106143, , ame, , E5869064F95AA66ED6929D8F80706200, 7D5E85DBDBF85ED033BE48F7EF38EF438BE15DB869B2950A359F9E23CC1F58CB
PUP.Optional.BundleInstaller, C:\USERS\HORST\DOCUMENTS\VOLLVERSION_ BECKERCAD 12 3D - CHIP INSTALLER _FHW6V.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.BundleInstaller, C:\USERS\HORST\DOCUMENTS\VOLLVERSION_ AUDIALS VISION 2026 SE - CHIP INSTALLER _PDERV.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.ChipDe, C:\USERS\HORST\DOCUMENTS\VOLLVERSION_ GOOGLE EARTH PRO - CHIP INSTALLER _E5NAV.EXE, In Quarantäne, 2745, 562568, 1.0.106143, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
PUP.Optional.BundleInstaller, C:\USERS\HORST\DOCUMENTS\7-ZIP (64 BIT) - CHIP INSTALLER _SUDJV.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.BrowserHijack, C:\USERS\HORST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, 10305, 1361636, 1.0.106143, , ame, , 753FAD6B0D364CAD0CF00BF2D9E0C7A2, 72CC6359C9F8B1A3F77F3F1128B329950594AC369B09479BEA25793E3888550B
PUP.Optional.BrowserHijack, C:\USERS\HORST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 10305, 1361723, 1.0.106143, , ame, , 39E482493E73D825C50E3DDAB05CEEB8, F817E6BE6C02E403896BDD3DEE1197E89F71BD73C3FEA2749F81854A62D31066
PUP.Optional.BundleInstaller, C:\USERS\HORST\DOCUMENTS\VOLLVERSION_ AUTODESK SKETCHBOOK - CHIP INSTALLER _OZ0XV.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.StartPage, C:\USERS\HORST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 78, 1089829, 1.0.106143, , ame, , 39E482493E73D825C50E3DDAB05CEEB8, F817E6BE6C02E403896BDD3DEE1197E89F71BD73C3FEA2749F81854A62D31066
PUP.Optional.BrowserHijack, C:\USERS\HORST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 10305, 1361636, 1.0.106143, , ame, , 39E482493E73D825C50E3DDAB05CEEB8, F817E6BE6C02E403896BDD3DEE1197E89F71BD73C3FEA2749F81854A62D31066
PUP.Optional.BrowserHijack, C:\USERS\HORST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, 10305, 1361723, 1.0.106143, , ame, , 753FAD6B0D364CAD0CF00BF2D9E0C7A2, 72CC6359C9F8B1A3F77F3F1128B329950594AC369B09479BEA25793E3888550B
PUP.Optional.OneStart, C:\USERS\HORST\DOCUMENTS\FONTS\ONESTARTINSTALLER-V5.5.244.0.MSI, In Quarantäne, 8147, 1288056, 1.0.106143, , ame, , 40170AC9A14FFDDE99A72AE6DF444287, C826B208E30168A7CCF9FB34A18927D60C6A4686BC5E84076216217EE9D7D3FB
PUP.Optional.BundleInstaller, C:\USERS\HORST\DOCUMENTS\KRITA STUDIO - CHIP INSTALLER _YZ0XV.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.ChipDe, C:\USERS\HORST\DOCUMENTS\VOLLVERSION_ ADOBE ILLUSTRATOR CS2 - CHIP INSTALLER _VAFEV.EXE, In Quarantäne, 2745, 562568, 1.0.106143, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
PUP.Optional.BundleInstaller, C:\USERS\HORST\DOCUMENTS\VOLLVERSION_ BACKUP MAKER PROFESSIONAL - CHIP INSTALLER _HEJ6V.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB
PUP.Optional.BundleInstaller, C:\USERS\HORST\DOCUMENTS\VOLLVERSION_ DEEP ART CREATOR - KI-BILDGENERATOR - CHIP INSTALLER _35VFV.EXE, In Quarantäne, 82, 1367328, 1.0.106143, , ame, , 49AEEF9FCA98082A8E5722F530C0B3D0, 7D831037EA0ED99D5839082277FDEC869FDD4160EED0B1776192E7C7F42A37BB

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B 05.01.2026 22:18
Servus Jörg,

vielen Dank für die Logdateien.



Ja, auf diesem Rechner ist ziemlich viel Junkware. :D



Ich bräuchte noch die beiden neuen Logdateien von FRST (siehe Schritt 3 meines letzten Posts).
Dann können wir weitermachen. :daumenhoc
Zitat:
Zitat von M-K-D-B (Beitrag 1794676)
Schritt 3 - Neuer FRST-Scan
  • Starte FRST erneut und klicke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

EndeVomLatei 05.01.2026 22:43
FRST Resultat Teil 1
 
Hallo Matthias,

ganz vergessen. Hier kommts.

Viele Grüße,

Jörg

FRST.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
durchgeführt von Horst (Administrator) auf DESKTOP-7PAH99J (Gigabyte Technology Co., Ltd. Q170M-D3H) (05-01-2026 22:28:43)
Gestartet von C:\Users\Horst\Desktop\Wartung\FRST64.exe
Geladene Profile: Horst
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.6466 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser nicht gefunden!
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\125.0.5729.49\opera_crashreporter.exe
(C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2587.9.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\143.0.3650.96\msedgewebview2.exe <6>
(cmd.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxEM.exe
(explorer.exe ->) (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH) C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck_Broker.exe
(explorer.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2587.9.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <21>
(Geek Software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(PrintCtrl.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(services.exe ->) () [Datei ist nicht signiert] C:\Windows\System32\atwtusb.exe <2>
(services.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (AIC Semiconductor (Shanghai) Co., Ltd. -> AIC Semiconductor) C:\Program Files\Ugreen\AicWifiService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\IntelCpHeciSvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\autoupdate\opera_autoupdate.exe <2>

