Hi, ich werde diesen Plagegeist nicht los! Das besagte Program FileZilla wurde bereits vom Rechner entfernt! Windows Defender sagt im Schutzverlauf aber folgende Meldung:

Erkannt: PUABundler:Win32/FileZilla_BundleInstaller
Status: Aktiv

Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Zitat:

Wir bitten euch, folgendes durchzulesen und abzuarbeiten:
Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Nur mit diesen Informationen können wir euch helfen.

Es werden grundsätzlich nur Betriebssysteme bereinigt, die noch eine offizielle Unterstützung von Microsoft erhalten.
Dies gilt für Windows 10 (Version 22H2) und Windows 11 (Version 22H2 oder neuer).


Vielen Dank für eure Mitarbeit!

Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11.06.2024
durchgeführt von Anwender (Administrator) auf BEAST (Micro-Star International Co., Ltd. MS-7D91) (18-06-2024 20:37:12)
Gestartet von C:\Users\Anwender\OneDrive\Desktop\FRST64.exe
Geladene Profile: Anwender
Plattform: Microsoft Windows 11 Pro for Workstations Version 23H2 22631.3737 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.37.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.CpuIdRemote64.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.108.0528.0005\Microsoft.SharePoint.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (AlphaTheta Corporation -> AlphaTheta Corporation) C:\Program Files (x86)\Pioneer\FwUpdateManager\FwUpdateManager.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_91a2cdd03914725b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1803724721d1a34c\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2423.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21962.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21962.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21962.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1803724721d1a34c\RtkAudUService64.exe [1945544 2024-02-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2024-03-19] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-05-03] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131440 2024-05-10] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\Run: [com.squirrel.splice.Splice] => C:\Users\Anwender\AppData\Local\splice\app-4.3.48217\Splice.exe [136903168 2023-07-20] (Splice) [Datei ist nicht signiert]
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2869864 2024-06-16] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\Run: [MicrosoftEdgeAutoLaunch_240DD949536E06B67870153833EE073C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883560 2024-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11432352 2024-06-15] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Anwender\AppData\Local\Microsoft\Teams\Update.exe [2593856 2024-05-31] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2023-07-03] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON WF-C5790BA 64MonitorBE: C:\WINDOWS\system32\E_YLMBSTE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2024-03-27]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ableton Push Control Panel Autostart.lnk [2023-07-20]
ShortcutTarget: Ableton Push Control Panel Autostart.lnk -> C:\Program Files\Ableton\Push Driver\x64\AbletonPushCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AudioFuseControlCenterAgent.lnk [2023-07-20]
ShortcutTarget: AudioFuseControlCenterAgent.lnk -> C:\Program Files (x86)\Arturia\AudioFuse Control Center\AudioFuseControlCenterAgent.exe (Arturia) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2023-07-20]
ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2FF89CCA-FF00-49D0-9EB1-BF95DA326944} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {F91F2B91-CD67-42CB-866C-E1486C96B209} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5F4B4142-63EF-4343-8723-74052CFCCAB4} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FE4DE5BD-02BD-4B29-A8C6-AF49A801B7D4} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Anwender\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-06-13] (ESET, spol. s r.o. -> ESET)
Task: {AE2DA8FC-0701-4944-8653-5AF2F15CBE71} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Anwender\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-06-13] (ESET, spol. s r.o. -> ESET)
Task: {05397AC7-C085-479E-9932-FFFE4ADAA596} - System32\Tasks\EPSON WF-C5790BA Update {0A4EDF52-A0D4-4A4B-8836-E1312859ED33} => C:\Windows\System32\spool\drivers\x64\3\E_YTSSTE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {A8B5B6B7-C302-4457-8CA5-8FE917FC5C46} - System32\Tasks\EPSON WF-C5790BA Update {AF673EDA-4D66-4A0E-8E3B-5FAC19A2DD55} => C:\Windows\System32\spool\drivers\x64\3\E_YTSSTE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {FFDCAEEF-6C0D-47F3-82F4-10644745A098} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499424 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {0913D2E9-4B43-4D2F-A682-02F003D873A7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499424 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F567F06-EAB6-45EC-B5BF-EA1107B4A0B0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3AA61D7D-6698-432C-BD50-F03C48608BD3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9113C9F-DB76-48BD-A596-D51ED54D800D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169648 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0DCE5CC-04E1-4828-9253-A799453936D2} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\WINDOWS\system32\rundll32.exe [73728 2024-04-24] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