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [595080 2019-03-21] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [MacrokeyManager] => C:\WINDOWS\system32\WTMKM.exe [7329792 2011-06-01] () [Datei ist nicht signiert]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Ashampoo Backup] => "C:\Program Files\Ashampoo\Ashampoo Backup 2023\bin\backupClient-ab.exe" --hidden (Keine Datei)
HKLM\...\Run: [Ashampoo Backup PB] => C:\Program Files\Ashampoo\Ashampoo Backup Pro 17\bin\backupClient-abpb.exe [955240 2023-12-05] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-25] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [PDF24] => B:\Programme\PDF24\pdf24.exe [669920 2025-06-23] (Geek Software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [PDF24] => C:\Program Files (x86)\PDF24\pdf24.exe [576224 2025-09-15] (Geek Software GmbH -> geek software GmbH)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ACHTUNG
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [] => [X]
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPGE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPGE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45741280 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [MicrosoftEdgeAutoLaunch_6E2C73815817D7E02B41C013F4C55849] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4228688 2025-12-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [Opera Stable] => C:\Program Files\Opera\opera.exe [2088408 2025-12-22] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe [1027600 2023-05-22] (MAGIX Software GmbH -> MAGIX)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [Spotify] => C:\Users\Horst\AppData\Roaming\Spotify\Spotify.exe [35433288 2025-03-11] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Run: [com.doctolib.pro.desktop] => C:\Program Files\Doctolib\Doctolib.exe [180509488 2024-07-26] (Doctolib SAS -> Doctolib)
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\MountPoints2: {bcec7c50-56f3-11ed-b1c9-806e6f6e6963} - "E:\Adobe CS6\Set-up.exe"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [6089584 2025-12-22] (Microsoft Windows -> Microsoft Corporation) <==== ACHTUNG
HKLM\...\Windows x64\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll [51848 2018-09-14] (ActMask Group Co., Ltd -> ActMask Co.,Ltd)
HKLM\...\Windows x64\Print Processors\hpcpp103: C:\Windows\System32\spool\prtprocs\x64\hpcpp103.dll [323584 2010-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP560 series: CNMLMA0.DLL (Keine Datei)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [336896 2009-04-03] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\EPSON XP-960 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBPGE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\EverDoc: C:\WINDOWS\system32\mfilemon.dll [972000 2016-02-17] (Open Source Developer, Lorenzo Monti -> Monti Lorenzo)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files (x86)\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\143.0.7499.170\Installer\chrmstp.exe [2025-12-27] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StartRLCMS.lnk [2021-02-24]
ShortcutTarget: StartRLCMS.lnk -> C:\ProgramData\Reallusion\RLRunUtility.exe (Reallusion Inc. -> )
BootExecute: autocheck autochk * bddel.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1A6AE2FB-C6E6-4320-B8E8-576D227C9E04} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {DB83630F-E04C-4DF1-AE07-E3A08F471FC4} - \FreeDownloadManagerNetworkMonitor -> Keine Datei <==== ACHTUNG
Task: {097F5BEC-6A24-448D-9255-3E9963341D8A} - System32\Tasks\{0882A554-C370-450E-BEA8-6C820776BEBB} => C:\Windows\System32\pcalua.exe [91136 2025-12-22] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\Adobe\Acrobat8\Adobe Acrobat 8 Professional\instmsia.exe" -d "C:\Program Files (x86)\Adobe\Acrobat8\Adobe Acrobat 8 Professional"
Task: {45566E1D-9E2B-447E-A4FB-E0D8D0621779} - System32\Tasks\{379498D6-842E-44B9-B87D-06A708419469} => C:\Windows\System32\pcalua.exe [91136 2025-12-22] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Horst\Downloads\APRO23_Win_ESD1_WWEFG.exe -d C:\Users\Horst\Downloads
Task: {0BE90A69-C33D-4C38-BC7D-B5EAAD27F8EA} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-7PAH99J-Horst => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B42EDF9F-F32D-4E30-AB6F-E88CF0059F44} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {51F44CB4-2023-475C-824D-5EF6D42DB0C2} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [11065256 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C012D1EB-A351-4A91-9F2C-223A0C7161D6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {9ECC77DF-A90B-4E1B-80F7-188C8390619F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {62AB8A58-3AF0-4F6E-8DF9-DE128F404031} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "1e4c18f7-3906-405b-934e-816f7137dc7f" --version "6.38.0.11537" --silent
Task: {10C01E53-9628-4F59-BF0D-DB4A6EDC2FFF} - System32\Tasks\CCleanerSkipUAC - Horst => C:\Program Files\CCleaner\CCleaner.exe [39575776 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {64700C20-8F60-44B1-9E1C-39DFA6998F45} - System32\Tasks\EPSON XP-960 Series Update {EEA69949-4F01-4179-8AA6-3B8FC338600E} => C:\Windows\System32\spool\drivers\x64\3\E_YTSPGE.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {762A5246-5556-4A8B-8132-59E4094E6897} - System32\Tasks\GMX Update => C:\Users\Horst\AppData\Local\1&1 Mail & Media GmbH\MCDS\1\Application\1\GMX_Update.exe [1467320 2021-04-20] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Task: {39F54204-4FFC-47CE-B968-0767A9B1F565} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem144.0.7547.4{355534B7-F9CB-4F05-BD58-1FB49FEFDA4B} => C:\Program Files (x86)\Google\GoogleUpdater\144.0.7547.4\updater.exe [7056536 2025-12-08] (Google LLC -> Google LLC)
Task: {27DC19EB-2DF5-4D25-86F6-7E86BE21A2BF} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [11507504 2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {648224D2-F2DA-4A4E-A0D4-8D912799CB57} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D455488-DB27-4886-A3FC-AE58ED370DB8} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\opushutil.exe [61728 2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E7B3555-3E08-4099-B317-E7C1D5E2F872} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {53EE5140-04B4-4E25-A03C-E7EE18C1B621} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [230656 2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BCB6923-EF1D-470C-A1DC-58AE21358096} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [230656 2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD687DA7-3338-47B0-AFB9-C92B69375374} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [11507504 2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {9080701E-47AE-4DA5-B0A2-9573112709ED} - System32\Tasks\NCH Software\MixPadUpdateCheck => C:\Program Files (x86)\NCH Software\MixPad\mixpad.exe [10931200 2025-11-24] (NCH Software, Inc. -> NCH Software)
Task: {EA7B1BAB-3A10-44FF-90BD-6E5A748C770B} - System32\Tasks\NCH Software\SwitchUpdateCheck => C:\Program Files (x86)\NCH Software\Switch\switch.exe [6256632 2025-12-15] (NCH Software, Inc. -> NCH Software)
Task: {383E2531-81BA-4AC7-ADBB-972DB9E5E125} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [15140336 2025-10-10] (NCH Software, Inc. -> NCH Software)
Task: {2A7777B1-2F10-4196-BE3F-E3737F79F729} - System32\Tasks\NCH Software\VideoPadUpdateCheck => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [15140336 2025-10-10] (NCH Software, Inc. -> NCH Software)
Task: {773D90A8-88DE-4D2E-A88E-2C5E55B51A6E} - System32\Tasks\NCH Software\WavePadUpdateCheck => C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe [10205680 2025-12-02] (NCH Software, Inc. -> NCH Software)
Task: {4C34F98E-6AB6-4B42-9880-53F5AFF56214} - System32\Tasks\Opera scheduled assistant Autoupdate 1582821198 => C:\Program Files\Opera\autoupdate\opera_autoupdate.exe [6233560 2025-12-18] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --installdir="C:\Program Files\Opera\assistant" --producttype=assistant $(Arg0)
Task: {BCD66482-BDC6-488D-8561-BCFF63B89F24} - System32\Tasks\Opera scheduled Autoupdate 1505550991 => C:\Program Files\Opera\autoupdate\opera_autoupdate.exe [6233560 2025-12-18] (Opera Norway AS -> Opera Software)
Task: {2B4826E9-83F0-4EEC-AD6E-B060778107CC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5751664 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {5C6012C4-50A8-48BA-8941-26B0122BE354} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6191000 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {7970172B-21BC-4F02-AFBC-2E844D497B48} - System32\Tasks\SEO => C:\Users\Horst\AppData\Roaming\SEO\SEO.exe  (Keine Datei) <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-960 Series Update {EEA69949-4F01-4179-8AA6-3B8FC338600E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPGE.EXE:/EXE:{EEA69949-4F01-4179-8AA6-3B8FC338600E} /F:UpdateWORKGROUP\DESKTOP-7PAH99J$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{426751f0-7da5-4fc1-9ed5-96f93f71afc4}: [DhcpNameServer] 192.168.68.204
Tcpip\..\Interfaces\{81597995-380e-4483-8ef9-4e2404d531b7}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{81597995-380e-4483-8ef9-4e2404d531b7}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{a8743275-c269-41a2-b64f-63cba816211a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a8743275-c269-41a2-b64f-63cba816211a}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{a8743275-c269-41a2-b64f-63cba816211a}\35F657E6462416273556475707F563335493: [DhcpNameServer] 10.10.10.254
Tcpip\..\Interfaces\{c94ac666-3758-47d9-8756-47598b969e9e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c94ac666-3758-47d9-8756-47598b969e9e}: [DhcpDomain] fritz.box
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default [2026-01-05]
Edge DownloadDir: Default -> G:\Downloads
Edge Notifications: Default -> hxxps://de.softonic.com; hxxps://web.whatsapp.com; hxxps://www.chip.de; hxxps://www.computerbild.de; hxxps://www.facebook.com; hxxps://www.mein-schoener-garten.de; hxxps://www.tah.de; hxxps://www.youtube.com
Edge HomePage: Default -> hxxps://
Edge Extension: (Avira Safe Shopping) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2025-12-27]
Edge Extension: (Avira Password Manager) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2025-03-21]
Edge Extension: (Coole Cursor für Chrome ™) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\empjidjbllcmlgaobahepkijkfmfkjdb [2023-07-30]
Edge Extension: (SFL) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\epoipicdijmpedfdkjamnjfgodfjojad [2024-10-05]
Edge Extension: (Google Docs Offline) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-12-20]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-12-12]
Edge Extension: (Edge relevant text changes) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (The Mist) - C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npkohagpnckpnhenpjeeggdngjphfgkn [2025-08-26]
Edge Profile: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2025-11-21]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2019-10-23] [] [ist nicht signiert]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-12-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2011-07-26] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-12-12] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default [2025-12-14]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "hxxps://"
CHR Extension: (Avira Password Manager) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2025-04-18]
CHR Extension: (Avira Safe Shopping) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2025-11-13]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-12-12]
CHR Extension: (Coole Cursor für Chrome ™) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\empjidjbllcmlgaobahepkijkfmfkjdb [2024-01-01]
CHR Extension: (SFL) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\epoipicdijmpedfdkjamnjfgodfjojad [2024-10-06]
CHR Extension: (Google Docs Offline) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-13]
CHR Extension: (Saferduck) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjdjgnojiionckfmaobhcgeahdndmhgf [2021-08-02]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-12-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-07]
CHR HKU\S-1-5-21-947909773-2885354443-2675781160-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\opera.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2017-09-26] (Adobe Systems) [Datei ist nicht signiert]
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-12-12] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [11081128 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AicWifiServiceD80; C:\Program Files\Ugreen\AicWifiService.exe [35352 2024-03-21] (AIC Semiconductor (Shanghai) Co., Ltd. -> AIC Semiconductor)
S3 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 17\bin\backupService-abpb.exe [39272 2023-12-05] (Ashampoo GmbH & Co. KG -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13419408 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
S3 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe [133736 2025-08-27] (Intel Corporation -> Intel)
S3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe [133224 2025-08-27] (Intel Corporation -> Intel)
S3 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 GMX_MailCheck_Update; C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck_Update.exe [933784 2022-08-10] (1&1 Mail & Media GmbH -> Pixality Computersysteme GmbH)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [244232 2025-12-29] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-13] (Macrovision Corporation) [Datei ist nicht signiert]
S4 Lightkey Service; C:\Program Files (x86)\Lightkey Sources LTD\Lightkey\LightkeyCentralService.exe [134288 2021-08-15] (LIGHTKEY SOURCES LTD -> LIGHTKEY SOURCES LTD)
S4 LightkeyNeural; C:\Program Files (x86)\Lightkey Sources LTD\Lightkey\LightkeyNeuralService.exe [43648272 2021-08-15] (LIGHTKEY SOURCES LTD -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11207664 2026-01-05] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2026-01-05] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpDefenderCoreService.exe [2063376 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero 2017\Nero BackItUp\NBService.exe [287088 2016-08-09] (Nero AG -> Nero AG)
S3 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [18135808 2023-11-15] (Logitech Inc -> Logitech, Inc.)
S3 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [576224 2025-09-15] (Geek Software GmbH -> geek software GmbH)
S3 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S3 RLHostService; C:\Program Files (x86)\Common Files\Reallusion\RLHostService\RLHostService.exe [280072 2021-02-25] (Reallusion Inc. -> Reallusion.Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803064 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\NisSrv.exe [4426832 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe [290704 2025-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTService; C:\WINDOWS\system32\atwtusb.exe [916992 2011-04-27] () [Datei ist nicht signiert]
S3 LibreOfficeMaintenance; "B:\Program Files\LibreOffice\program\update_service.exe" [X]
S4 RunSwUSB; C:\Windows\runSW.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 aicloadfw; C:\WINDOWS\System32\drivers\aicloadfw.sys [1060984 2024-05-08] (AIC Semiconductor (Shanghai) Co., Ltd. -> )
R3 aicusbwifi; C:\WINDOWS\System32\drivers\aicusbwifi.sys [1219688 2024-05-13] (AIC Semiconductor (Shanghai) Co., Ltd. -> )
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation -> B.H.A Corporation)
S3 cpuz161; C:\ProgramData\CPUID Software\cpu-z\KICxMQHHatRI [44680 2025-12-22] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [175824 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [33768 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_7e337195b92a35b6\e1d.sys [611936 2023-08-31] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2026-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-14] (Martin Malik - REALiX -> REALiX(tm))
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [79624 2022-01-25] (Intel Corporation -> Intel Corporation)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333192 2025-12-22] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234088 2026-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2026-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt.sys [212544 2026-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80984 2026-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245336 2026-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2026-01-05] (Malwarebytes Inc -> Malwarebytes)
S3 MirayVirtualDisk; C:\WINDOWS\System32\drivers\mvdo.sys [405200 2022-10-14] (Miray Software AG -> Miray)
S3 mmrv-abpb; C:\Program Files\Ashampoo\Ashampoo Backup Pro 17\bin\mmrv-abpb.sys [59424 2023-12-05] (Ashampoo GmbH & Co. KG -> )
R3 moufiltr; C:\WINDOWS\System32\drivers\moufiltr.sys [7680 2009-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S3 NewAudioTechnologySpatialSoundCard; C:\WINDOWS\System32\drivers\vacnatkd.sys [114008 2020-06-15] (New Audio Technology GmbH -> NEW AUDIO TECHNOLOGY)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 PCWinSoft; C:\WINDOWS\System32\drivers\scrcamnetdriver_x64.sys [241800 2012-10-12] (PCWinSoft Systems Informatica Ltda -> Windows (R) Server 2003 DDK provider)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-10-16] (Corel Corporation -> Corel Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12423864 2025-08-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174264 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 vhidmini; C:\WINDOWS\System32\drivers\walvhid.sys [7552 2009-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [21928 2025-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [635272 2025-12-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102792 2025-12-22] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; kein ImagePath
U1 avgbdisk; kein ImagePath
U3 dmwappushsvc; kein ImagePath
S3 MpKsl508b8475; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B783D0E7-2F4D-4516-A1FB-5BFAE2CE29B6}\MpKslDrv.sys [X]
S3 MpKsl621d7010; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B783D0E7-2F4D-4516-A1FB-5BFAE2CE29B6}\MpKslDrv.sys [X]
S3 MpKsl7b9fff18; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B783D0E7-2F4D-4516-A1FB-5BFAE2CE29B6}\MpKslDrv.sys [X]
S3 MpKsle9233a68; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B783D0E7-2F4D-4516-A1FB-5BFAE2CE29B6}\MpKslDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-01-05 22:15 - 2026-01-05 22:15 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2026-01-05 22:15 - 2026-01-05 22:15 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2026-01-05 22:13 - 2026-01-05 22:13 - 001572676 _____ C:\WINDOWS\Minidump\010526-11078-01.dmp
2026-01-05 22:13 - 2026-01-05 22:13 - 000008192 ___SH C:\DumpStack.log.tmp
2026-01-05 22:05 - 2026-01-05 22:05 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2026-01-05 22:05 - 2026-01-05 22:05 - 000000000 ____D C:\Users\Horst\AppData\LocalLow\IGDump
2026-01-05 21:39 - 2026-01-05 22:24 - 000000000 ____D C:\Users\Horst\AppData\Local\Malwarebytes
2026-01-05 21:39 - 2026-01-05 21:39 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2026-01-05 21:38 - 2026-01-05 21:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2026-01-05 21:38 - 2026-01-05 21:38 - 000000000 ____D C:\Program Files\Malwarebytes
2026-01-05 21:20 - 2026-01-05 21:25 - 000000000 ____D C:\AdwCleaner
2026-01-05 21:18 - 2026-01-05 21:18 - 000007536 _____ C:\Users\Horst\Desktop\S1430001.colorProject
2026-01-05 21:18 - 2026-01-05 21:18 - 000000000 ____D C:\Users\Horst\Desktop\S1430001.colordata
2026-01-04 16:38 - 2026-01-04 16:38 - 000079248 _____ C:\Users\Horst\Documents\invoice2.pdf
2026-01-04 11:59 - 2026-01-05 22:29 - 000000000 ____D C:\FRST
2026-01-04 11:13 - 2026-01-04 11:15 - 544383370 _____ C:\Users\Horst\Documents\registry 2026-01-04.reg
2026-01-04 10:49 - 2026-01-05 22:29 - 000030201 _____ C:\WINDOWS\AicWifiServiceLog.txt
2026-01-04 10:49 - 2026-01-04 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ugreen
2026-01-04 10:49 - 2026-01-04 10:49 - 000000000 ____D C:\Program Files\Ugreen
2026-01-04 10:49 - 2024-05-13 06:05 - 001219688 _____ C:\WINDOWS\system32\Drivers\aicusbwifi.sys
2026-01-04 10:49 - 2024-05-08 03:42 - 001060984 _____ C:\WINDOWS\system32\Drivers\aicloadfw.sys
2026-01-04 10:48 - 2024-11-29 06:51 - 000000000 ____D C:\Users\Horst\Desktop\CM762_Driver_V1.2
2025-12-30 17:39 - 2025-12-30 17:39 - 000000000 ____D C:\Users\Horst\Desktop\2012_06_16 - Goldene Hochzeit Waltraud und Wilfried in Alten´s Ruh´, Wunstorf__ Sicherheitskopie in FOTO_Laufwerk Z
2025-12-29 15:49 - 2026-01-02 20:35 - 000000000 ____D C:\Users\Horst\Desktop\Urlaub Eifel
2025-12-27 20:34 - 2025-12-27 20:38 - 000000000 ___HD C:\$WinREAgent
2025-12-23 21:55 - 2025-12-23 21:55 - 000500736 _____ (Realtek) C:\WINDOWS\SwUSB.exe
2025-12-23 21:55 - 2025-12-23 21:55 - 000044760 _____ () C:\WINDOWS\runSW umbenannt.exe
2025-12-23 21:43 - 2025-12-23 21:43 - 000000000 ____D C:\Program Files (x86)\Cisco
2025-12-23 21:37 - 2025-12-23 21:37 - 000003542 _____ C:\WINDOWS\system32\Tasks\SEO
2025-12-23 20:48 - 2025-12-23 20:48 - 000000887 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2025-12-23 20:48 - 2025-12-23 20:48 - 000000000 ____D C:\Users\Horst\AppData\Local\VS Revo Group
2025-12-22 23:20 - 2025-12-22 23:20 - 000000000 ____D C:\Users\Horst\Desktop\mb_bios_ga-q170m-d3h_f23d
2025-12-22 23:11 - 2025-12-22 23:11 - 000000884 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2025-12-22 23:11 - 2025-12-22 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2025-12-22 23:11 - 2025-12-22 23:11 - 000000000 ____D C:\ProgramData\CPUID Software
2025-12-22 23:11 - 2025-12-22 23:11 - 000000000 ____D C:\Program Files\CPUID
2025-12-22 22:35 - 2025-12-22 22:35 - 000000000 ____D C:\inetpub
2025-12-22 22:20 - 2025-12-22 22:20 - 000023734 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-12-22 22:17 - 2025-12-22 22:17 - 000023734 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-12-22 21:57 - 2024-10-17 03:54 - 000174264 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2025-12-22 21:51 - 2024-10-17 03:53 - 000175824 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2025-12-22 21:43 - 2025-12-22 21:43 - 000004006 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1505550991
2025-12-22 21:43 - 2025-12-22 21:43 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2025-12-22 19:38 - 2025-12-23 18:28 - 005616792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-12-21 14:33 - 2025-12-21 14:33 - 000000000 ____D C:\Users\Horst\.openjfx
2025-12-21 14:33 - 2025-12-21 14:33 - 000000000 ____D C:\Users\Horst\.deepartcreator
2025-12-21 14:29 - 2025-12-18 12:31 - 000001513 _____ C:\Users\Horst\Desktop\Aktivierungsanleitung.txt
2025-12-21 14:27 - 2025-12-21 14:28 - 393076295 _____ C:\Users\Horst\Downloads\CHIP_-_DeepArt_Creator (2).zip
2025-12-21 14:26 - 2025-12-21 14:27 - 393076295 _____ C:\Users\Horst\Downloads\CHIP_-_DeepArt_Creator.zip
2025-12-19 19:24 - 2025-12-19 19:27 - 000000000 ____D C:\Users\Horst\Desktop\VIDEOBEARBEITUNG MUSIK - RECORDER - SOUNDBEARBEITUNG
2025-12-18 20:52 - 2025-12-18 20:52 - 000000039 _____ C:\Users\Horst\AppData\Local\kritadisplayrc
2025-12-18 11:18 - 2025-12-18 11:18 - 000000000 ____D C:\Users\Horst\Documents\VideoPad Projekte
2025-12-17 19:06 - 2025-12-17 19:06 - 000001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video-Editor.lnk
2025-12-17 19:06 - 2025-12-17 19:06 - 000001347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Audio-Converter.lnk
2025-12-17 19:05 - 2025-12-17 19:05 - 000001415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc-Brennprogramm.lnk
2025-12-17 19:05 - 2025-12-17 19:05 - 000001357 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixPad Musikstudio-Software.lnk
2025-12-17 19:05 - 2025-12-17 19:05 - 000000000 ____D C:\Users\Horst\Documents\Mixpad Projects
2025-12-17 19:04 - 2025-12-17 19:04 - 000001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Audio-Editor.lnk
2025-12-17 18:59 - 2025-12-17 18:59 - 000001233 _____ C:\Users\Public\Desktop\MyKeyFinder.lnk
2025-12-17 18:59 - 2025-12-17 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyKeyFinder
2025-12-17 18:59 - 2025-12-17 18:59 - 000000000 ____D C:\Program Files (x86)\MyKeyFinder
2025-12-17 18:53 - 2026-01-02 23:32 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Ashampoo Snap 16
2025-12-17 18:00 - 2025-12-18 21:50 - 000000000 ____D C:\Users\Horst\HDR Projects 9 Pro
2025-12-17 17:52 - 2025-12-17 17:53 - 227531339 _____ C:\Users\Horst\Downloads\CHIP-Ashampoo_Snap_16.zip
2025-12-17 17:47 - 2025-12-17 17:48 - 008688680 _____ (Abelssoft ) C:\Users\Horst\Documents\MyKeyFinder_setup.exe
2025-12-17 17:36 - 2025-12-17 17:36 - 029255160 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Horst\Documents\ashampoo_winoptimizer_27_47122.exe
2025-12-16 15:04 - 2025-12-16 15:04 - 001262796 _____ C:\Users\Horst\Downloads\CHIP_Ascomp_Backup_Maker.zip
2025-12-15 23:23 - 2025-12-15 23:23 - 000000000 ____D C:\Users\Horst\Desktop\IMG_20241214_214816_DRO.sharpendata
2025-12-15 22:36 - 2025-12-15 22:37 - 378915001 _____ C:\Users\Horst\Downloads\3-in1-Paket_fuer_Schwarz-Weiss-Fotografie (2).zip
2025-12-15 22:10 - 2025-12-15 22:10 - 000001474 _____ C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WO27.lnk
2025-12-15 22:05 - 2025-12-15 22:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Translation
2025-12-15 22:05 - 2025-12-15 22:05 - 000000000 ____D C:\WINDOWS\SysWOW64\data
2025-12-15 19:43 - 2025-12-15 22:44 - 000000000 ____D C:\Users\Horst\BlackWhite Projects 6 Pro
2025-12-15 19:36 - 2025-12-15 19:37 - 378915001 _____ C:\Users\Horst\Downloads\3-in1-Paket_fuer_Schwarz-Weiss-Fotografie.zip
2025-12-15 19:27 - 2025-12-15 19:53 - 000000000 ____D C:\Users\Horst\AppData\Roaming\neroaiu
2025-12-15 19:27 - 2025-12-15 19:27 - 000000000 ____D C:\Users\Horst\Documents\NeroAIU
2025-12-15 19:16 - 2025-12-15 19:16 - 000000000 ____D C:\WINDOWS\nsxCDF2.tmp
2025-12-15 19:15 - 2025-12-15 19:35 - 000000000 ____D C:\Users\Horst\AppData\Roaming\nerostart
2025-12-15 19:12 - 2025-12-15 19:13 - 165313141 _____ C:\Users\Horst\Downloads\CHIP_Nero_AI_Image_Upscaler_Pro (2).zip
2025-12-15 19:10 - 2025-12-15 19:11 - 165313141 _____ C:\Users\Horst\Downloads\CHIP_Nero_AI_Image_Upscaler_Pro.zip
2025-12-15 19:06 - 2025-12-15 19:06 - 016754854 _____ C:\Users\Horst\Downloads\CHIP_Wise_Care_365 (2).zip
2025-12-15 13:24 - 2025-12-15 13:24 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Wise Utilities
2025-12-14 22:57 - 2025-12-23 21:15 - 000000004 ___SH C:\WINDOWS\wisefs.dat
2025-12-12 11:26 - 2025-12-12 11:26 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials Vision SE 2026.lnk
2025-12-12 11:21 - 2025-12-12 11:21 - 006762626 _____ C:\Users\Horst\Downloads\CHIP_Audials_Vision_2026_SE (3).zip
2025-12-12 11:17 - 2025-12-12 11:17 - 006762626 _____ C:\Users\Horst\Downloads\CHIP_Audials_Vision_2026_SE (2).zip
2025-12-12 11:13 - 2025-12-12 11:13 - 006762626 _____ C:\Users\Horst\Downloads\CHIP_Audials_Vision_2026_SE.zip
2025-12-12 10:19 - 2025-12-15 19:16 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-12-06 20:12 - 2025-12-06 20:12 - 000000000 ____D C:\Users\Horst\.ms-ad