Task: {59359A65-D5BD-445B-8C82-E7ABDAA44C36} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC RebootDialog (Keine Datei)
Task: {801960F9-CCB8-4614-BA4F-C77803A90E08} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery RebootDialog (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {535015B6-3D2F-40A7-B29E-AB8E3A76D092} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C70BE8F5-8E4C-4493-96EF-B9C6DE8BECB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FDE4DA3-0B8A-4E27-850E-F8A03232DA50} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {940E1BFC-26ED-478C-A6D1-C49338C2B236} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EBAA5722-7124-4A3B-8F37-696EC45E4DC9} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675744 2024-06-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {74C8774A-B7C5-41B8-8C50-6B3EBE020A99} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-80507450-1725328437-1556703838-1000 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675744 2024-06-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {C97844F8-DA9B-4C7D-9340-38F8A1CC7A59} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-06-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {9334792E-9E2B-4846-8DA2-4394143BDB47} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2660456 2023-10-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {ACD0DB78-81AC-4E95-B7A5-12B010E88E43} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1E49EB0-C5C7-42FA-81A0-8EC1898C7BE6} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-80507450-1725328437-1556703838-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\EPSON WF-C5790BA Update {0A4EDF52-A0D4-4A4B-8836-E1312859ED33}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE:/EXE:{0A4EDF52-A0D4-4A4B-8836-E1312859ED33} /F:UpdateWORKGROUP\BEAST$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-C5790BA Update {AF673EDA-4D66-4A0E-8E3B-5FAC19A2DD55}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE:/EXE:{AF673EDA-4D66-4A0E-8E3B-5FAC19A2DD55} /F:UpdateWORKGROUP\BEAST$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{44682408-ea0e-42ed-a7f6-ac16ed30ce3e}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{9e786f46-6ddd-40a6-94fb-7cd8a3d65e9c}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9e786f46-6ddd-40a6-94fb-7cd8a3d65e9c}: [DhcpDomain] domain_not_set.invalid
Tcpip\..\Interfaces\{fb706426-4674-4134-9568-09d576546390}: [DhcpNameServer] 172.20.10.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-17]
Edge Notifications: Default -> hxxps://teams.live.com
Edge Extension: (Google Docs Offline) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-02]
Edge Extension: (Edge relevant text changes) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: btkj4sj3.default
FF ProfilePath: C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\btkj4sj3.default [2023-07-13]
FF ProfilePath: C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\xmc49h5g.default-release-1718303016083 [2024-06-18]
FF Extension: (AdBlocker Ultimate) - C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\xmc49h5g.default-release-1718303016083\Extensions\adblockultimate@adblockultimate.net.xpi [2024-06-13]
FF Extension: (Better Battlelog Fix(BBLog)) - C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\xmc49h5g.default-release-1718303016083\Extensions\better-battlelog-live@bfautism.ga.xpi [2024-06-13]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-06-15] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-05-10] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-05-10] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default [2023-08-31]
CHR Extension: (Google Docs Offline) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-31]
CHR HKU\S-1-5-21-80507450-1725328437-1556703838-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-05-10] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012384 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairCpuIdService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe [240680 2024-03-19] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [152104 2024-03-19] (Corsair Memory, Inc. -> )