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-01-05 22:28 - 2025-11-15 16:11 - 000000000 ____D C:\Users\Horst\Desktop\Wartung
2026-01-05 22:28 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-01-05 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2026-01-05 22:21 - 2022-10-28 20:19 - 000000000 ____D C:\Users\Horst\AppData\Local\LogiOptionsPlus
2026-01-05 22:20 - 2020-09-17 18:06 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-01-05 22:20 - 2019-12-07 15:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2026-01-05 22:20 - 2019-12-07 15:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2026-01-05 22:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2026-01-05 22:18 - 2021-12-17 20:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-01-05 22:13 - 2020-09-19 17:26 - 000000000 ____D C:\WINDOWS\Minidump
2026-01-05 22:13 - 2020-09-17 18:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-01-05 22:13 - 2020-09-17 17:55 - 000000000 ____D C:\Users\Horst
2026-01-05 22:13 - 2020-09-17 17:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2026-01-05 22:13 - 2017-09-16 09:33 - 000000000 __SHD C:\Users\Horst\IntelGraphicsProfiles
2026-01-05 22:13 - 2017-09-16 09:33 - 000000000 ____D C:\Intel
2026-01-05 22:13 - 2016-07-16 12:47 - 000000227 _____ C:\WINDOWS\win.ini
2026-01-05 22:04 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2026-01-05 21:59 - 2023-12-11 14:44 - 000000000 ____D C:\Program Files (x86)\Innovative Solutions
2026-01-05 21:59 - 2022-12-19 12:26 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Innovative Solutions
2026-01-05 21:59 - 2022-12-19 12:26 - 000000000 ____D C:\Users\Horst\AppData\Local\Innovative Solutions
2026-01-05 21:59 - 2019-06-24 17:03 - 000000000 ____D C:\Program Files (x86)\Falco Billiard
2026-01-05 21:39 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2026-01-05 21:25 - 2023-12-19 18:51 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2026-01-05 21:25 - 2017-09-27 09:47 - 000000000 ____D C:\Users\Horst\AppData\Roaming\IObit
2026-01-05 21:25 - 2017-09-27 09:47 - 000000000 ____D C:\Users\Horst\AppData\LocalLow\IObit
2026-01-05 21:25 - 2017-09-27 09:47 - 000000000 ____D C:\ProgramData\IObit
2026-01-05 20:24 - 2019-10-03 16:59 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2026-01-05 19:55 - 2018-05-28 14:05 - 000000000 ____D C:\Users\Horst\AppData\Local\D3DSCache
2026-01-05 18:46 - 2024-07-09 18:27 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2026-01-04 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-01-03 23:33 - 2017-09-26 18:03 - 000000000 ____D C:\Users\Horst\AppData\Local\Adobe
2026-01-03 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2026-01-02 20:04 - 2025-11-23 23:14 - 000000000 ____D C:\Users\Horst\Desktop\BILDBEARBEITUNG - CAT - PRESETS - HINTERGRÜNDE
2026-01-02 18:19 - 2024-11-26 22:18 - 000000000 ____D C:\Users\Horst\Desktop\NOCH ZUORDNEN
2026-01-01 23:51 - 2022-11-30 12:39 - 000000000 ____D C:\Users\Horst\Color Projects 6 Pro
2025-12-31 22:28 - 2017-12-05 15:17 - 000000000 ____D C:\Users\Horst\AppData\Local\CrashDumps
2025-12-31 13:35 - 2025-11-13 21:55 - 000000000 ____D C:\Users\Horst\Desktop\2015-25-12 - Heiligabend__Sicherheitskopie in Laufwerk SIKO Foto (Z)
2025-12-30 12:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-12-30 12:18 - 2018-07-19 10:05 - 000000000 ____D C:\ProgramData\Packages
2025-12-29 15:16 - 2017-12-06 14:17 - 000000000 ____D C:\Users\Horst\AppData\Local\Packages
2025-12-29 15:15 - 2024-09-04 20:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-12-29 15:15 - 2024-01-20 23:25 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-12-28 14:07 - 2024-02-25 23:05 - 000000000 ____D C:\Users\Horst\Desktop\Heizkesel_Puffer_Ausfall_Warttung
2025-12-28 14:04 - 2023-01-14 17:28 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-12-28 13:34 - 2020-05-24 13:32 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-12-28 13:25 - 2020-09-17 18:14 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-12-28 13:25 - 2020-09-17 18:14 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-12-27 22:39 - 2017-09-25 18:58 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-12-27 22:28 - 2020-09-17 18:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2025-12-27 21:55 - 2025-08-08 17:57 - 000000000 ____D C:\Users\Horst\Desktop\HAUS UND GARTEN WESTERENDE UND GARTEN BOKELOH__Sicherheitskopie in Laufwerk EXT. (Y)
2025-12-27 20:55 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-12-23 21:43 - 2020-12-03 20:48 - 000000000 ____D C:\Program Files (x86)\Realtek
2025-12-23 21:43 - 2017-09-16 09:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2025-12-23 21:25 - 2021-05-25 18:32 - 000000000 ____D C:\Users\Public\Documents\Ashampoo
2025-12-23 21:25 - 2020-02-02 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2025-12-23 21:25 - 2020-02-02 23:35 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2025-12-23 21:20 - 2022-07-27 21:23 - 000000000 ____D C:\Program Files (x86)\Wise
2025-12-23 21:10 - 2023-12-19 18:52 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Lavasoft
2025-12-23 21:10 - 2023-12-19 18:52 - 000000000 ____D C:\Users\Horst\AppData\Local\Lavasoft
2025-12-23 20:48 - 2021-12-26 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2025-12-23 20:48 - 2021-12-26 18:46 - 000000000 ____D C:\Program Files\Revo Uninstaller
2025-12-23 18:52 - 2017-09-25 19:20 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2025-12-23 18:47 - 2020-07-09 20:33 - 000000000 ____D C:\Users\Horst\AppData\Roaming\TuneIn
2025-12-23 18:07 - 2025-07-23 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice
2025-12-23 18:03 - 2020-09-05 11:21 - 000000000 ____D C:\Program Files\Reallusion
2025-12-23 17:09 - 2020-02-13 22:16 - 000000000 ____D C:\Users\Horst\AppData\Roaming\SoftMaker
2025-12-23 17:08 - 2020-09-12 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Faceware
2025-12-23 17:08 - 2020-09-12 18:24 - 000000000 ____D C:\Program Files\Faceware
2025-12-23 17:05 - 2019-11-27 21:14 - 000000000 ____D C:\ProgramData\NCH Software
2025-12-23 17:05 - 2019-11-27 21:14 - 000000000 ____D C:\Program Files (x86)\NCH Software
2025-12-23 17:05 - 2017-10-02 19:42 - 000000000 ____D C:\Users\Horst\AppData\Roaming\NCH Software
2025-12-23 16:56 - 2017-09-26 14:42 - 000000000 ____D C:\ProgramData\Adobe
2025-12-23 16:56 - 2017-09-09 21:34 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Adobe
2025-12-23 16:55 - 2022-07-27 18:20 - 000000000 ____D C:\Users\Horst\AppData\Roaming\com.adobe.dunamis
2025-12-23 16:55 - 2017-09-26 22:18 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-12-23 16:52 - 2017-09-26 21:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-12-22 22:55 - 2023-12-13 18:39 - 000000000 ____D C:\Program Files\Common Files\MAGIX Services
2025-12-22 22:35 - 2024-07-23 19:12 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-12-22 22:35 - 2023-12-14 03:56 - 000000000 ____D C:\WINDOWS\InboxApps
2025-12-22 22:35 - 2019-12-07 15:54 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2025-12-22 22:35 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-12-22 22:35 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-12-22 22:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2025-12-22 22:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2025-12-22 22:16 - 2020-09-17 17:57 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-12-22 21:59 - 2023-10-05 15:46 - 000000000 ____D C:\Users\Horst\AppData\Local\Ashampoo Backup
2025-12-22 21:59 - 2017-10-29 10:59 - 000000000 ____D C:\Program Files (x86)\Nero
2025-12-22 21:55 - 2017-09-16 10:07 - 218369424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-12-22 21:55 - 2017-09-16 10:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-12-22 21:53 - 2022-08-17 18:01 - 000000000 ____D C:\Program Files\dotnet
2025-12-22 21:53 - 2017-09-16 09:37 - 000000000 ____D C:\ProgramData\Package Cache
2025-12-22 21:52 - 2025-04-08 19:24 - 000000000 ____D C:\Program Files (x86)\dotnet
2025-12-22 21:52 - 2018-05-28 13:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-12-22 21:51 - 2023-05-24 14:32 - 000000000 ____D C:\Program Files\RUXIM
2025-12-22 21:43 - 2017-09-16 09:36 - 000000000 ____D C:\Program Files\Opera
2025-12-22 21:39 - 2020-07-21 18:51 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2025-12-22 20:39 - 2020-07-21 18:51 - 000000000 ____D C:\Users\Horst\AppData\Local\BraveSoftware
2025-12-22 20:38 - 2017-09-16 09:36 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Opera Software
2025-12-22 20:38 - 2017-09-16 09:36 - 000000000 ____D C:\Users\Horst\AppData\Local\Opera Software
2025-12-22 19:24 - 2020-11-05 17:52 - 000000000 ____D C:\Users\Horst\AppData\Local\ElevatedDiagnostics
2025-12-21 21:33 - 2024-09-19 21:42 - 000000000 ____D C:\Users\Horst\Projects Series
2025-12-21 13:17 - 2019-06-22 10:49 - 000000000 ____D C:\ProgramData\Reallusion
2025-12-20 23:38 - 2024-12-27 19:30 - 000000000 ____D C:\Users\Horst\Desktop\SAUERBRATEN
2025-12-19 21:06 - 2020-03-02 19:34 - 000000132 _____ C:\Users\Horst\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2025-12-19 19:45 - 2018-03-22 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2025-12-19 19:44 - 2021-12-22 20:45 - 000000000 ____D C:\ProgramData\Audials
2025-12-19 19:43 - 2020-02-13 19:00 - 000000000 ____D C:\Program Files\Ashampoo
2025-12-18 20:52 - 2019-10-24 18:05 - 000038066 _____ C:\Users\Horst\AppData\Local\kritarc
2025-12-18 20:52 - 2019-10-24 18:05 - 000000000 ____D C:\Users\Horst\AppData\Roaming\krita
2025-12-18 19:41 - 2025-11-23 20:48 - 000000000 ____D C:\Users\Horst\Sharpen 5 Pro
2025-12-18 11:27 - 2017-12-28 22:49 - 000000000 ____D C:\Users\Horst\AppData\LocalLow\Temp
2025-12-17 19:16 - 2023-12-06 19:00 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Ashampoo Snap
2025-12-17 18:59 - 2018-01-22 19:11 - 000000000 ____D C:\Users\Horst\AppData\Local\Abelssoft
2025-12-17 17:58 - 2023-03-08 14:53 - 000000000 ____D C:\Program Files\Franzis
2025-12-16 20:21 - 2018-05-21 09:52 - 000000000 ____D C:\Users\Horst\AppData\Local\PlaceholderTileLogoFolder
2025-12-16 18:30 - 2021-12-22 20:22 - 000000000 ____D C:\Users\Horst\AppData\Roaming\ASCOMP Software
2025-12-16 15:06 - 2020-11-05 18:43 - 000000000 ____D C:\Users\Horst\AppData\Local\Avira
2025-12-16 13:51 - 2023-01-14 17:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-12-15 23:48 - 2017-09-25 18:58 - 000000000 ____D C:\Users\Horst\AppData\Local\Google
2025-12-15 22:14 - 2019-12-03 14:55 - 000000000 ____D C:\Users\Horst\AppData\Roaming\dvdcss
2025-12-15 22:14 - 2019-09-30 13:28 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Notepad++
2025-12-15 19:27 - 2017-12-03 23:33 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Nero
2025-12-15 19:27 - 2017-10-29 11:05 - 000000000 ____D C:\ProgramData\Nero
2025-12-14 23:39 - 2024-01-17 18:08 - 000000000 ____D C:\Users\_ashbackuppb_
2025-12-14 22:42 - 2023-04-15 18:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\InPixio
2025-12-14 22:42 - 2020-11-05 19:08 - 000000000 ____D C:\Program Files\CCleaner
2025-12-13 20:31 - 2020-12-01 19:50 - 000000000 ____D C:\Program Files\7-Zip
2025-12-12 15:35 - 2017-10-02 19:41 - 000000000 ____D C:\Users\Horst\AppData\Roaming\Intel
2025-12-12 11:27 - 2021-12-22 20:32 - 000000000 ____D C:\Users\Horst\AppData\Local\Audials
2025-12-12 11:26 - 2023-12-08 18:18 - 000000000 ____D C:\Program Files\Audials

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-04-14 21:18 - 2020-04-14 21:20 - 332627677 _____ () C:\Program Files\makehuman-1.1.1-win32.zip
2019-06-24 16:49 - 2017-11-19 12:51 - 000004286 _____ () C:\Program Files (x86)\FalcoGo.ico
2019-06-24 16:49 - 2017-11-19 12:53 - 000000044 _____ () C:\Program Files (x86)\FalcoGo.url
2019-06-24 16:49 - 2016-01-05 12:37 - 000004286 _____ () C:\Program Files (x86)\FalconLine.ico
2019-06-24 16:49 - 2016-01-05 12:25 - 000000047 _____ () C:\Program Files (x86)\FalconLine.url
2019-06-24 16:49 - 2016-12-21 00:39 - 000004286 _____ () C:\Program Files (x86)\FalcoSpace.ico
2019-06-24 16:49 - 2016-12-21 00:36 - 000000047 _____ () C:\Program Files (x86)\FalcoSpace.url
2019-07-07 16:36 - 2019-07-07 16:36 - 007315103 _____ () C:\Program Files (x86)\picturenaut_3_2_1690.zip
2011-01-12 01:00 - 2011-01-12 01:00 - 000146944 _____ () C:\Program Files (x86)\Common Files\dsfFLACDecoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000221184 _____ () C:\Program Files (x86)\Common Files\dsfFLACEncoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000204800 _____ () C:\Program Files (x86)\Common Files\dsfNativeFLACSource.dll
2012-05-11 13:16 - 2012-05-11 13:16 - 000171520 _____ () C:\Program Files (x86)\Common Files\dsfOggDemux2.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000240128 _____ () C:\Program Files (x86)\Common Files\dsfVorbisDecoder.dll
2009-07-11 22:08 - 2009-07-11 22:08 - 000001860 _____ () C:\Program Files (x86)\Common Files\Microsoft.VC90.CRT.manifest
2011-04-18 21:51 - 2011-04-18 21:51 - 000569680 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP90.dll
2011-04-18 21:51 - 2011-04-18 21:51 - 000653136 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR90.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000412672 _____ (Google) C:\Program Files (x86)\Common Files\vp8decoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000701440 _____ (Google) C:\Program Files (x86)\Common Files\vp8encoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000302592 _____ (Google) C:\Program Files (x86)\Common Files\webmmux.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000292352 _____ (Google) C:\Program Files (x86)\Common Files\webmsplit.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000030208 _____ () C:\Program Files (x86)\Common Files\wmpinfo.dll
2022-01-20 17:17 - 2022-01-20 17:17 - 000000246 _____ () C:\Users\Horst\AppData\Roaming\.ptbt1
2018-02-23 23:17 - 2021-11-30 17:09 - 000000132 _____ () C:\Users\Horst\AppData\Roaming\Adobe CS6-AIFF-Format - Voreinstellungen
2018-02-24 22:58 - 2024-01-22 20:27 - 000000132 _____ () C:\Users\Horst\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2021-01-09 20:05 - 2021-04-05 22:13 - 000000132 _____ () C:\Users\Horst\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2020-03-02 19:34 - 2025-12-19 21:06 - 000000132 _____ () C:\Users\Horst\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2017-11-08 18:21 - 2024-08-06 18:07 - 000000132 _____ () C:\Users\Horst\AppData\Roaming\Adobe CS6-Targa-Format - Voreinstellungen
2020-06-11 21:39 - 2020-06-11 21:39 - 001456142 _____ () C:\Users\Horst\AppData\Roaming\AvidLink_Install.log
2020-11-12 20:48 - 2024-10-27 20:01 - 000000632 _____ () C:\Users\Horst\AppData\Roaming\com.cloudapp.windows.plist
2019-10-24 22:10 - 2025-11-24 22:03 - 000000128 _____ () C:\Users\Horst\AppData\Roaming\FotoSketcher.ini
2019-04-05 14:25 - 2019-04-05 14:26 - 000000112 _____ () C:\Users\Horst\AppData\Roaming\main.ini
2019-07-07 16:08 - 2020-06-27 17:41 - 000000009 _____ () C:\Users\Horst\AppData\Roaming\tabbles_hwnd_main
2019-07-07 16:08 - 2020-06-27 17:41 - 000000009 _____ () C:\Users\Horst\AppData\Roaming\tabbles_hwnd_quick_link
2020-05-24 19:15 - 2020-05-24 19:15 - 000018687 _____ () C:\Users\Horst\AppData\Roaming\unins000.dat
2020-05-24 19:15 - 2020-05-24 19:15 - 000013844 _____ () C:\Users\Horst\AppData\Roaming\unins000.msg
2017-11-02 22:54 - 2024-01-11 23:48 - 000001456 _____ () C:\Users\Horst\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2025-12-15 23:48 - 2025-12-15 23:48 - 000111621 _____ () C:\Users\Horst\AppData\Local\dxdiag.log
2025-10-14 20:57 - 2025-12-18 13:06 - 000008180 _____ () C:\Users\Horst\AppData\Local\krita-sysinfo.log
2019-10-24 18:05 - 2025-12-18 20:52 - 000176896 _____ () C:\Users\Horst\AppData\Local\krita.log
2020-07-01 20:54 - 2025-12-18 13:05 - 000051362 _____ () C:\Users\Horst\AppData\Local\kritacrash.log
2025-12-18 20:52 - 2025-12-18 20:52 - 000000039 _____ () C:\Users\Horst\AppData\Local\kritadisplayrc
2019-10-24 18:05 - 2025-12-18 20:52 - 000038066 _____ () C:\Users\Horst\AppData\Local\kritarc
2020-08-06 16:28 - 2020-08-06 16:28 - 000000057 _____ () C:\Users\Horst\AppData\Local\makehuman.conf
2018-10-04 11:18 - 2022-10-28 20:35 - 000000309 _____ () C:\Users\Horst\AppData\Local\oobelibMkey.log
2025-09-16 12:48 - 2025-09-16 12:48 - 000000768 _____ () C:\Users\Horst\AppData\Local\recently-used.xbel
2017-10-01 20:45 - 2020-07-15 20:43 - 000007600 _____ () C:\Users\Horst\AppData\Local\Resmon.ResmonCfg
2022-11-26 18:42 - 2022-12-09 20:24 - 000139264 _____ () C:\Users\Horst\AppData\Local\Tempwd.tmp

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

EndeVomLatei 05.01.2026 22:54
FRST Resultat Teil 2
 
Addition.txt:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2025
durchgeführt von Horst (05-01-2026 22:33:31)
Gestartet von C:\Users\Horst\Desktop\Wartung
Microsoft Windows 10 Pro Version 22H2 19045.6466 (X64) (2020-09-17 17:14:40)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-947909773-2885354443-2675781160-500 - Administrator - Disabled)
buhso (S-1-5-21-947909773-2885354443-2675781160-1005 - Limited - Disabled)
DefaultAccount (S-1-5-21-947909773-2885354443-2675781160-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-947909773-2885354443-2675781160-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-947909773-2885354443-2675781160-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-947909773-2885354443-2675781160-1003 - Limited - Enabled)
Horst (S-1-5-21-947909773-2885354443-2675781160-1001 - Administrator - Enabled) => C:\Users\Horst
WDAGUtilityAccount (S-1-5-21-947909773-2885354443-2675781160-504 - Limited - Disabled)
_ashbackuppb_ (S-1-5-21-947909773-2885354443-2675781160-1010 - Administrator - Enabled) => C:\Users\_ashbackuppb_

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

100 Photoshop-Aktionen Vol.1 (HKLM-x32\...\100 Photoshop-Aktionen Vol. 1_is1) (Version:  - )
100 Photoshop-Aktionen Vol.2 (HKLM-x32\...\100 Photoshop-Aktionen Vol. 2_is1) (Version:  - )
4K Video to MP3 (HKLM\...\{8232A6B7-2815-485A-AAF2-10025111DE36}) (Version: 3.0.0.930 - Open Media LLC)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 25.01 (x64) (HKLM\...\7-Zip) (Version: 25.01 - Igor Pavlov)
AbstractCurves x64 (HKLM\...\AbstractCurves AbstractCurves x64 1) (Version: 1.190 - AbstractCurves Software)
Adobe Bridge 1.0 (HKLM-x32\...\{B74D4E10-6884-0000-0000-000000000101}) (Version: 001.000.001 - Adobe Systems) Hidden
Adobe Bridge 2022 (HKLM-x32\...\KBRG_12_0_2) (Version: 12.0.2 - Adobe Inc.)
Adobe Common File Installer (HKLM-x32\...\{8EDBA74D-0686-4C99-BFDD-F894678E5101}) (Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.6.0.79 - Adobe Inc.)
Adobe Help Center 1.0 (HKLM-x32\...\{E9787678-119F-4D52-B551-6739B2B22101}) (Version: 1.0.1 - Adobe Systems) Hidden
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Rush (HKLM-x32\...\RUSH_2_3) (Version: 2.3 - Adobe Inc.)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Adobe Stock Photos 1.0 (HKLM-x32\...\{786C5747-0C40-4930-9AFE-113BCE553101}) (Version: 1.0.1 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe UXP Developer Tool (HKLM-x32\...\UXPD_1_5_0) (Version: 1.5.0 - Adobe Inc.)
AKVIS Coloriage (HKLM\...\{1A751AEE-4021-4611-96D4-EC6FBF119E39}) (Version: 14.0.1492.24452 - AKVIS) Hidden
AKVIS Coloriage (HKLM-x32\...\{c73d6afc-9305-423a-8ee3-e26d6a0af4c2}) (Version: 14.0.1492.24452 - AKVIS)
All Image Downloader (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\{64eac9ac-0b76-44ae-b702-1b8f4a192011}) (Version: 2.0.0 - Imgdownloader)
Amazon Music (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Amazon Amazon Music) (Version: 8.5.0.2261 - Amazon.com Services LLC)
Amazon Photos (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Amazon Photos) (Version: 10.8.0 - Amazon.com, Inc.)
AniMaker Drag (HKLM-x32\...\AniMaker Drag) (Version: 2.1 - AniMaker GmbH)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{FF8455A9-21E8-457D-AC64-510A705D53B3}) (Version: 1.1.2.55 - ArcSoft)
Ashampoo Audio Recorder Free (HKLM-x32\...\{91B33C97-C3B3-7A23-56CA-61CA8472B256}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Backup Pro 17 (HKLM\...\{91B33C97-5909-F165-4B92-42DCE6E18868}_is1) (Version: 17.11 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2021 (HKLM-x32\...\{91B33C97-87D2-CBDB-6C78-9844D71F4195}_is1) (Version: 1.22.0 - Ashampoo GmbH & Co. KG)
Ashampoo Cover Studio 2017 (HKLM-x32\...\{91B33C97-6D7D-102A-7711-56C011AFB81B}_is1) (Version: 3.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Home Design 5 (HKLM\...\{6FE137BD-F8A3-4995-B812-04928FFD3D73}_is1) (Version: 5.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 2020 (HKLM-x32\...\{91B33C97-FFD3-62FA-D018-BCB9A3BC574C}_is1) (Version: 1.8.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.2.1 (HKLM-x32\...\{C92AB6F1-4B66-808A-D77C-25EF81C0176A}_is1) (Version: 10.2.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander Free (HKLM-x32\...\{0A11EA01-CD60-73B5-2FF0-9FCC1502CD64}_is1) (Version: 11.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 9 (HKLM\...\{91B33C97-A7B5-2D2D-BC10-085C65109B0D}_is1) (Version: 9.4.7 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Recovery 2 (HKLM\...\{BB339C1F-657A-6D2A-BD02-EF21B6F35991}_is1) (Version: 2.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Registry Cleaner 2 (HKLM-x32\...\{4209F371-AD80-9E5D-7FD6-99DC6D5D8B7F}_is1) (Version: 2.00.00 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio 2019 (HKLM-x32\...\{91B33C97-4A4D-A9FD-B59A-1256B60F3665}_is1) (Version: 1.4.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 16 (HKLM\...\{0A11EA01-8829-6E65-628A-90709BFA6C2E}_is1) (Version: 16.0.9 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 27 (HKLM-x32\...\{4209F371-B009-83C0-55A2-B0904D2A6CF6}_is1) (Version: 27.00.05 - Ashampoo GmbH & Co. KG)
Ashampoo ZIP Free (HKLM-x32\...\{0A11EA01-5173-F4C2-0973-35C932D5C674}_is1) (Version: 1.0.7 - Ashampoo GmbH & Co. KG)
Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
Audacity 3.7.5 (64 Bit) (HKLM\...\Audacity_is1) (Version: 3.7.5 - Audacity Team)
Audials Vision SE 2026 (HKLM\...\{43349E3F-3B86-4C50-A791-1941558E12EE}) (Version: 26.0.44.0 - Audials AG)
audite! 6.5 (HKLM-x32\...\{F979439C-55CD-41A4-B453-D2F347142DB4}) (Version: 6.5.0 - capella software)
Autodesk SketchBook (HKLM\...\{AE6C5657-8710-4968-BEB5-1E2ED89CB2D2}) (Version: 8.71.0000 - Autodesk)
BenVista PhotoZoom Pro 9.0.2 (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\PhotoZoom Pro 9) (Version: 9.0.2 - BenVista Ltd.)
BLACK WHITE projects 6 professional (64-Bit) (HKLM\...\SILVER_PROJECTS_6_3_28B15F1D_is1) (Version: 6.63 - Franzis Verlag GmbH)
blender (HKLM\...\{7AE80A32-183F-48A8-91A1-B1889B3B6B38}) (Version: 2.93.6 - Blender Foundation)
capella 2008 (HKLM-x32\...\{8D04F5C2-704D-4DB8-84FF-22300783D7F8}) (Version: 6.00.9001 - capella-software)
capella playAlong 3 (HKLM-x32\...\{C9A08B65-CFA7-47E7-A6BD-F54971F51763}) (Version: 3.0 - capella-software)
capella reader 8 (HKLM-x32\...\{d40fe571-3b74-4b1d-9f06-8ea780cfae5f}) (Version: 8 - capella-software AG)
capella-scan 5.0 (HKLM-x32\...\capella-scan 5.0) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 6.38 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloudApp for Windows (HKLM-x32\...\{5D95CFF5-3601-44D9-94B4-4C4EEA836B51}) (Version: 6.0.0.90 - CloudPlus, Inc.)
CODIJY Colorizer Pro (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\{5a136515-5018-4939-93b3-8ede6788feab}) (Version: 4.2.0 - CODIJY)
COLOR projects 6 professional (64-Bit) (HKLM\...\COLOR_PROJECTS_6_3_C935FDA1_is1) (Version: 6.63 - Franzis Verlag GmbH)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.1.0.588 - Corel Corporation)
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (HKLM\...\{46AE421C-BF1B-4B62-BE0E-62FE09C6D5B5}) (Version: 15.1.588 - Corel Corporation) Hidden
CPUID CPU-Z 2.17 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.17 - CPUID, Inc.)
CrazyTalk Animator Standard (HKLM-x32\...\{789567FD-CAA2-4E1C-B38E-9072B3015FFD}) (Version: 1.2.2010.1 - Reallusion Inc.)
CrazyTalk Animator v3.32 PRO (HKLM-x32\...\{6B844167-0760-43FD-BBCA-2463EC967721}) (Version: 3.32.4718.1 - Reallusion Inc.)
Crescendo Notensatz-Editor (HKLM-x32\...\Crescendo) (Version: 10.10 - NCH Software)
CutOut 9 professional (11022020) (HKLM\...\CutOut 9 professional_is1) (Version: 9 - Franzis.de)
darktable (HKLM\...\darktable) (Version: 2.4.1 - the darktable project)
DENOISE projects 3 professional (64-Bit) (HKLM\...\DENOISE_PROJECTS_3_3_FBC348A0_is1) (Version: 3.32 - Franzis Verlag GmbH)
Design & Print (HKLM-x32\...\Design & Print 5.1.0) (Version: 5.1.0 - Avery Zweckform)
Doctolib 2.30.0 (HKLM\...\a23b93d7-c27b-59d6-b1a0-6e4b0d5d056a) (Version: 2.30.0 - Doctolib)
DokuDownloader 2019 (HKLM-x32\...\{28806E83-7109-4E6A-A2C6-B8C43055C59C}_is1) (Version: 1.0 - Abelssoft)
Druckerdeinstallation für EPSON XP-960 Series (HKLM\...\EPSON XP-960 Series) (Version:  - Seiko Epson Corporation)
Easy Photo Scan (HKLM-x32\...\{99364024-626C-4BE1-89C8-2F207023497B}) (Version: 1.00.0018 - Seiko Epson Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.2 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{DE32F90E-1A29-4D74-BCF1-E7DDB25D713A}) (Version: 3.4.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
EverDoc 2018 (HKLM-x32\...\{CE690D98-4029-4620-879D-8018BF9CFBEC}_is1) (Version: 3.26 - Abelssoft)
EverDoc Printer++ (64bit) (HKLM\...\{D8156771-98B2-4A23-8122-C904F2410DF1}) (Version: 1.0.0 - Printer++)
Express Burn Disc-Brennprogramm (HKLM-x32\...\ExpressBurn) (Version: 12.01 - NCH Software)
Facebook Desktop (HKLM-x32\...\{844B8965-E5AA-4F9A-A4D4-4E59D4F44F64}) (Version: 0.8.0 - Eric Zhang)
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version:  - Tone2)
FOCUS projects 3 professional (64-Bit) (HKLM\...\FOCUS_PROJECTS_3_3_EDC5B478_is1) (Version: 3.25 - Franzis Verlag GmbH)
Folder Icon Basic (HKLM-x32\...\{EAF4C8EE-4D58-418D-8960-CA9A1628DA77}) (Version: 5.1.0.0 - MSTech Global Ltd) Hidden
FontForge Version 07-11-2020 (HKLM-x32\...\{56748B9C-19AE-4689-B8C5-5A45AE0A993A}_is1) (Version: 07-11-2020 - FontForgeBuilds)
FotoSketcher 3.60 (HKLM\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
Free FreeCell Solitaire 2017 v3.2 (HKLM-x32\...\Free FreeCell Solitaire_is1) (Version:  - TreeCardGames)
Free GIF Maker (HKLM-x32\...\Free GIF Maker_is1) (Version: 1.3.48.831 - Digital Wave Ltd)
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:  -  )
FreeCAD 0.21.1 (HKLM\...\FreeCAD0211) (Version: 0.21.1 - FreeCAD Team)
FreeCAD 1.0.2 (HKLM\...\FreeCAD102) (Version: 1.0.2 - FreeCAD Team)
FreeRIP MP3 Converter 5.7.1.2 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 5.7.1.2 - GreenTree Applications SRL)
GMX MailCheck für Windows (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.7.10.0 - 1&1 Mail & Media GmbH)
GMX Suche (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\1&1 Mail & Media GmbH DS1) (Version: 1.2.0.0 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 143.0.7499.170 - Google LLC)
Google Earth Pro (HKLM\...\{8D42B7EA-0BF8-4E13-B646-652FE578F998}) (Version: 7.3.6.10441 - Google)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.53.3) (Version: 9.53.3 - Artifex Software Inc.)
HD Writer AE 2.1 (HKLM-x32\...\{AC4BDEB4-E06A-4605-B5D2-2FE6750681A5}) (Version: 2.01.141.1031 - Panasonic Corporation)
HDR projects 9 professional (HKLM\...\HDR_PROJECTS_9_3_3BF7CE82_is1) (Version: 9.23 - Franzis Verlag GmbH)
HDR projects photo (64-Bit) (HKLM\...\HDR_PROJECTS_2_1_3BF7CE82_is1) (Version: 2.26 - Franzis Verlag GmbH)
Helm (HKLM\...\{971514BD-7CC3-414F-9258-B79E6D53EC46}) (Version: 0.9.0.0 - Matt Tytel)
High-Definition Video Playback (HKLM-x32\...\{9193490D-5229-4FC4-9BB9-A6D63C09574A}) (Version: 11.0.12200.1.158 - Nero AG) Hidden
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
indii.org/tintii (HKLM-x32\...\tintii) (Version:  - )
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Intel Driver && Support Assistant (HKLM-x32\...\{90EFD4CC-39A4-4470-AEEB-878CB2BCBC81}) (Version: 25.4.36.6 - Intel) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{4152D055-4116-42A3-BC9E-86D0A17B35A5}) (Version: 25.4.36.6 - Intel)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Krita (x64) 5.2.11 (git a4da714) (HKLM\...\Krita_x64) (Version: 5.2.11.0 - Krita Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Leap Motion Profile v1.0 Trial for Motion LIVE 2D Plug-in (HKLM-x32\...\{CB332079-D416-45F6-9444-A6F651AE663C}) (Version: 1.0.1707.1 - Reallusion Inc.)
LibreCAD (HKLM-x32\...\LibreCAD) (Version: 2.1.3 - LibreCAD Team)
LibreOffice 25.2.5.2 (HKLM\...\{751B7B9A-39A0-428C-963B-0FA2B4BDD27F}) (Version: 25.2.5.2 - The Document Foundation)
Lightkey (HKLM\...\{AB7B36EE-A1FC-42CE-9E9C-ECEF2B2DD2AB}) (Version: 24.0.5.0 - Lightkey Sources LTD) Hidden
Live Billiards 2 (HKLM-x32\...\Live Billiards 2) (Version:  - )
LMMS 1.2.1 (HKLM-x32\...\LMMS) (Version: 1.2.1 - LMMS Developers)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.60.495862 - Logitech)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LOOXIS Faceworx 1.0 (HKLM-x32\...\LOOXIS Faceworx_is1) (Version: 1.0.0.1 - LOOXIS GmbH)
Luminance HDR 2.5.1 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version:  - Luminance HDR Dev Team)
Luminance Studio (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Luminance Studio) (Version:  - )
Luminar 4 (HKLM\...\Luminar 4) (Version: 4.3.4.9699 - Skylum)
LUT #1 (HKLM\...\LUT_1_2_CCD378F6_is1) (Version: 1.12 - Accelerated Vision UG)
makehuman-community (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\makehuman-community) (Version: 20200727 - Makehuman Community)
MakeMe3D (HKLM-x32\...\{C206BC46-62E0-41CB-0001-4DB984666A77}) (Version: 1.2.12.618 - Engelmann Media GmbH)
Malwarebytes version 5.4.5.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.5.226 - Malwarebytes)
MediaHuman Audio Converter Version 1.9.7 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.7 - MediaHuman)
MediBang Paint Pro 24.5.1 (64-bit) (HKLM\...\MediBang Paint Pro_is1) (Version: 24.5.1 - Medibang)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.22 (x64) (HKLM\...\{872CDB4B-5DDE-4297-BD19-C93B6C93E386}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.22 (x86) (HKLM-x32\...\{E3308628-44F2-49F2-B618-7735D528FAC2}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.22 (x64) (HKLM\...\{7A046DD7-9D61-4C5D-8F5E-24EE192B1B6A}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.22 (x86) (HKLM-x32\...\{4560BF00-0D8D-4FE8-84BA-83A208E9CB97}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.22 (x64) (HKLM\...\{C43A1A89-0CA5-43FD-BDC4-3B85DAD06A41}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.22 (x64) (HKLM-x32\...\{9a1a4be8-ffdb-48b5-b47b-f787981592d8}) (Version: 8.0.22.35427 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.22 (x86) (HKLM-x32\...\{3BAD90A6-48B6-4C89-97FF-02FEB96227C1}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.22 - Shared Framework (x86) (HKLM-x32\...\{251a18cb-cb97-48e3-ac2c-f57e06f8ed25}) (Version: 8.0.22.25528 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.22 Shared Framework (x86) (HKLM-x32\...\{1DFBD7A0-CB7B-392F-B3B0-76B85C9B01EB}) (Version: 8.0.22.25528 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 143.0.3650.96 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 143.0.3650.96 - Microsoft Corporation) Hidden
Microsoft Expression Design 4 (HKLM-x32\...\{EDF6CEF3-8415-4868-8B1F-8D9E5FF8FC23}) (Version: 8.0.31217.1 - Microsoft Corporation) Hidden