R2 CorsairService; C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe [84008 2024-03-19] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [47742712 2023-08-29] (Electronic Arts, Inc. -> Electronic Arts)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [16506984 2024-06-16] (Electronic Arts, Inc. -> Electronic Arts)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2022-02-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncHelper.exe [3514384 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
R2 FwUpdateManager; C:\Program Files (x86)\Pioneer\FwUpdateManager\FwUpdateManager.exe [1172368 2022-09-06] (AlphaTheta Corporation -> AlphaTheta Corporation)
S3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [385576 2024-03-19] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [92768 2023-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe [140528 2022-05-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe [37104 2022-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [24607464 2022-08-05] (Native Instruments GmbH -> Native Instruments GmbH)
R2 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [16847584 2023-05-17] (Native Instruments GmbH -> Native Instruments GmbH)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.108.0528.0005\OneDriveUpdaterService.exe [3853744 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2024-06-16] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [226168 2024-06-18] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_91a2cdd03914725b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_91a2cdd03914725b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AFXfilt; C:\WINDOWS\system32\drivers\AFXfilt.sys [33792 2017-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25536 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
R3 bomebus; C:\WINDOWS\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43016 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ACHTUNG
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44576 2024-06-18] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ACHTUNG
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [53616 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 e2fnexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2fn.inf_amd64_d9445744f52b5b9b\e2fn.sys [1410688 2023-02-21] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3d\iaLPSS2_GPIO2_ADL.sys [140960 2022-06-22] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88760 2022-06-21] (Intel Corporation -> Intel Corporation)
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26168 2021-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 MpKsl2c63634f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B4CFE97-77B1-489D-A3E9-3EC05DE33E1A}\MpKslDrv.sys [271648 2024-06-18] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nika6m2dfu; C:\WINDOWS\System32\drivers\nika6m2dfu.sys [39672 2019-03-25] (Native Instruments GmbH -> Native Instruments GmbH)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_FWUpdate; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\ResetMCU\JT1Toucher\NTIOLib_X64.sys [28496 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 RtkUsbAD_2353; C:\WINDOWS\System32\DriverStore\FileRepository\rtdusbad_msi.inf_amd64_df0242d5fa2ca1e1\RtUsbA64.sys [497560 2023-03-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; C:\WINDOWS\System32\DRIVERS\WinSetupMon.sys [107880 2023-07-19] (Microsoft Windows -> Microsoft Corporation)
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
S3 SIUSBXP; \??\C:\Windows\system32\drivers\SiUSBXp.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-06-18 20:37 - 2024-06-18 20:37 - 000037936 _____ C:\Users\Anwender\OneDrive\Desktop\FRST.txt
2024-06-18 20:36 - 2024-06-18 20:37 - 000000000 ____D C:\FRST
2024-06-18 20:35 - 2024-06-18 20:36 - 002395136 _____ (Farbar) C:\Users\Anwender\Downloads\FRST64.exe
2024-06-18 20:35 - 2024-06-18 20:35 - 002395136 _____ (Farbar) C:\Users\Anwender\OneDrive\Desktop\FRST64.exe
2024-06-18 20:20 - 2024-06-18 20:20 - 000720948 _____ C:\WINDOWS\system32\perfh007.dat
2024-06-18 20:20 - 2024-06-18 20:20 - 000149040 _____ C:\WINDOWS\system32\perfc007.dat
2024-06-18 10:15 - 2024-06-18 10:15 - 003469210 _____ C:\Users\Anwender\Downloads\2024_06_17_CUPRA_Sales_Aftersales_Prozess_V10_AM.pptx
2024-06-18 10:15 - 2024-06-18 10:15 - 002306672 _____ C:\Users\Anwender\Downloads\CUPRA_Willkommensstrecke_April2024.pdf
2024-06-16 18:43 - 2023-07-13 15:24 - 003894632 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2024-06-16 18:41 - 2024-06-16 18:41 - 000711649 _____ C:\Users\Anwender\Downloads\pbsetup(2).zip
2024-06-16 18:12 - 2024-06-16 18:12 - 000711649 _____ C:\Users\Anwender\Downloads\pbsetup(1).zip
2024-06-16 17:55 - 2024-06-16 17:55 - 000711649 _____ C:\Users\Anwender\Downloads\pbsetup.zip
2024-06-15 12:27 - 2024-06-18 20:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-06-13 23:22 - 2024-06-13 23:22 - 000003850 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2024-06-13 23:22 - 2024-06-13 23:22 - 000003408 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2024-06-13 22:18 - 2024-06-13 22:18 - 000001416 _____ C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-06-13 22:18 - 2024-06-13 22:18 - 000000000 ____D C:\Users\Anwender\AppData\Local\ESET