Microsoft Expression Design 4 (HKLM-x32\...\Design_8.0.31217.1) (Version: 8.0.31217.1 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel MUI (German) 2007 (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (HKLM-x32\...\{90120000-00A1-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (HKLM-x32\...\{90120000-001F-0410-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (HKLM-x32\...\{90120000-002C-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}) (Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (HKLM\...\{90120000-002A-0407-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (HKLM-x32\...\{90120000-006E-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.19426.20218 - Microsoft Corporation)
Microsoft Research Cliplets (HKLM\...\{A4DA1935-2F04-4AFF-BE48-085CCC7BD0CB}) (Version: 1.1.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35208 (HKLM-x32\...\{e90abaf0-d749-437b-ba99-cda1c84b6754}) (Version: 14.44.35208.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35208 (HKLM-x32\...\{5A76FFAE-36C5-4648-80BD-4BB5B6E971F0}) (Version: 14.44.35208 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35208 (HKLM-x32\...\{491C67BA-2F2F-4A90-B9DD-4C76BFDBEA02}) (Version: 14.44.35208 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60825 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60825 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.22 (x64) (HKLM\...\{4CCC1CCD-6FA3-4DD5-A06B-E94EA90094CF}) (Version: 64.88.42561 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.22 (x64) (HKLM-x32\...\{a3899eef-6164-4d42-b8c3-95ae6a844821}) (Version: 8.0.22.35428 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.22 (x86) (HKLM-x32\...\{2d077ae0-4556-4d5a-aa87-4ea76e32ec2d}) (Version: 8.0.22.35428 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.22 (x86) (HKLM-x32\...\{AABE221C-DA7E-4DDA-9AD6-322E03B95E2D}) (Version: 64.88.42561 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
MixPad Musikstudio-Software (HKLM-x32\...\MixPad) (Version: 13.54 - NCH Software)
Motion LIVE 2D Plug-in v1.11 Trial for Cartoon Animator (HKLM-x32\...\{E88C8914-A4CC-46EA-BC9B-2CC2E8BA6163}) (Version: 1.11.1915.1 - Reallusion Inc.)
Motion LIVE Plug-in v1.02 Trial for iClone (HKLM-x32\...\{172D3046-1186-4FC8-822A-1120E398B938}) (Version: 1.02.1203.1 - Reallusion Inc.)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.6.1 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 140.1.1 (x64 de)) (Version: 140.1.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MuseScore 3 (HKLM\...\{778D5D3D-5448-40F4-AACC-47D443C3E8A1}) (Version: 3.4.2.9788 - Werner Schweer and Others)
Music Recorder (HKLM-x32\...\{F5EF0BCC-8370-431F-B73E-AC6405C2DA1D}) (Version: 14.1.15600.0 - Audials AG)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyKeyFinder 2026 (HKLM-x32\...\{c6396ed4-bdba-4f98-8739-767cb6bd16e6}_is1) (Version: 15.01 - Abelssoft)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 2.1 - F.J. Wechselberger)
NEAT projects 3 professional (HKLM\...\NEAT_PROJECTS_3_3_Df337A2C_is1) (Version: 3.32 - Franzis Verlag GmbH)
Nero 11 (HKLM-x32\...\{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}) (Version: 11.0.10100 - Nero AG)
Nero 11 Cliparts (HKLM-x32\...\{B160A672-F326-4414-9BB0-A056C61B357C}) (Version: 11.0.10600.6.0 - Nero AG) Hidden
Nero 11 Disc Menus 1 (HKLM-x32\...\{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Disc Menus 2 (HKLM-x32\...\{7DF2B5EE-2C16-4E86-9C71-8678068AD805}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Disc Menus 3 (HKLM-x32\...\{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Disc Menus Basic (HKLM-x32\...\{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Effects Basic (HKLM-x32\...\{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}) (Version: 11.0.10600.6.0 - Nero AG) Hidden
Nero 11 Image Samples (HKLM-x32\...\{F3743A2C-5D5F-4456-8F98-5DF36A954C50}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Kwik Themes 1 (HKLM-x32\...\{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Kwik Themes 2 (HKLM-x32\...\{A4F6BE36-4826-45BA-A396-04F265A3B61D}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (HKLM-x32\...\{5A212B2D-140D-46F4-B625-2D1CA5A00594}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 PiP Effects Basic (HKLM-x32\...\{2CA7225D-CB12-462A-9DD1-50319E158BA5}) (Version: 11.0.10600.6.0 - Nero AG) Hidden
Nero 11 Video Samples (HKLM-x32\...\{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}) (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero Audio Pack 1 (HKLM-x32\...\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}) (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (HKLM-x32\...\{EA03E7E5-6757-4A9A-9B36-C0022BE752D2}) (Version: 18.0.3040 - Nero AG) Hidden
Nero BackItUp 11 (HKLM-x32\...\{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}) (Version: 6.0.10700.6.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (HKLM-x32\...\{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}) (Version: 11.0.10000 - Nero AG) Hidden
Nero BackItUp 2017 Essentials (HKLM-x32\...\{0A5CD1E5-5F6E-4E9B-AAE6-E368D1784693}) (Version: 18.1.00100 - Nero AG)
Nero Burning ROM 11 (HKLM-x32\...\{9D8491AD-D0D2-4B51-AA4A-A8B67795A553}) (Version: 11.0.10700.12.100 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (HKLM-x32\...\{53F7746A-96AA-49A5-86B8-59989680DAC5}) (Version: 11.0.10000 - Nero AG) Hidden
Nero ControlCenter (HKLM-x32\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.4.0006 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (HKLM-x32\...\{D4D66270-9147-4BDF-9946-FCA2B303AA8F}) (Version: 11.0.10000 - Nero AG) Hidden
Nero Core Components (HKLM-x32\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.6.0023 - Nero AG) Hidden
Nero CoverDesigner 11 (HKLM-x32\...\{FF44BCE5-5A18-4051-85F0-BC172D7B4695}) (Version: 6.0.10500.8.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (HKLM-x32\...\{55C2143E-FBA5-442F-9AFA-726FF068F39D}) (Version: 11.0.10000 - Nero AG) Hidden
Nero Express 11 (HKLM-x32\...\{E10AAE4A-98B8-420A-BD93-E0520C23D624}) (Version: 11.0.10700.12.100 - Nero AG) Hidden
Nero Express 11 Help (CHM) (HKLM-x32\...\{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}) (Version: 11.0.10000 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{BE814218-3919-4EA3-868A-2F60BC135CB4}) (Version: 1.10.14100.42.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (HKLM-x32\...\{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}) (Version: 11.0.10000 - Nero AG) Hidden
Nero Recode 11 (HKLM-x32\...\{4162E4B4-DB62-4719-9921-A59B2671C1CB}) (Version: 5.0.11300.15.100 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (HKLM-x32\...\{57F80ECF-E27C-4EEE-AB58-E971BACE2639}) (Version: 11.0.10000 - Nero AG) Hidden
Nero RescueAgent 11 (HKLM-x32\...\{034DCAF9-96E7-4936-9A07-712F80B5181E}) (Version: 4.0.10300.7.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (HKLM-x32\...\{D01CE99A-8802-483C-A79F-298B691EB432}) (Version: 11.0.10000 - Nero AG) Hidden
Nero SoundTrax 11 (HKLM-x32\...\{0713D1F9-DD77-42C1-8C7D-54D479E2E743}) (Version: 5.0.10300.3.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (HKLM-x32\...\{390757AA-8830-43DC-AEE0-4E5B6F8439EB}) (Version: 11.0.10000 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video 11 (HKLM-x32\...\{0D7A4289-99CF-4B8D-B812-86BE50A54552}) (Version: 8.0.12900.10.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (HKLM-x32\...\{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}) (Version: 11.0.10000 - Nero AG) Hidden
Nero WaveEditor 11 (HKLM-x32\...\{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}) (Version: 6.0.10500.3.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (HKLM-x32\...\{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}) (Version: 11.0.10000 - Nero AG) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
O&K Print Router (HKLM-x32\...\O&K Print Router) (Version: 3.0 - O&K Software Ltd.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.17928.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
onlineTV 18 (HKLM-x32\...\{58B7E23E-64FF-4A70-83EB-8CAF8FE5A78B}_is1) (Version: 18.22.11.3 - concept/design GmbH)
OpenOffice 4.1.15 (HKLM-x32\...\{D8DD7A6F-CB70-43AF-9A0C-9A5A4C195068}) (Version: 4.115.9813 - Apache Software Foundation)
Opera Mail 1.0 (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 125.0.5729.49 (HKLM-x32\...\Opera 125.0.5729.49) (Version: 125.0.5729.49 - Opera Software)
OptiTrack Profile v1.02 Trial for Motion LIVE Plug-in (HKLM-x32\...\{DF3F118D-8794-48E8-9228-3DF9C437A731}) (Version: 1.02.1130.1 - Reallusion Inc.)
Overlay Effects for Lightroom Version 1.0.3 (HKLM\...\{A2AEED12-A791-4AB5-B9FB-231B4129000E}_is1) (Version: 1.0.3 - Picture Instruments)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 11.27.0 (64 Bit) (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.27.0 - Geek Software GmbH)
PDF24 Creator 11.28.2 (32 Bit) (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.28.2 - Geek Software GmbH)
Perception Neuron Profile v1.0 Trial for Motion LIVE 2D Plug-in (HKLM-x32\...\{3A2CF4BF-6F79-46DC-9DF3-50CB0026D4D6}) (Version: 1.0.1707.1 - Reallusion Inc.)
Perception Neuron Profile v1.02 Trial for Motion LIVE Plug-in (HKLM-x32\...\{436D8673-70A9-4D07-AD78-51DE4BA7B982}) (Version: 1.02.1130.1 - Reallusion Inc.)
PHOTOfunSTUDIO 9.7 PE (HKLM-x32\...\{2A71E3D5-1714-4E8F-88CD-7C06894FA6A2}) (Version: 9.07.706.1031 - Panasonic Corporation)
Photopea PSD Editor Plug-in v1.0 for Cartoon Animator (HKLM-x32\...\{EDAFF67C-096E-4A7B-B3CD-8CFAB4384934}) (Version: 1.0.1016.1 - Reallusion Inc.)
PopcornFX Plug-in v1.01 Trial for iClone (HKLM-x32\...\{D719716D-0502-452D-ABC8-F88235049A9A}) (Version: 1.01.1519.1 - Reallusion Inc.)
Qualisys Profile v1.0 Trial for Motion LIVE Plug-in (HKLM-x32\...\{8B19FF77-91D0-4EEA-86D8-2D1C868D0A7A}) (Version: 1.0.0618.1 - Reallusion Inc.)
QuickTime (HKLM-x32\...\{C78EAC6F-7A73-452E-8134-DBB2165C5A68}) (Version: 7.62.14.0 - Apple Inc.)
RawTherapee Version 5.4 (HKLM\...\RawTherapee5.4_is1) (Version: 5.4 - rawtherapee.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Realtek USB Wireless LAN Driver (HKLM-x32\...\InstallShield_{DBCC4C27-F949-482b-B786-7B3B67587CD2}) (Version: Drv_3.00.0019 - REALTEK Semiconductor Corp.)
Recordify 2023 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 8.03 - Abelssoft)
Revo Uninstaller 2.6.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.6.5 - VS Revo Group, Ltd.)
Rokoko Profile v1.0 Trial for Motion LIVE 2D Plug-in (HKLM-x32\...\{68BED2C8-814B-4F18-825D-AB06C3D06CB7}) (Version: 1.0.1924.1 - Reallusion Inc.)
Rokoko Profile v1.02 Trial for Motion LIVE Plug-in (HKLM-x32\...\{2719BB11-4A27-4C34-9205-0349E860E20F}) (Version: 1.02.1130.1 - Reallusion Inc.)
ScreenCamera.Net registered to GiveAwayOfTheDay Version 1.4.5.41 (HKLM-x32\...\{6C47663A-C5B9-4404-A4BA-E75392F33B2C}_is1) (Version: 1.4.5.41 - PCWinSoft Software)
SHARPEN #5 professional (HKLM\...\SHARPEN_5_3_FCDF957E_is1) (Version: 5.41 - Accelerated Vision UG)
SILKYPIX Developer Studio 3.0 SE (HKLM-x32\...\InstallShield_{B2F25F71-D920-4288-A548-54CD253DEF14}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 8 SE (HKLM-x32\...\{593959B5-2971-430C-82C2-6F51C7EE8B34}) (Version: 8 - Ichikawa Soft Laboratory)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Smart Gallery Plug-in v1.12 for iClone (HKLM-x32\...\{4581D025-E559-40F4-A655-3243C877EABC}) (Version: 1.12.0827.1 - Reallusion Inc.)
Smart Gallery Plug-in v1.31 for Character Creator (HKLM-x32\...\{F33C21BF-AB8E-4196-BAD3-A5FC1BF40632}) (Version: 1.31.2226.1 - Reallusion Inc.)
SmartTools Servicepack 2018 für Excel (HKLM-x32\...\{07B86ED7-55AC-49C0-9814-B070B969DC62}) (Version: 1.0.3.0 - SmartTools Publishing)
Software Informer 1.4.1305.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Spotify (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\Spotify) (Version: 1.2.44.405.g81fd6352 - Spotify AB)
Spyder4Elite (HKLM-x32\...\Spyder4Elite) (Version:  - )
SpyderPRINT (HKLM-x32\...\SpyderPRINT) (Version:  - )
SpyderStudio (HKLM-x32\...\SpyderStudio) (Version:  - )
Sqirlz Morph (HKLM-x32\...\Sqirlz Morph) (Version: 2.0 - xiberpix)
Sweet Home 3D version 6.1.2 (HKLM\...\Sweet Home 3D_is1) (Version: 6.1.2 - eTeks)
Switch Audio-Converter (HKLM-x32\...\Switch) (Version: 13.24 - NCH Software)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synfig Studio (64bit) (HKLM\...\synfigstudio) (Version: 1.2.2-286f1 - )
Tablet Driver With Macrokey Manager (HKLM\...\RmTablet) (Version: 4.13 - )
ThunderSoft GIF Converter (3.1.0.0) (HKLM-x32\...\ThunderSoft GIF Converter_is1) (Version: 3.1.0.0 - ThunderSoft)
TuneFab Spotify Music Converter 3.1.23 (HKLM\...\9ff685d9-8f1e-59e1-a273-b7c9e7cf0c17) (Version: 3.1.23 - TuneFab)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Notifier (HKLM\...\{A0CA66DA-49B3-4D6F-92EA-B4CBC60365E0}) (Version: 3.0.0.73 - MAGIX Software GmbH) Hidden
Update Notifier (HKLM\...\MX.{A0CA66DA-49B3-4D6F-92EA-B4CBC60365E0}) (Version: 3.0.0.73 - MAGIX Software GmbH)
Videomizer 2 (HKLM-x32\...\{B84CB121-58A9-4D5E-0001-805171E318F3}) (Version: 2.0.16.504 - Engelmann Media GmbH)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 17.48 - NCH Software)
VideoProc Converter (HKLM-x32\...\VideoProc Converter) (Version: 4.4 - Digiarty, Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC Plus Player Updater (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\AM VLC Plus Player Updater) (Version: 1.0.2 - ) <==== ACHTUNG
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Watermark Software 8.3 (HKLM-x32\...\Watermark Software) (Version: 8.3 - watermark-software.com)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 20.54 - NCH Software)
welcome (HKLM-x32\...\{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}) (Version: 11.0.20000.0.0 - Nero AG) Hidden
WhatsApp (Outdated) (HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\WhatsApp) (Version: 2.2326.10 - WhatsApp)
Wi-Fi-Adapter (HKLM\...\{5A93E57B-A092-48B9-9A5A-7F7218FF8F29}_is1) (Version: 1.0.0.10 - Ugreen)
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-12-23] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-12-12] (Adobe Systems Incorporated)
Adobe Photoshop Express: Image Editor, Änderungen, Filter, Effekte, Rahmen -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.6.392.0_x64__mtcwf2zmmt10c [2023-01-26] (Adobe Inc.)
Adobe XD -> C:\Program Files\WindowsApps\Adobe.XD_51.0.12.6_x64__pc75e8sa7ep4e [2023-01-26] (Adobe Inc.)
Adobe-Fresco -> C:\Program Files\WindowsApps\Adobe.Fresco_3.2.0.745_x64__pc75e8sa7ep4e [2023-01-26] (Adobe Inc.)
Amazon.de: Amazon Prime -> C:\Program Files\WindowsApps\www.amazon.de-22BA6F70_1.0.0.1_neutral__v3aseepm5s0mp [2025-12-28] (www.amazon.de)
ARD Audiothek -> C:\Program Files\WindowsApps\www.ardaudiothek.de-6D6467DE_1.0.0.2_neutral__x8af41t9fvg4c [2025-12-28] (www.ardaudiothek.de)
Deutsch - Plattdeutsch Übersetzer - AI Translator  Mr. Dialect -> C:\Program Files\WindowsApps\mr-dialect.com-75DB0486_1.0.0.1_neutral__r4bnghda1b544 [2025-12-28] (mr-dialect.com)
FloraWeb - Willkommen bei FloraWeb -> C:\Program Files\WindowsApps\www.floraweb.de-B816B02A_1.0.0.1_neutral__vc34710g4vf76 [2025-12-28] (www.floraweb.de)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation)
FreeCell -> C:\Program Files\WindowsApps\www.free-freecell-solitaire.com-A837CC6C_1.0.0.2_neutral__x3j35fb5y4knr [2025-12-28] (www.free-freecell-solitaire.com)
FreeCell HD -> C:\Program Files\WindowsApps\32988BernardoZamora.Dummy2_1.26.88.0_x64__1fgex2kbsn6g8 [2025-12-29] (Bernardo Zamora)
FreeCell Solitaire!! -> C:\Program Files\WindowsApps\476931bsyl.FreeCellSolitaire_1.6.0.0_x64__cgv7566y2ek3j [2025-12-16] (1bsyl)
FreeCell Solitär -> C:\Program Files\WindowsApps\TreeCardGames.FreeCellCollectionFree_5.3.2.0_x64__n666hb6ddc5jp [2023-07-12] (TreeCardGames)
Günther Blaich - Europäische Orchideen und andere Pflanzen - European orchids and other plants -> C:\Program Files\WindowsApps\www.guenther-blaich.de-B1F64B0B_1.0.0.0_neutral__8msq1feav1cr6 [2023-03-31] (www.guenther-blaich.de)
Günther Blaich - Europäische Orchideen und andere Pflanzen - European orchids and other plants -> C:\Program Files\WindowsApps\www.guenther-blaich.de-C2737558_1.0.0.1_neutral__8msq1feav1cr6 [2023-10-16] (www.guenther-blaich.de)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_162.3.1128.0_x64__v10z8vjag6ke6 [2025-12-29] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa [2025-12-29] (Apple Inc.) [Startup Task]
Joyn -> C:\Program Files\WindowsApps\www.joyn.de-DEF5F6A1_1.0.0.1_neutral__pcbtsyen7zd6j [2025-12-28] (www.joyn.de)
Klimazonen in Deutschland und Winterhärte -> C:\Program Files\WindowsApps\www.garten-pur.de-3CD2266D_1.0.0.1_neutral__fs8jqsebezzny [2025-12-28] (www.garten-pur.de)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_21.2.500.0_x64__4n2hpmxwrvr6p [2025-12-29] (XBMC Foundation)
Local AI Manager for Microsoft 365 -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\AI [2025-12-23] ()
Mahjong Solitaire -> C:\Program Files\WindowsApps\7333BvG.MahjongSolitaireFree_2.9.4.0_x64__y1s27y3vcjf5c [2025-12-29] (BvG)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation)
Mein schöner Garten: Pflanzen, Garten & Gartentipps. -> C:\Program Files\WindowsApps\www.mein-schoener-garten.de-59EACECB_1.0.0.2_neutral__7cmmreg3ma958 [2025-12-28] (www.mein-schoener-garten.de)
Mein schöner Garten: Pflanzen, Garten & Gartentipps. -> C:\Program Files\WindowsApps\www.mein-schoener-garten.de-FEC576CC_1.0.0.0_neutral__7cmmreg3ma958 [2023-03-31] (www.mein-schoener-garten.de)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.8.4231.0_x86__8wekyb3d8bbwe [2025-12-29] (Microsoft Studios)
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2023-01-26] (Microsoft Platform Extensions)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20610.576.0_x64__8wekyb3d8bbwe [2025-12-29] (Microsoft Corporation)
Microsoft Word - 47_Pflanzenportraet_Sauromatum_guttatum.doc -> C:\Program Files\WindowsApps\www.botanik-bochum.de-1D8C8514_1.0.0.1_neutral__tf53kk577w776 [2025-12-28] (www.botanik-bochum.de)
Microsoft.Office.ActionsServer -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\ActionsServer [2025-12-23] ()
Moser Care and Support Wear -> C:\Program Files\WindowsApps\www.mosercare.de-5945C851_1.0.0.1_neutral__dkwc0jk62d6fr [2025-12-28] (www.mosercare.de)
NaturaDB - Finde die passenden Pflanzen. -> C:\Program Files\WindowsApps\www.naturadb.de-BAD1CB5_1.0.0.1_neutral__b30na7fkwqa6g [2025-12-28] (www.naturadb.de)
Netzkino -> C:\Program Files\WindowsApps\35124netzkino.Netzkino_3.3.1.1_neutral__843rhjq2hbnd4 [2023-01-26] (netzkino) [MS Ad]
Niedersachsens Kliniken im Check Januar 2025: Was leisten sie in der Knie- und Hüftmedizin?  news.de -> C:\Program Files\WindowsApps\www.news.de-DF263BF_1.0.0.1_neutral__wm4rcazk6szy8 [2025-12-28] (www.news.de)
OfficePushNotificationsUtility -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16 [2025-12-23] ()
Öffnen, Bearbeiten und Konvertieren von ATN-Dateien – DateiWiki Blog -> C:\Program Files\WindowsApps\datei.wiki-A4EBD80C_1.0.0.1_neutral__pbgnkrshpkp7g [2025-12-28] (datei.wiki)
OneLaunch -> C:\Program Files\WindowsApps\getmanualssearch.com-DE6DDF6C_1.0.0.3_neutral__eg3srx13a0kee [2025-12-28] (getmanualssearch.com)
Översetter: Hochdeutsch - Plattdeutsch Übersetzer -> C:\Program Files\WindowsApps\www.xn-versetter-z7a.de-BE380337_1.0.0.1_neutral__2v621k8gjawty [2025-12-28] (www.översetter.de)
PayPal -> C:\Program Files\WindowsApps\www.paypal.com-36CE595_1.0.0.1_neutral__vct904jxvz49g [2025-12-28] (www.paypal.com)
PDF Converter -> C:\Program Files\WindowsApps\AnywaySoftInc.PDFConverter_2.0.9.0_x64__0qkrc2qacwvfm [2023-01-26] (AnywaySoft, Inc.) [MS Ad]
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.1.6.0_x64__pwbj9vvecjh7j [2025-12-29] (Amazon Development Centre (London) Ltd)
Promesse de fleurs, Qualitätspflanzen seit 1950 -> C:\Program Files\WindowsApps\www.promessedefleurs.de-649494B7_1.0.0.1_neutral__yfvr7wv0rmg4y [2025-12-28] (www.promessedefleurs.de)
Saatgut-Vielfalt  www.saatgut-vielfalt.de -> C:\Program Files\WindowsApps\www.saatgut-vielfalt.de-59A19251_1.0.0.0_neutral__nx0er27znpjwg [2023-03-31] (www.saatgut-vielfalt.de)
Saatgut-Vielfalt  www.saatgut-vielfalt.de -> C:\Program Files\WindowsApps\www.saatgut-vielfalt.de-FBA683DE_1.0.0.2_neutral__nx0er27znpjwg [2025-12-28] (www.saatgut-vielfalt.de)
Sinar - Fotografie & Videografie Leicht Gemacht -> C:\Program Files\WindowsApps\sinar.ch-D6790AE4_1.0.0.1_neutral__jvgj41ckkxmet [2025-12-28] (sinar.ch)
Solitaire FRVR -> C:\Program Files\WindowsApps\www.msn.com-8E02E2B_1.0.0.0_neutral__q77jw2zwjvy92 [2023-02-12] (www.msn.com)
Solitaire FRVR -> C:\Program Files\WindowsApps\www.msn.com-F79F426E_1.0.0.1_neutral__q77jw2zwjvy92 [2023-10-16] (www.msn.com)
Startseite  Staudenfreunde -> C:\Program Files\WindowsApps\gds-staudenfreunde.de-1C4B8435_1.0.0.1_neutral__qg9r9qvxrk70j [2025-12-28] (gds-staudenfreunde.de)
Staudengärtnerei Gaißmayer (Pflanzendaten) -> C:\Program Files\WindowsApps\www.gaissmayer.de-6C5CE7BE_1.0.0.0_neutral__0k7pksr2c3c5c [2023-03-31] (www.gaissmayer.de)
Staudengärtnerei Gaißmayer (Pflanzendaten) -> C:\Program Files\WindowsApps\www.gaissmayer.de-9769D9E9_1.0.0.1_neutral__0k7pksr2c3c5c [2023-10-16] (www.gaissmayer.de)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2024-07-27] (VideoLAN)
Waldsteinia lobata (Waldsteinia mit Lappen, Barren Erdbeere mit Lappen, Barren Strawberry mit Lappen) - Verwendung, Vorteile und gebräuchliche Namen -> C:\Program Files\WindowsApps\www.selinawamucii.com-E8D51AEE_1.0.0.1_neutral__h77grymjjvpty [2025-12-28] (www.selinawamucii.com)
Was sind Winterhärtezonen? - Plantura -> C:\Program Files\WindowsApps\www.plantura.garden-731F3C29_1.0.0.1_neutral__javay0bkw47v8 [2025-12-28] (www.plantura.garden)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2587.9.0_x64__cv1g1gvanyjgm [2025-12-30] (WhatsApp Inc.) [Startup Task]
Wie man Hybrid-Windröschen anbaut und pflegt -> C:\Program Files\WindowsApps\www.picturethisai.com-B4712BF1_1.0.0.1_neutral__8pemh7k5ekhyc [2025-12-28] (www.picturethisai.com)
Winterhärtezonen im Überblick winterharte Pflanzen · Wächter Pflanzencenter -> C:\Program Files\WindowsApps\www.waechter-pflanzencenter.de-77D2E06F_1.0.0.1_neutral__q6m5ceemv6ndm [2025-12-28] (www.waechter-pflanzencenter.de)
YouTube -> C:\Program Files\WindowsApps\www.youtube.com-54E21B02_1.0.0.2_neutral__pd8mbgmqs65xy [2025-12-28] (www.youtube.com)
Zeigerwerte -> C:\Program Files\WindowsApps\www.oekologie-seite.de-1DA4294D_1.0.0.1_neutral__3n8wxn7ejyg7w [2025-12-28] (www.oekologie-seite.de)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\ChromeHTML: ->  <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-9973BD01F8E3} -> [Creative Cloud Files] => C:\Users\Horst\Creative Cloud Files [2020-06-20 18:33]
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll (Microsoft Corporation) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{7B8A4895-8074-9EBA-2B64-0C2FC00AEDCE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{97D9AC27-40D1-4F2B-973E-C8190480E3D9}\localserver32 -> C:\Users\Horst\AppData\Local\1&1 Mail & Media GmbH\MCDS\1\Application\1\activator.exe (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{9A527227-46B8-45B1-9BDF-62E4C71CC055}\InprocServer32 -> C:\Users\Horst\AppData\Local\1&1 Mail & Media GmbH\MCDS\1\Application\1\dbc.dll (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{AB9B6851-C94E-43B7-A304-F40DEA3FA09F}\localserver32 -> "c:\program files\musehub\current\musehub.exe" ----AppNotificationActivated: => Keine Datei
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{ACEA8D04-E06D-805A-1F4B-6A46CE1EB7EE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{AEBAFF06-B83A-4F24-9CC1-D63F9EAA2F86}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender 2.93\BlendThumb.dll (Stichting Blender Foundation -> )
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files (x86)\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [  AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-12-12] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-12-12] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-12-12] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-12-12] (Adobe Inc. -> )
ContextMenuHandlers1-x32: [ASZipF] -> {e03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\ASZSHLEXT.DLL [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers1: [ASZipF64] -> {e03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\aszshlext64.dll [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers1: [MVDShlext] -> {027B567F-6B25-42C1-9C0B-5CE8E04024BD} =>  -> Keine Datei
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-01-05] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [MGFolderIconBasicShellEx] -> {6b3c2037-775b-3a6e-9773-0bfcc92d8947} => G:\Program Files\MSTechFolderIconBasicShellEx.DLL -> Keine Datei
ContextMenuHandlers4: [MVDShlext] -> {027B567F-6B25-42C1-9C0B-5CE8E04024BD} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxDTCM.dll [2022-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-12-12] (Adobe Inc. -> )
ContextMenuHandlers6-x32: [ASZipF] -> {e03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\ASZSHLEXT.DLL [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers6: [ASZipF64] -> {e03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\aszshlext64.dll [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-08-19] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-01-05] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2006-10-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2006-10-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Horst\Favorites\Fotor for desktop.lnk -> hxxp://www.fotor.com/windows/review.htm
ShortcutWithArgument: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__jolaaineabphadfbdnebehahbneddjib\Mein schöner Garten  Pflanzen, Garten & Gartentipps.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=jolaaineabphadfbdnebehahbneddjib --app-url=hxxps://www.mein-schoener-garten.de/ --app-launch-source=4
ShortcutWithArgument: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__jihamkfopolkefphcacleadneejocbjp\Saatgut-Vielfalt  www.saatgut-vielfalt.de.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=jihamkfopolkefphcacleadneejocbjp --app-url=hxxps://www.saatgut-vielfalt.de/inhalt/geschichte --app-launch-source=4
ShortcutWithArgument: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__hokbbolikgdbclpcibfeflcdfilocfnl\Mahjong Deluxe.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=hokbbolikgdbclpcibfeflcdfilocfnl --app-url=hxxps://www.msn.com/de-de/play/mahjong-deluxe/cg-9pg0crrcqq20?ocid=cgpwa --app-launch-source=4
ShortcutWithArgument: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__gmjobpdpodpojmpfpjljmgfjgikblaak\Staudengärtnerei Gaißmayer (Pflanzendaten).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=gmjobpdpodpojmpfpjljmgfjgikblaak --app-url=hxxps://www.gaissmayer.de/web/shop/themenwelten/mit-stauden-gestalten/wild-und-naturgarten/stauden-fuer-naturnahe-pflanzungen/51/malva-sylvestris-var-mauritiana/8908/ --app-launc
ShortcutWithArgument: C:\Users\Horst\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__feeiifojcffkbednfkadleihdgbndnlh\Günther Blaich - Europäische Orchideen und andere Pflanzen - European orchids and other plants.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=feeiifojcffkbednfkadleihdgbndnlh --app-url=hxxp://www.guenther-blaich.de/ --app-launch-source=4
ShortcutWithArgument: C:\Users\Horst\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2017-09-25 21:05 - 2009-04-03 17:51 - 000336896 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enppmon.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\LOOXIS:{4A003100-7400-7300-4200-740077005100} [704]
AlternateDataStreams: C:\LOOXIS:{61004700-7900-7600-6E00-630043005400} [236]
AlternateDataStreams: C:\LOOXIS:{6E005900-4D00-2B00-4F00-4D0078006900} [704]
AlternateDataStreams: C:\ProgramData:NetOptimizer [294]
AlternateDataStreams: C:\Windows:CM_4536bcf519c7a8c697b63cf41dd9239b7eb9593ecc22faca240a5b6a64c20234 [74]
AlternateDataStreams: C:\Windows:CM_a751d84a57a0954e38fd5e625c6d6d4047d58bde2aeb7d4a85f5a8d2724b91d4 [74]
AlternateDataStreams: C:\Users\All Users:NetOptimizer [294]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NetOptimizer [294]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:3241321C [131]
AlternateDataStreams: C:\ProgramData\TEMP:810B9F0D [130]
AlternateDataStreams: C:\ProgramData\TEMP:B56E7461 [302]
AlternateDataStreams: C:\ProgramData\TEMP:DFB59A96 [122]
AlternateDataStreams: C:\Users\Horst\Documents\Apache_OpenOffice_V4.1.15.exe:BDU [0]
AlternateDataStreams: C:\Users\Horst\Documents\ashampoo_backup_2023_38725.exe:BDU [0]
AlternateDataStreams: C:\Users\Horst\Documents\ChromeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Horst\Documents\OperaSetup (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Horst\Documents\Opera_111.0.5168.43_Setup_x64.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {31BD138B-6AC5-484C-96F4-3E49E2D78DFC} URL = hxxps://go.gmx.net/br/ie_search_shopping/splugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {5083A602-2A2F-48B6-9E01-A949E74DF6BB} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {7B0DE5C9-898F-45E0-8C19-FECF88DC9136} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {8DE2F24E-0A2C-40B6-90C7-E11B772EF774} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {D8D808CB-8DD2-4649-906F-5F44064DAE80} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: GMX MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: GMX MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM - Kein Name - {C424171E-592A-415a-9EB1-DFD6D95D3530} -  Keine Datei
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Kein Name - {C424171E-592A-415a-9EB1-DFD6D95D3530} -  Keine Datei
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Handler-x32: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll [2022-08-10] (1&1 Mail & Media GmbH -> 1und1 Mail und Media GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-22] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7940 mehr Seiten.