2024-06-13 22:17 - 2024-06-13 22:18 - 008389496 _____ (ESET) C:\Users\Anwender\Downloads\esetonlinescanner.exe
2024-06-13 22:15 - 2024-06-13 22:15 - 000000000 ____D C:\AdwCleaner
2024-06-13 22:12 - 2024-06-13 22:14 - 000000000 ____D C:\ProgramData\HitmanPro
2024-06-13 20:36 - 2024-06-13 22:15 - 008790880 _____ (Malwarebytes) C:\Users\Anwender\Downloads\adwcleaner.exe
2024-06-13 20:36 - 2024-06-13 22:12 - 014287912 _____ (Sophos B.V.) C:\Users\Anwender\Downloads\hitmanpro_x64.exe
2024-06-13 20:29 - 2024-06-13 20:29 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Anwender\Downloads\iExplore.exe
2024-06-13 19:31 - 2024-06-13 19:31 - 002591712 _____ (Malwarebytes) C:\Users\Anwender\Downloads\MBSetup.exe
2024-06-12 18:46 - 2024-06-12 18:46 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2024-06-12 13:46 - 2024-06-12 13:47 - 000000000 ___HD C:\$WinREAgent
2024-06-04 18:09 - 2024-06-04 18:09 - 003326501 _____ C:\Users\Anwender\Downloads\Expose-AhornCanadaADDachklimanlage-20240604-16734631.pdf
2024-06-04 18:07 - 2024-06-04 18:07 - 005793803 _____ C:\Users\Anwender\Downloads\Expose-SunlightA70AdventureLine-20240604-17231003.pdf
2024-06-04 18:04 - 2024-06-04 18:04 - 003522807 _____ C:\Users\Anwender\Downloads\Expose-KnausVANWAVE640MEGVansationMANACC-Klima-Rahmenfenst.-20240604-18651624.pdf
2024-06-04 17:58 - 2024-06-04 17:58 - 003189512 _____ C:\Users\Anwender\Downloads\Expose-WeinsbergCaraCore700MEGLED-Automatik-20240604-18423357.pdf
2024-06-03 13:33 - 2024-06-03 13:33 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-05-31 20:44 - 2024-05-31 20:44 - 012745433 _____ C:\Users\Anwender\Downloads\elegante-zertifikatsvorlage-mit-vintage-blumenornamenten.zip
2024-05-31 14:16 - 2024-05-31 14:16 - 000002464 _____ C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic (work or school).lnk
2024-05-31 13:36 - 2024-05-31 13:36 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2024.lnk
2024-05-31 13:35 - 2024-05-31 13:35 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\Access
2024-05-31 12:34 - 2024-05-31 12:34 - 077955268 _____ C:\Users\Anwender\Downloads\31.5.2024, 12_34_22 - Screen - Untitled video.webm
2024-05-30 10:16 - 2024-05-30 10:16 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-30 10:15 - 2024-05-30 10:15 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-05-28 16:21 - 2024-05-28 16:21 - 047358589 _____ C:\Users\Anwender\Downloads\Untitled video.mp4
2024-05-28 16:14 - 2024-05-28 16:14 - 044501566 _____ C:\Users\Anwender\Downloads\28.5.2024, 16_14_14 - Screen - Untitled video.webm
2024-05-23 21:45 - 2024-05-23 21:45 - 000482279 _____ C:\Users\Anwender\Downloads\all-in-one-wp-migration-unlimited-extension.zip
2024-05-23 21:40 - 2024-05-23 21:40 - 900658729 _____ C:\Users\Anwender\Downloads\badass-motors-de-20240523-193952-l8muse.wpress
2024-05-23 21:32 - 2024-05-23 21:32 - 003055923 _____ C:\Users\Anwender\Downloads\avmc.WordPress.2024-05-23.xml
2024-05-23 20:49 - 2024-05-23 20:52 - 693351200 _____ C:\Users\Anwender\Downloads\20240523_avmc_abe6c7430a4c2e5a2442_20240523184646_archive.zip
2024-05-23 20:49 - 2024-05-23 20:49 - 000075233 _____ C:\Users\Anwender\Downloads\installer.php
2024-05-23 20:35 - 2012-01-08 19:01 - 000000028 _____ C:\Users\Anwender\Downloads\index.php
2024-05-23 20:31 - 2024-05-23 19:48 - 000000076 _____ C:\Users\Anwender\Downloads\robots.txt
2024-05-23 20:15 - 2019-06-11 00:00 - 000003151 _____ C:\Users\Anwender\Downloads\htaccess.txt
2024-05-23 20:14 - 2024-05-23 20:17 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Cyberduck
2024-05-23 20:13 - 2024-05-23 20:13 - 000000000 ____D C:\Program Files\Bonjour
2024-05-23 20:13 - 2024-05-23 20:13 - 000000000 ____D C:\Program Files (x86)\Bonjour
2024-05-23 20:05 - 2024-05-23 20:05 - 000339702 _____ C:\Users\Anwender\Downloads\all-in-one-wp-migration-6.7.zip
2024-05-21 15:03 - 2024-05-21 15:03 - 003310456 _____ (Adobe Inc.) C:\Users\Anwender\Downloads\Premiere_Pro_Set-Up.exe
2024-05-21 14:52 - 2024-05-21 14:52 - 000280458 _____ C:\Users\Anwender\Downloads\courier_label27683165676.pdf

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-06-18 20:20 - 2023-08-29 19:42 - 001662892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-18 20:20 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-06-18 20:18 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-18 20:13 - 2023-11-09 19:36 - 000226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2024-06-18 20:12 - 2023-07-13 15:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-06-18 20:11 - 2023-08-29 19:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-18 20:08 - 2023-07-13 16:56 - 000000000 ____D C:\MSI
2024-06-18 20:07 - 2023-08-29 19:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-18 20:07 - 2023-08-29 19:38 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-06-18 20:07 - 2023-07-20 11:44 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-06-18 20:07 - 2023-07-13 15:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-06-18 20:07 - 2023-07-11 17:49 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-18 20:07 - 2023-07-11 17:49 - 000000000 ____D C:\ProgramData\NVIDIA
2024-06-18 20:07 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2024-06-18 20:07 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-06-18 20:07 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-18 20:07 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-06-18 20:05 - 2023-07-13 13:31 - 000226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2024-06-18 18:46 - 2023-11-24 10:48 - 000000000 ___RD C:\Users\Anwender\OneDrive\Desktop\Diverse
2024-06-18 12:42 - 2023-07-11 11:55 - 000000000 ____D C:\Users\Anwender\AppData\Local\D3DSCache
2024-06-18 12:23 - 2023-07-11 11:52 - 000000000 ____D C:\Users\Anwender\AppData\Local\Packages
2024-06-18 11:43 - 2023-12-19 15:38 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\PowerPoint
2024-06-18 10:47 - 2023-08-08 17:57 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\UProof
2024-06-18 10:20 - 2023-07-13 17:51 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\Excel
2024-06-18 09:31 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-18 09:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-17 19:25 - 2023-08-29 19:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-80507450-1725328437-1556703838-1000
2024-06-17 19:25 - 2023-08-29 19:41 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-06-17 19:25 - 2023-07-13 17:50 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-17 19:00 - 2023-07-13 17:20 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\TS3Client
2024-06-17 12:55 - 2023-11-01 14:14 - 000000000 ____D C:\Users\Anwender\OneDrive\Dokumente\Silke
2024-06-17 12:53 - 2023-08-05 12:21 - 000000000 ____D C:\Users\Anwender\AppData\Local\CrashDumps
2024-06-17 08:47 - 2023-08-31 21:31 - 000000000 ____D C:\Users\Anwender\AppData\Local\ElevatedDiagnostics
2024-06-16 18:56 - 2023-07-13 20:39 - 000076152 _____ C:\WINDOWS\system32\PnkBstrA.exe
2024-06-16 18:49 - 2023-07-13 13:31 - 000076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2024-06-16 18:30 - 2023-07-20 14:10 - 000000000 ___RD C:\Users\Anwender\OneDrive\Desktop\PC-Tools
2024-06-16 17:47 - 2023-09-13 20:50 - 000000000 ____D C:\ProgramData\EA Desktop
2024-06-16 13:03 - 2023-08-29 19:41 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-06-16 13:03 - 2023-07-20 14:39 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-06-16 13:03 - 2023-07-20 14:39 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-06-16 13:01 - 2023-07-13 17:49 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-16 12:57 - 2023-08-29 19:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-06-16 12:57 - 2023-07-13 15:17 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-06-15 12:26 - 2023-07-11 17:49 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-13 23:36 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-06-13 20:18 - 2023-07-11 11:54 - 000000000 ____D C:\ProgramData\Package Cache
2024-06-12 19:42 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-06-12 19:27 - 2023-08-29 19:38 - 000474256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-06-12 19:26 - 2023-09-28 21:51 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-06-12 19:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-06-12 19:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-06-12 19:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-06-12 18:46 - 2023-07-13 17:50 - 000000000 ___RD C:\Users\Default\OneDrive
2024-06-12 13:52 - 2023-07-13 16:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-06-12 13:50 - 2023-07-13 16:05 - 199048176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-06-12 13:49 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-12 13:48 - 2023-08-29 19:39 - 003216384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-06-12 12:37 - 2023-08-29 19:41 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-12 12:37 - 2023-08-29 19:41 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-05 10:59 - 2023-07-11 17:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-04 17:08 - 2023-07-11 11:52 - 000000000 ____D C:\ProgramData\Packages
2024-06-04 10:46 - 2023-08-10 21:59 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\Teams
2024-06-03 21:43 - 2023-08-29 19:13 - 000000000 ____D C:\Users\Anwender
2024-06-02 12:25 - 2023-07-13 17:52 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\Word
2024-05-31 21:39 - 2023-08-15 19:38 - 000000000 ____D C:\Users\Anwender\OneDrive\Dokumente\AVMC
2024-05-31 14:50 - 2023-08-29 13:26 - 000000000 ___HD C:\Users\Anwender\Downloads\Arturia