IE trusted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7944 mehr Seiten.


==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-09-29 14:46 - 2016-07-16 12:45 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts

2019-07-28 16:01 - 2022-07-13 18:04 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Network ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

DNS Servers: 192.168.68.204
 ist aktiviert.

Network Binding:
=============
Ethernet 2: Intel(R) Ethernet Connection (2) I219-LM -> e1d.sys
WLAN: Ugreen WIFI6 Wireless USB NIC -> aicusbwifi.sys
Ethernet 3: SAMSUNG Mobile USB Remote NDIS Network Device -> usb80236.sys

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> ;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Adobe\AGL;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Smart Projects\IsoBuster;Y:\PROGRAMME\QTSystem\;C:\Program Files\dotnet\;
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-947909773-2885354443-2675781160-1010\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\StartupFolder: => "StartRLCMS.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Ashampoo Backup PB"
HKLM\...\StartupApproved\Run: => "PrintDisp"
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKLM\...\StartupApproved\Run: => "MacrokeyManager"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "LogiBolt"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run: => "EPPCCMON"
HKLM\...\StartupApproved\Run: => "Bdagent"
HKLM\...\StartupApproved\Run: => "Ashampoo Backup"
HKLM\...\StartupApproved\Run: => "BraveVpnWireguardService"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKLM\...\StartupApproved\Run32: => "MailCheck IE Broker"
HKLM\...\StartupApproved\Run32: => "Lightkey Control Center"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\StartupFolder: => "Reallusion Hub.lnk"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\StartupFolder: => "mhelper.lnk"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\StartupFolder: => "SearchEngineOptimizer.lnk"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "QMxNetworkSync"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "CloudApp"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "EPSDNMON"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "LogiBolt"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6E2C73815817D7E02B41C013F4C55849"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneLaunchUpdater"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneLaunch"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneLaunchChromium"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "com.doctolib.pro.desktop"
HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Opera Air Stable"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{CBF3F5DB-C621-4568-966F-62883472AD88}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\cdVideoJukebox.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> concept/design GmbH)
FirewallRules: [{09DA3DAC-FFA4-43E1-9D2F-E5658635EE77}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\cdVideoJukebox.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> concept/design GmbH)
FirewallRules: [{DF6CB94B-876E-42D4-8EDC-558B319ECC8C}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\AMasterMain.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> FRANZIS GmbH)
FirewallRules: [{A69A7793-ABAC-492C-848E-68D649807F3B}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\AMasterMain.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> FRANZIS GmbH)
FirewallRules: [{D93DDB5A-D20C-42F0-8811-6AD3E2A92B54}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\AMaster.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> FRANZIS Verlag GmbH)
FirewallRules: [{BBD6EF72-0681-4F96-9636-8371017077F0}] => (Allow) C:\Program Files (x86)\FRANZIS\Audio 10\AMaster.exe (Concept/Design, Information, Bild und Datenverarbeitung GmbH -> FRANZIS Verlag GmbH)
FirewallRules: [UDP Query User{FFF36456-D06A-48D6-8267-C4D634C1047E}C:\program files\presonus\studio one 4\studio one.exe] => (Allow) C:\program files\presonus\studio one 4\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{AC056B47-7D4F-420A-9DC2-7BEDFC5437DE}C:\program files\presonus\studio one 4\studio one.exe] => (Allow) C:\program files\presonus\studio one 4\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{577F997A-40EC-4A20-9385-F690FE09890A}C:\program files\presonus\studio one 4\studio one.exe] => (Allow) C:\program files\presonus\studio one 4\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{3816F851-D0B8-413C-A6D0-1451EB22AA41}C:\program files\presonus\studio one 4\studio one.exe] => (Allow) C:\program files\presonus\studio one 4\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{82AB3EFC-BC92-47F3-891A-365E613F4E16}C:\users\horst\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\horst\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B1C44072-1889-4C14-B73F-154365A5F566}C:\users\horst\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\horst\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{A2F28DC8-BEE4-41AF-B973-8C38283525CD}C:\users\horst\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\horst\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{594DDDCA-D253-4D1F-A983-FED18A7F0998}C:\users\horst\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\horst\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2933A59D-BE09-4E6D-B287-20A5B4B0D617}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [Datei ist nicht signiert]
FirewallRules: [{47F42FA9-2AE2-45CF-89BA-52A82A2F1F6C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [Datei ist nicht signiert]
FirewallRules: [{B83426C5-573C-4E4E-BF45-83B1E070A7FC}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{245F42AB-CAB6-4998-B20B-85D01799D177}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{589FABB2-C469-4BA8-BC19-DEAB760E1843}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37AB8189-FD24-4E63-B90B-684FE3670CA9}] => (Allow) LPort=31931
FirewallRules: [{FDCE0BC9-8514-417D-B704-B55AA2C4F668}] => (Allow) LPort=14714
FirewallRules: [{ADF12E9F-DFD5-4417-9D93-A5C81A3BD473}] => (Allow) LPort=12972
FirewallRules: [{6C290D82-D8A0-490C-B520-3D6152C8F702}] => (Allow) C:\Program Files (x86)\Music Recorder\Music Recorder 2016\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{8C763991-FC71-401C-835B-36770642759A}] => (Allow) LPort=53
FirewallRules: [{540DF1F0-A11D-402E-903D-427DB0B0A088}] => (Allow) LPort=53
FirewallRules: [{CA06D59F-1D64-4F1A-962F-99FE5F043266}] => (Allow) LPort=1542
FirewallRules: [{9707B72F-000D-455A-9664-4446FE315CEF}] => (Allow) LPort=1542
FirewallRules: [{1415630C-F8A8-4463-BC4C-44288E11E5EB}] => (Allow) C:\Program Files (x86)\Apowersoft\Beecut\BeeCut.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{14834C08-FFCD-4AC3-BA2F-47D165CE221D}] => (Allow) C:\Program Files (x86)\Apowersoft\Beecut\BeeCut.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{321DE7B7-E30C-43C0-BCB8-B7F927B77903}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero BackItup\NBService.exe (Nero AG -> Nero AG)
FirewallRules: [{9E138320-5C87-45FD-9E5E-3CB09E47E28B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero BackItup\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{DE10AFAE-0CFA-49E8-BC52-3D421AC3A7D2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{5D95BC7B-479A-4B06-B842-C3B63CFD55CE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2B4797CF-185B-479C-986F-4F983986460D}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{8EE2B736-BC18-458F-B158-85D74EE4E96D}C:\program files\logioptionsplus\logioptionsplus_agent.exe] => (Allow) C:\program files\logioptionsplus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{401CA946-3340-4715-B5AB-0F0887BBB13F}C:\program files\logioptionsplus\logioptionsplus_agent.exe] => (Allow) C:\program files\logioptionsplus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{47167B7B-EDA1-4416-AEBB-51A9C7FE14F6}C:\program files\logioptionsplus\logioptionsplus_agent.exe] => (Block) C:\program files\logioptionsplus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{9C82208F-0D77-4482-82C9-592B1A84FB9D}C:\program files\logioptionsplus\logioptionsplus_agent.exe] => (Block) C:\program files\logioptionsplus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{55E42E98-8ED2-4020-984F-5CE048D1B6BE}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{209FC917-FE9B-458A-A9EB-825F1F137EE8}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{1CC73C07-0143-449E-B92E-13778694A894}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{5D1275F0-AAB5-44A4-BEFA-46DEBFE02E25}] => (Allow) C:\Program Files\Audials\AudialsOneEdition 2024\Audials.exe => Keine Datei
FirewallRules: [{5CCB13C4-878C-4DC1-9869-8DF0E25E17F8}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{15B83743-99F3-4248-807A-1E6F66345B5F}] => (Allow) C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{0F13DFB0-4324-4FCC-8B24-DCBDFF8132EE}] => (Allow) C:\Program Files\Audials\VisionEdition 2024\Audials.exe => Keine Datei
FirewallRules: [{07846DBD-3197-4CC2-B6C3-7E11FF473276}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3D7E19DD-C6CA-46F7-885D-D912A6B16E21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0A6B281-127B-4DE4-B767-16E65C3CB79B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3FFD9D4-00B1-4EE3-84DF-BBF00E55D094}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BABBECB0-D86C-479C-A141-0CBB31C1F8F0}] => (Allow) C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{DBD1B99C-102F-45E4-990E-569CB1915F62}C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe => Keine Datei
FirewallRules: [UDP Query User{3E39EC19-3A86-4AC6-98FC-BB456A4AB0B6}C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe => Keine Datei
FirewallRules: [{3EEA9823-9587-4A40-8CF4-ACEADE2BF39B}] => (Allow) C:\Program Files\Audials\VisionEdition 2026\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [TCP Query User{852AC122-13C2-4221-A926-0902A2897EC8}C:\users\horst\appdata\local\programs\opera air\opera.exe] => (Allow) C:\users\horst\appdata\local\programs\opera air\opera.exe => Keine Datei
FirewallRules: [UDP Query User{18E9A897-542F-48EC-B04A-2BC85CCF87E6}C:\users\horst\appdata\local\programs\opera air\opera.exe] => (Allow) C:\users\horst\appdata\local\programs\opera air\opera.exe => Keine Datei
FirewallRules: [TCP Query User{2CECC440-77E1-4E35-AEEC-BA47A7A6AB54}C:\users\horst\appdata\local\programs\opera air\opera.exe] => (Allow) C:\users\horst\appdata\local\programs\opera air\opera.exe => Keine Datei
FirewallRules: [UDP Query User{66CF8B42-6247-4A12-B4F5-B6C23AEC2D6C}C:\users\horst\appdata\local\programs\opera air\opera.exe] => (Allow) C:\users\horst\appdata\local\programs\opera air\opera.exe => Keine Datei
FirewallRules: [{8D314AFD-F087-46EE-9D92-E41A893C8427}] => (Allow) LPort=80
FirewallRules: [{AF95B744-6AC5-49AD-8843-6311FA0DE95D}] => (Allow) LPort=80
FirewallRules: [{E87837D1-A688-4DF0-9407-80D9FB8B3652}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{FC667696-6E03-4CA6-8C9E-99C67D2BB7F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DD37AE8A-C176-440C-A117-77EB793AE804}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{4F8F8520-650F-4FD0-9AC0-4F1FE315EB9F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{EDD6E01F-A986-40D2-928F-3F4EE384CEA6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{AE81007D-B32E-49F1-8282-5B43924547A9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{5B78A22D-6D3E-46E4-AECD-D0CE4B81F74B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7F6F4EEC-09A8-46FB-9E97-7AFB4A20F629}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{509DA566-F538-4D20-B4A0-421A2EEDAB81}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{990AE47E-2933-4D5E-8CDE-A1579F1F1E47}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12139.1.59021.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

02-01-2026 16:12:55 Geplanter Prüfpunkt
05-01-2026 21:36:10 AdwCleaner_BeforeCleaning_05/01/2026_21:36:07

==================== Fehlerhafte Geräte im Gerätemanager ============

==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (01/05/2026 10:13:48 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(32ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (01/05/2026 10:13:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AicWifiService.exe, Version: 1.0.0.2, Zeitstempel: 0xbd7ad8a6
Name des fehlerhaften Moduls: VCRUNTIME140_CLR0400.dll, Version: 14.32.31326.0, Zeitstempel: 0xbfc4c5aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001470
ID des fehlerhaften Prozesses: 0xcb0
Startzeit der fehlerhaften Anwendung: 0x01dc7e88292a3ecc
Pfad der fehlerhaften Anwendung: C:\Program Files\Ugreen\AicWifiService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
Berichtskennung: 00e0d25b-418a-4eb5-859b-cfa1e4bd9e50
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/05/2026 10:13:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AicWifiService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
  bei System.Runtime.InteropServices.Marshal.PtrToStructureHelper(IntPtr, System.Object, Boolean)
  bei System.Runtime.InteropServices.Marshal.PtrToStructure(IntPtr, System.Type)
  bei TestService.AicWifiService.ServiceControlHandler(Int32, Int32, IntPtr, IntPtr)
  bei System.ServiceProcess.NativeMethods.StartServiceCtrlDispatcher(IntPtr)
  bei System.ServiceProcess.ServiceBase.Run(System.ServiceProcess.ServiceBase[])
  bei TestService.Program.Main()

Error: (01/05/2026 10:05:44 PM) (Source: CertEnroll) (EventID: 87) (User: NT-AUTORITÄT)
Description: Fehler bei der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Mon, 05 Jan 2026 21:05:45 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a81fff91-8266-4329-9d64-5c8511f6c0c6

Methode: POST(3922ms)
Phase: SubmitDone
Ungültige Anforderung (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (01/05/2026 08:12:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf INTERN 1 (M:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (01/05/2026 08:12:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf EXTERN 0_07.2024_SIKO Foto (Z:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (01/05/2026 06:44:12 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-7PAH99J$ über https://IFX-KeyId-d8a3f556085a68c8aa5d5fe079bcc6e9c6d37764.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(16ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (01/05/2026 06:43:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AicWifiService.exe, Version: 1.0.0.2, Zeitstempel: 0xbd7ad8a6
Name des fehlerhaften Moduls: VCRUNTIME140_CLR0400.dll, Version: 14.32.31326.0, Zeitstempel: 0xbfc4c5aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001470
ID des fehlerhaften Prozesses: 0xf58
Startzeit der fehlerhaften Anwendung: 0x01dc7e6adce48f99
Pfad der fehlerhaften Anwendung: C:\Program Files\Ugreen\AicWifiService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
Berichtskennung: 326a21f5-2fbe-490b-ade8-c116f4063dd7
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (01/05/2026 10:18:37 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Die Zertifizierungsstelle/Schlüssel für den sicheren Start müssen aktualisiert werden. Diese Gerätesignaturinformationen sind hier enthalten.
DeviceAttributes: BaseBoardManufacturer:Gigabyte Technology Co., Ltd.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:F23d;OEMModelNumber:Q170M-D3H;OEMModelBaseBoard:Q170M-D3H-CF;OEMModelSystemFamily:Default string;OEMManufacturerName:Gigabyte Technology Co., Ltd.;OEMModelSKU:Default string;OSArchitecture:amd64;
BucketId: 89f33aecfc29e81c14591c9ed947ae2900580226bb9fcbcffa2e6448b96fe9fd
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (01/05/2026 10:13:42 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x0000007e (0xffffffffc0000005, 0xfffff80040747b7a, 0xfffff60e748e9e18, 0xfffff60e748e9650). Ein volles Abbild wurde gespeichert in: C:\WINDOWS\MEMORY.DMP. Berichts-ID: 10742f16-1ac6-46ca-8aac-74067ff89798.