2024-05-31 14:16 - 2023-07-20 14:17 - 000000000 ____D C:\Users\Anwender\AppData\Local\SquirrelTemp
2024-05-31 13:36 - 2023-07-20 14:33 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-05-31 13:36 - 2023-07-20 14:33 - 000000000 ____D C:\Program Files\Adobe
2024-05-31 12:19 - 2023-10-06 15:14 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\Signatures
2024-05-30 11:09 - 2022-05-07 12:39 - 000000000 ____D C:\WINDOWS\InboxApps
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-30 11:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-05-30 11:09 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-05-30 10:17 - 2022-05-07 12:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-05-30 10:17 - 2022-05-07 12:39 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-05-29 11:56 - 2023-08-14 13:56 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Apple Computer
2024-05-28 17:20 - 2023-07-13 17:51 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\Office
2024-05-28 12:20 - 2023-08-08 14:54 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\obs-studio
2024-05-23 20:31 - 2023-07-11 11:52 - 000000000 ___SD C:\Users\Anwender\AppData\Roaming\Microsoft\Credentials
2024-05-21 15:08 - 2023-07-20 14:33 - 000000000 ____D C:\ProgramData\Adobe
2024-05-21 15:08 - 2023-07-11 11:52 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Adobe
2024-05-21 15:06 - 2023-07-20 14:32 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\com.adobe.dunamis
2024-05-21 15:05 - 2023-07-20 14:44 - 000000000 ____D C:\Users\Anwender\OneDrive\Dokumente\Adobe
2024-05-20 22:22 - 2023-07-13 14:27 - 000000000 ____D C:\Program Files (x86)\Steam

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2023-08-08 15:21 - 2023-08-08 15:21 - 000000015 _____ () C:\Users\Anwender\AppData\Roaming\obs-virtualcam.txt
2023-07-20 14:44 - 2023-07-20 14:44 - 000000000 _____ () C:\Users\Anwender\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         

Code: Alles auswählenAufklappen

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11.06.2024
durchgeführt von Anwender (18-06-2024 20:38:02)
Gestartet von C:\Users\Anwender\OneDrive\Desktop
Microsoft Windows 11 Pro for Workstations Version 23H2 22631.3737 (X64) (2023-08-29 17:41:27)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-80507450-1725328437-1556703838-500 - Administrator - Disabled)
Anwender (S-1-5-21-80507450-1725328437-1556703838-1000 - Administrator - Enabled) => C:\Users\Anwender
DefaultAccount (S-1-5-21-80507450-1725328437-1556703838-503 - Limited - Disabled)
Gast (S-1-5-21-80507450-1725328437-1556703838-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-80507450-1725328437-1556703838-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ableton Live 10 Suite (HKLM\...\{BF5B0440-80C4-4F3B-B0FD-AB43B2CC106D}) (Version: 10.0.0.0 - Ableton)
Ableton Live 11 Suite (HKLM\...\{DAB0D0C8-443E-453C-A662-6EC2E4CBA2F9}) (Version: 11.0.0.0 - Ableton) Hidden
Ableton Live 11 Suite (HKLM-x32\...\{a4e59676-7d29-40d7-94f9-6d8ed82ff7d5}) (Version: 11.0.0.0 - Ableton)
Ableton Push Driver v5.50.0 (HKLM\...\{8CE98F88-3F07-4338-A036-B66414F3FD66}) (Version: 5.50.0 - Ableton) Hidden
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.002.20857 - Adobe)
Adobe After Effects 2024 (HKLM-x32\...\AEFT_24_4) (Version: 24.4 - Adobe Inc.)
Adobe Audition 2023 (HKLM-x32\...\AUDT_23_5) (Version: 23.5 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.2.0.554 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.)
Adobe Illustrator 2024 (HKLM-x32\...\ILST_28_5) (Version: 28.5 - Adobe Inc.)
Adobe Media Encoder 2024 (HKLM-x32\...\AME_24_3) (Version: 24.3 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_6) (Version: 24.6.0.573 - Adobe Inc.)
Adobe Premiere Pro 2024 (HKLM-x32\...\PPRO_24_4_1) (Version: 24.4.1 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Analog Lab 4 4.2.3 (HKLM-x32\...\Analog Lab 4_is1) (Version: 4.2.3 - Arturia)
Analog Lab V 5.7.3 (HKLM-x32\...\Analog Lab V_is1) (Version: 5.7.3 - Arturia)
ARP 2600 V3 3.12.0 (HKLM-x32\...\ARP 2600 V3_is1) (Version: 3.12.0 - Arturia)
Arturia Software Center 2.6.0 (HKLM-x32\...\Arturia Software Center_is1) (Version: 2.6.0 - Arturia)
Arturia USB Audio Driver v4.67.0 (HKLM-x32\...\Software_Arturia_arturiausbaudio_Setup) (Version: 4.67.0 - Arturia)
AudioFuse Control Center 2.1.3 (HKLM-x32\...\AudioFuse Control Center_is1) (Version: 2.1.3 - Arturia)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlefield™ 2042 (HKLM-x32\...\{45e281f3-1414-47ea-bb64-4f50d50121f3}) (Version: 1.0.77.20104 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.64.43202 - Electronic Arts)
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version:  - Bome Software GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Corsair iCUE5 Software (HKLM\...\{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.12.97 - Corsair)
CPUID CPU-Z MSI 2.03 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 2.03 - CPUID, Inc.)
Documentation Manager (HKLM\...\{5D4B95B9-6199-4643-B41B-DEBD7048A263}) (Version: 22.160.0.3 - Intel Corporation) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{B8F67CAD-D16A-4AC8-B4F1-3AE8A9FF22F5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.227.0.5740 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{5578734d-6eb4-46dc-b571-cb69264f283d}) (Version: 13.227.0.5740 - Electronic Arts)
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON WF-C5790BA Printer Uninstall (HKLM\...\EPSON WF-C5790BA) (Version:  - Seiko Epson Corporation)
FirmwareUpdateManager (HKLM-x32\...\FwUpdateManager) (Version: 1.0.1.0 - AlphaTheta Corporation.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{22987D97-5A46-4BD9-B1A5-2FFE44201081}) (Version: 10.1.19199.8340 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{e6ecf35a-b1bb-4e59-9d90-4c98fde2ffa8}) (Version: 10.1.19199.8340 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1B2B12B8-AE77-4104-97FE-904274D21B6C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2230.3.19.0 - Intel Corporation)
Intel(R) Management Engine Driver (HKLM\...\{5F953BF8-C54E-4335-B7C9-873508D2CE1A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{2D7D4B84-FDD2-42BC-9B5B-ADAB4E31AC5E}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000160-0220-1031-84C8-B8D95FA3C8C3}) (Version: 22.160.0.3 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{8fca270b-04dc-46cd-a7dc-bca0425f10c6}) (Version: 22.160.0.3 - Intel Corporation) Hidden
LatencyMon 7.31 (HKLM\...\LatencyMon_is1) (Version: 7.31 - Resplendence Software Projects Sp.)
LFOTool by Xfer Records (HKLM-x32\...\LFOTool) (Version:  - )
Mashup (HKLM\...\{DAE78F99-A8BC-4D9F-808A-D78C329B58C0}) (Version: 2.0.415.0 - Mixed In Key LLC) Hidden
Mashup 2.0 (HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\{f97f0f89-819b-406a-86f9-d14b3f1960c4}) (Version: 2.0.415.0 - Mixed In Key LLC)
Maxon Cinema 4D 2024 (HKLM\...\Maxon Cinema 4D 2024) (Version: 2024 - Maxon)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17628.20144 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.56 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.108.0528.0005 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\Teams) (Version: 1.7.00.13456 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (HKLM\...\{764384C5-BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (HKLM\...\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Mini V3 3.12.0 (HKLM-x32\...\Mini V3_is1) (Version: 3.12.0 - Arturia)
Mixed in Key (HKLM\...\{F305A45A-84DB-4610-8560-C858C422F0D1}) (Version: 1.1.1.1 - Mixed In Key LLC) Hidden
Mixed In Key 10 (HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\{17fbc308-d4e2-44e9-8853-ac798e8fb54b}) (Version: 10.0.2374.0 - Mixed In Key LLC)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 127.0 (x64 de)) (Version: 127.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.0.2 - Mozilla)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
Native Access 3.4.0 (HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.4.0 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.7.6.0 - Native Instruments)
Native Instruments Komplete Kontrol Driver (HKLM-x32\...\Native Instruments Komplete Kontrol Driver) (Version:  - Native Instruments)
Native Instruments Komplete Kontrol MK2 Driver (HKLM-x32\...\Native Instruments Komplete Kontrol MK2 Driver) (Version:  - Native Instruments)
Native Instruments Maschine 2 (HKLM-x32\...\Native Instruments Maschine 2) (Version: 2.17.4.0 - Native Instruments)
Native Instruments Maschine 2 Factory Library (HKLM-x32\...\Native Instruments Maschine 2 Factory Library) (Version: 1.3.9.4 - Native Instruments)
Native Instruments Maschine 2 Factory Selection (HKLM-x32\...\Native Instruments Maschine 2 Factory Selection) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Maschine Controller MK2 Driver (HKLM-x32\...\Native Instruments Maschine Controller MK2 Driver) (Version:  - Native Instruments)
Native Instruments Maschine Jam Driver (HKLM-x32\...\Native Instruments Maschine Jam Driver) (Version:  - Native Instruments)
Native Instruments Maschine Mikro Driver (HKLM-x32\...\Native Instruments Maschine Mikro Driver) (Version:  - Native Instruments)
Native Instruments Maschine Mikro MK2 Driver (HKLM-x32\...\Native Instruments Maschine Mikro MK2 Driver) (Version:  - Native Instruments)
Native Instruments Maschine MK3 Driver (HKLM-x32\...\Native Instruments Maschine MK3 Driver) (Version:  - Native Instruments)
Native Instruments Maschine Studio Driver (HKLM-x32\...\Native Instruments Maschine Studio Driver) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.12.31 - Native Instruments)
Native Instruments NIHostIntegrationAgent (HKLM-x32\...\Native Instruments NIHostIntegrationAgent) (Version: 1.12.0.0 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.12.0.0 - Native Instruments)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
PhoneRescue (HKLM-x32\...\PhoneRescue) (Version: 4.2.0 - iMobie Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2353 - Realtek Semiconductor Corp.)