Error: (01/05/2026 10:13:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "AicWifiServiceD80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/05/2026 10:13:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WEPHOSTSVC" wurde mit folgendem Fehler beendet:
Bei der Verarbeitung der Steuerungsanforderung ist ein Ausnahmefehler im Dienst aufgetreten.

Error: (01/05/2026 10:13:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "workfolderssvc" ist vom Dienst "WSearch" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (01/05/2026 10:13:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎01.‎2026 um 22:05:04 unerwartet heruntergefahren.

Error: (01/05/2026 10:10:05 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Die Zertifizierungsstelle/Schlüssel für den sicheren Start müssen aktualisiert werden. Diese Gerätesignaturinformationen sind hier enthalten.
DeviceAttributes: BaseBoardManufacturer:Gigabyte Technology Co., Ltd.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:F23d;OEMModelNumber:Q170M-D3H;OEMModelBaseBoard:Q170M-D3H-CF;OEMModelSystemFamily:Default string;OEMManufacturerName:Gigabyte Technology Co., Ltd.;OEMModelSKU:Default string;OSArchitecture:amd64;
BucketId: 89f33aecfc29e81c14591c9ed947ae2900580226bb9fcbcffa2e6448b96fe9fd
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (01/05/2026 10:05:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WEPHOSTSVC" wurde mit folgendem Fehler beendet:
Bei der Verarbeitung der Steuerungsanforderung ist ein Ausnahmefehler im Dienst aufgetreten.


Windows Defender:
================
Date: 2026-01-05 20:31:28
Description:
Microsoft Defender Antivirus šςåπ нăş взéй šţôφρēδ ьëƒθŗé ςőмрŀęтîöп.%ñ %τЅĉàʼn ĪĎ:%ъ{68561380-B2D0-42DF-A4AF-94DEA2914EC5}%ń %ţЅ¢ąη Τўρê:%вAntimalware%п %ţŠćāŋ Рαѓāmзτёŗŝ:%ъSchnellüberprüfung%ʼn  %тŰšёŕ:%ьNT-AUTORITÄT\SYSTEM%ñ %ťŞтôφ Ґεªšòŋ:%ъŔΡ€ ĉοñηĕċţīōп ґůňďöẃň

Date: 2026-01-05 20:25:30
Description:
Microsoft Defender Antivirus šςåπ нăş взéй šţôφρēδ ьëƒθŗé ςőмрŀęтîöп.%ñ %τЅĉàʼn ĪĎ:%ъ{030B6DB5-D224-40CA-836E-AEB14F3CA9BA}%ń %ţЅ¢ąη Τўρê:%вAntimalware%п %ţŠćāŋ Рαѓāmзτёŗŝ:%ъSchnellüberprüfung%ʼn  %тŰšёŕ:%ьNT-AUTORITÄT\SYSTEM%ñ %ťŞтôφ Ґεªšòŋ:%ъŔΡ€ ĉοñηĕċţīōп ґůňďöẃň

Date: 2026-01-05 20:20:28
Description:
Microsoft Defender Antivirus šςåπ нăş взéй šţôφρēδ ьëƒθŗé ςőмрŀęтîöп.%ñ %τЅĉàʼn ĪĎ:%ъ{A3812922-A834-42EE-887D-39982FE68881}%ń %ţЅ¢ąη Τўρê:%вAntimalware%п %ţŠćāŋ Рαѓāmзτёŗŝ:%ъSchnellüberprüfung%ʼn  %тŰšёŕ:%ьNT-AUTORITÄT\SYSTEM%ñ %ťŞтôφ Ґεªšòŋ:%ъŔΡ€ ĉοñηĕċţīōп ґůňďöẃň

Date: 2026-01-05 20:14:48
Description:
Microsoft Defender Antivirus šςåπ нăş взéй šţôφρēδ ьëƒθŗé ςőмрŀęтîöп.%ñ %τЅĉàʼn ĪĎ:%ъ{5B5F76F6-2AC1-4B61-B44C-0D7756847090}%ń %ţЅ¢ąη Τўρê:%вAntimalware%п %ţŠćāŋ Рαѓāmзτёŗŝ:%ъSchnellüberprüfung%ʼn  %тŰšёŕ:%ьNT-AUTORITÄT\SYSTEM%ñ %ťŞтôφ Ґεªšòŋ:%ъŔΡ€ ĉοñηĕċţīōп ґůňďöẃň

Date: 2026-01-04 10:47:07
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/DownloadSponsor&threatid=311978&enterprise=0
Name: PUADlManager:Win32/DownloadSponsor
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_B:\SIK Handy Papa 2024-10-26\EINLADUNGEN  -  ERREIGNISSE\Downloads\Vollversion_ Adobe InDesign CS2 - CHIP Installer _RbW9v.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-7PAH99J\Horst
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.443.499.0, AS: 1.443.499.0, NIS: 1.443.499.0
Modulversion: AM: 1.1.25110.1, NIS: 1.1.25110.1
Event[0]:

Date: 2026-01-05 22:04:30
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80501102
Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support".
Security Intelligence-Version: 1.443.503.0;1.443.503.0
Modulversion: 1.1.25110.1

CodeIntegrity:
===============
Date: 2026-01-05 22:16:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2026-01-05 22:15:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. F23d 02/26/2018
Hauptplatine: Gigabyte Technology Co., Ltd. Q170M-D3H-CF
Prozessor: Intel(R) Core(TM) i5-6600 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 16254.36 MB
Verfügbarer physikalischer RAM: 9865.62 MB
Summe virtueller Speicher: 18686.36 MB
Verfügbarer virtueller Speicher: 12682.09 MB

==================== Laufwerke ================================

Drive b: (System 2) (Fixed) (Total:1863.01 GB) (Free:1622.03 GB) (Model: Intenso SSD Sata III) NTFS
Drive c: (Windows 10) (Fixed) (Total:475.55 GB) (Free:13.86 GB) (Model: SAMSUNG MZ7LN512HMJP-00000) NTFS
Drive m: (INTERN 1) (Fixed) (Total:1862.89 GB) (Free:245.71 GB) (Model: TOSHIBA DT01ACA200) NTFS
Drive z: (EXTERN 0_07.2024_SIKO Foto) (Fixed) (Total:3726.01 GB) (Free:1666.71 GB) (Model: ST4000VX016-3CV104) NTFS

\\?\Volume{805e9cde-1aee-4c53-979f-187b074f8ebc}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{c9c68501-a3db-42c9-a724-a85d64a5765c}\ () (Fixed) (Total:0.84 GB) (Free:0.18 GB) NTFS
\\?\Volume{f27c94eb-b936-4157-8d17-76852eb05c9f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 34F748A4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt =======================

M-K-D-B 06.01.2026 11:32
Servus Jörg,


vielen Dank für die neuen Logs. :daumenhoc




Wir entfernen mit FRST noch einige Reste und verwaiste Einträge sowie temporäre Dateien. Außerdem kontrollieren wir die Systemdateien auf Fehler. Dies kann einige Minuten (>> 15) dauern. Du musst also viel Geduld mitbringen.

Anschließend führen wir noch eine Kontrolle mit ESET durch. Dies kann bis zu 3 Stunden dauern, je nachdem wie viele Dateien auf dem System sind.




Schritt 1 - Reparatur mit FRST
Bitte gedulde dich, sobald du die Reparatur gestartet hast. Je nach Art und Umfang der notwendigen Reparaturen kann dies einige Minuten dauern.
Eventuell erhältst du während der Reparatur auch die Information "keine Rückmeldung" von FRST. Das ist normal, du musst nichts weiter tun, nur abwarten.

HINWEIS AN ALLE MITLESER:
Dieses FRST-Skript ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!
  • Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.
  • Markiere den gesamten Inhalt der folgenden Code-Box mit der Maus und kopiere ihn (gleichzeitiges Drücken der beiden Tasten "STRG" + "C"):
    Code:
    Start::
    CreateRestorePoint:
    CloseProcesses:
    C:\Program Files (x86)\Lavasoft
    C:\ProgramData\Application Data\Lavasoft
    C:\ProgramData\Lavasoft
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    C:\Users\AllUserName\AppData\Local\Lavasoft
    C:\Users\AllUserName\AppData\Roaming\Lavasoft
    DeleteKey: HKCU\Software\Lavasoft
    DeleteKey: HKLM\Software\Wow6432Node\Lavasoft
    C:\Program Files (x86)\Common Files\IObit
    C:\ProgramData\IObit
    C:\Users\AllUserName\AppData\LocalLow\IObit
    C:\Users\AllUserName\AppData\Roaming\IObit
    DeleteKey: HKLM\Software\Wow6432Node\IOBIT
    DeleteKey: HKLM\SOFTWARE\WOW6432NODE\INNOVATIVE SOLUTIONS
    DeleteKey: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\SOFTWARE\INNOVATIVE SOLUTIONS
    C:\PROGRAM FILES (X86)\INNOVATIVE SOLUTIONS
    C:\USERS\AllUserName\APPDATA\LOCAL\INNOVATIVE SOLUTIONS
    C:\USERS\AllUserName\APPDATA\ROAMING\INNOVATIVE SOLUTIONS
    AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
    AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
    CMD: reg query "HKU\S-1-5-21-947909773-2885354443-2675781160-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AM VLC Plus Player Updater" /S
    DeleteKey: HKU\S-1-5-21-947909773-2885354443-2675781160-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AM VLC Plus Player Updater
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\ChromeHTML: ->  <==== ACHTUNG
    CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => Keine Datei
    CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => Keine Datei
    CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{7B8A4895-8074-9EBA-2B64-0C2FC00AEDCE}\InprocServer32 -> kein Dateipfad
    CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{AB9B6851-C94E-43B7-A304-F40DEA3FA09F}\localserver32 -> "c:\program files\musehub\current\musehub.exe" ----AppNotificationActivated: => Keine Datei
    CustomCLSID: HKU\S-1-5-21-947909773-2885354443-2675781160-1001_Classes\CLSID\{ACEA8D04-E06D-805A-1F4B-6A46CE1EB7EE}\InprocServer32 -> kein Dateipfad
    ContextMenuHandlers1: [MVDShlext] -> {027B567F-6B25-42C1-9C0B-5CE8E04024BD} =>  -> Keine Datei
    ContextMenuHandlers4: [MGFolderIconBasicShellEx] -> {6b3c2037-775b-3a6e-9773-0bfcc92d8947} => G:\Program Files\MSTechFolderIconBasicShellEx.DLL -> Keine Datei
    ContextMenuHandlers4: [MVDShlext] -> {027B567F-6B25-42C1-9C0B-5CE8E04024BD} =>  -> Keine Datei
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
    AlternateDataStreams: C:\LOOXIS:{4A003100-7400-7300-4200-740077005100} [704]
    AlternateDataStreams: C:\LOOXIS:{61004700-7900-7600-6E00-630043005400} [236]
    AlternateDataStreams: C:\LOOXIS:{6E005900-4D00-2B00-4F00-4D0078006900} [704]
    AlternateDataStreams: C:\ProgramData:NetOptimizer [294]
    AlternateDataStreams: C:\Windows:CM_4536bcf519c7a8c697b63cf41dd9239b7eb9593ecc22faca240a5b6a64c20234 [74]
    AlternateDataStreams: C:\Windows:CM_a751d84a57a0954e38fd5e625c6d6d4047d58bde2aeb7d4a85f5a8d2724b91d4 [74]
    AlternateDataStreams: C:\Users\All Users:NetOptimizer [294]
    AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NetOptimizer [294]
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
    AlternateDataStreams: C:\ProgramData\TEMP:3241321C [131]
    AlternateDataStreams: C:\ProgramData\TEMP:810B9F0D [130]
    AlternateDataStreams: C:\ProgramData\TEMP:B56E7461 [302]
    AlternateDataStreams: C:\ProgramData\TEMP:DFB59A96 [122]
    AlternateDataStreams: C:\Users\AllUserName\Documents\Apache_OpenOffice_V4.1.15.exe:BDU [0]
    AlternateDataStreams: C:\Users\AllUserName\Documents\ashampoo_backup_2023_38725.exe:BDU [0]
    AlternateDataStreams: C:\Users\AllUserName\Documents\ChromeSetup.exe:BDU [0]
    AlternateDataStreams: C:\Users\AllUserName\Documents\OperaSetup (1).exe:BDU [0]
    AlternateDataStreams: C:\Users\AllUserName\Documents\Opera_111.0.5168.43_Setup_x64.exe:BDU [0]
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {31BD138B-6AC5-484C-96F4-3E49E2D78DFC} URL = hxxps://go.gmx.net/br/ie_search_shopping/splugin/?q={searchTerms}&enc=UTF-8
    SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {5083A602-2A2F-48B6-9E01-A949E74DF6BB} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
    SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {7B0DE5C9-898F-45E0-8C19-FECF88DC9136} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
    SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {8DE2F24E-0A2C-40B6-90C7-E11B772EF774} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
    SearchScopes: HKU\S-1-5-21-947909773-2885354443-2675781160-1001 -> {D8D808CB-8DD2-4649-906F-5F44064DAE80} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
    Toolbar: HKLM - Kein Name - {C424171E-592A-415a-9EB1-DFD6D95D3530} -  Keine Datei
    Toolbar: HKLM-x32 - Kein Name - {C424171E-592A-415a-9EB1-DFD6D95D3530} -  Keine Datei
    HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
    HKLM\...\StartupApproved\StartupFolder: => "StartRLCMS.lnk"
    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
    HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
    HKLM\...\StartupApproved\Run: => "Ashampoo Backup PB"
    HKLM\...\StartupApproved\Run: => "PrintDisp"
    HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
    HKLM\...\StartupApproved\Run: => "MacrokeyManager"
    HKLM\...\StartupApproved\Run: => "PDF24"
    HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
    HKLM\...\StartupApproved\Run: => "LogiBolt"
    HKLM\...\StartupApproved\Run: => "RTHDVCPL"
    HKLM\...\StartupApproved\Run: => "LogiOptions"
    HKLM\...\StartupApproved\Run: => "EPPCCMON"
    HKLM\...\StartupApproved\Run: => "Bdagent"
    HKLM\...\StartupApproved\Run: => "Ashampoo Backup"
    HKLM\...\StartupApproved\Run: => "BraveVpnWireguardService"
    HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
    HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
    HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
    HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
    HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
    HKLM\...\StartupApproved\Run32: => "MailCheck IE Broker"
    HKLM\...\StartupApproved\Run32: => "Lightkey Control Center"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\StartupFolder: => "Reallusion Hub.lnk"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\StartupFolder: => "mhelper.lnk"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\StartupFolder: => "SearchEngineOptimizer.lnk"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "QMxNetworkSync"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Amazon Music"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Amazon Music Helper"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Spotify"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "CloudApp"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "EPSDNMON"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "LogiBolt"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6E2C73815817D7E02B41C013F4C55849"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Opera Stable"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneLaunchUpdater"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneLaunch"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "OneLaunchChromium"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "com.doctolib.pro.desktop"
    HKU\S-1-5-21-947909773-2885354443-2675781160-1001\...\StartupApproved\Run: => "Opera Air Stable"
    C:\Program Files (x86)\Spybot - Search & Destroy 2
    StartPowershell:
    Set-MpPreference -DisableAutoExclusions $true -Force
    Set-MpPreference -Mapsreporting basic -Force
    Set-MpPreference -DisableRealtimeMonitoring $false -Force
    Set-MpPreference -DisablePrivacyMode $true -Force
    Set-MpPreference -DisableIOAVProtection $false -Force
    Set-MpPreference -UILockdown 0
    Set-MpPreference -ScanPurgeItemsAfterDelay 1
    Set-MpPreference -CheckForSignaturesBeforeRunningScan $true -Force
    Set-MpPreference -PUAProtection enabled -Force
    Update-MpSignature
    Get-MpComputerStatus
    Get-MpPreference
    EndPowerShell:
    CMD: netsh winsock reset
    CMD: netsh advfirewall reset
    CMD: netsh advfirewall set allprofiles state ON
    CMD: netsh winhttp reset proxy
    CMD: Bitsadmin /Reset /Allusers
    CMD: Winmgmt /salvagerepository
    CMD: Winmgmt /verifyrepository
    CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
    CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
    CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
    CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
    CMD: reg query "HKCU\Software"
    CMD: reg query "HKLM\Software" /reg:32
    CMD: reg query "HKLM\Software" /reg:64
    CMD: sfc /scannow
    Hosts:
    RemoveProxy:
    EmptyEventLogs:
    DeleteQuarantine:
    EmptyTemp:
    End::
  • Starte nun FRST und klicke direkt auf den Button Reparieren.
    Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt die Datei fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Zum Abschluss wird das System neu gestartet.
  • Poste mir den Inhalt der Datei fixlog.txt mit deiner nächsten Antwort.



Schritt 2
Führe ESET Online Scanner (EOS) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:32 Uhr.

Copyright ©2000-2026, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132