rekordbox 6.7.5 64bit (HKLM\...\Pioneer rekordbox 6.7.5) (Version: 6.7.5.0032 - AlphaTheta)
Sky Go 23.5.1.0 (HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\com.bskyb.skygoplayer_is1) (Version: 23.5.1.0 - Sky)
Splice (HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\splice) (Version: 4.3.48217 - Distributed Creation, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sylenth1 v3.032 (HKLM\...\Sylenth1v3_is1) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Wi-Fi Scanner version 22.11 (HKLM-x32\...\Wi-Fi Scanner_is1) (Version: 22.11 - LizardSystems)
Xfer Records Serum (HKLM-x32\...\Serum) (Version: 1.363 - Xfer Records)

Packages:
=========

Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-02-05] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2024-06-16] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-05-16] (Adobe Systems Incorporated)
Crosshair V2 -> C:\Program Files\WindowsApps\47492CenterpointGaming.CrosshairV2_1.1.24.0_neutral__rz8d8f65gztyc [2024-06-12] (CenterPoint Gaming)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa [2024-05-09] (Apple Inc.) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe [2024-04-12] (Microsoft Corporation) [Startup Task]
Microsoft Teams Play Together -> C:\Program Files\WindowsApps\Microsoft.TeamsXboxGameBarWidget_1.2401.2901.0_x64__8wekyb3d8bbwe [2024-02-05] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-06-17] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24052.57.0_x64__cw5n1h2txyewy [2024-06-18] (Microsoft Windows) [Startup Task]
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.37.0_x64__kzh8wxbdkxb8p [2024-06-12] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.16.0_x64__kzh8wxbdkxb8p [2023-10-19] (MICRO-STAR INTERNATIONAL CO., LTD)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-24] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.324.0_x64__dt26b99r8h8gj [2024-04-11] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0 [2024-06-12] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2423.10.0_x64__cv1g1gvanyjgm [2024-06-17] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-12] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-12] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-06-12] (Microsoft Windows)
Windows-Fotoanzeige -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.12008.0_x64__8wekyb3d8bbwe [2024-06-18] (Microsoft Corporation) [Startup Task]

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-80507450-1725328437-1556703838-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-EAC13E2D831F} -> [Creative Cloud Files Personal Account meinolf.dueker@web.de 62676B3250F575C20A490D44@AdobeID] => C:\Users\Anwender\Creative Cloud Files Personal Account meinolf.dueker@web.de 62676B3250F575C20A490D44@AdobeID [2023-07-20 14:34]
CustomCLSID: HKU\S-1-5-21-80507450-1725328437-1556703838-1000_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-80507450-1725328437-1556703838-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Anwender\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.24130.8\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-80507450-1725328437-1556703838-1000_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-80507450-1725328437-1556703838-1000_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-80507450-1725328437-1556703838-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Anwender\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-80507450-1725328437-1556703838-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-10] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_91a2cdd03914725b\nvshext.dll [2023-05-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-10] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2023-11-05 05:48 - 2023-11-05 05:48 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\de_de\AcroTray.deu
2023-07-13 17:50 - 2023-07-13 17:50 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2023-07-13 17:50 - 2023-07-13 17:50 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2024-06-16 17:43 - 2024-06-16 17:43 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2024-06-16 17:43 - 2024-06-16 17:43 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2024-06-16 17:43 - 2024-06-16 17:43 - 000046592 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2024-06-16 17:43 - 2024-06-16 17:43 - 006270976 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2024-06-16 17:43 - 2024-06-16 17:43 - 001389568 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2024-06-16 17:43 - 2024-06-16 17:43 - 000157184 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:088B37DC [260]
AlternateDataStreams: C:\Users\Anwender\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [136]
AlternateDataStreams: C:\Users\Anwender\Downloads\esetonlinescanner.exe:MBAM.Zone.Identifier [158]
AlternateDataStreams: C:\Users\Anwender\Downloads\hitmanpro_x64.exe:MBAM.Zone.Identifier [118]
AlternateDataStreams: C:\Users\Anwender\Downloads\iExplore.exe:MBAM.Zone.Identifier [175]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-06-15] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-06-15] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-06-15] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-06-15] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-06-15] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-06-15] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\sharepoint.com -> hxxps://oneomnicomeur-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "AudioFuseControlCenterAgent.lnk"
HKLM\...\StartupApproved\StartupFolder: => "NIHardwareAccessibilityHelper.exe.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Ableton Push Control Panel Autostart.lnk"
HKLM\...\StartupApproved\Run: => "Corsair iCUE5 Software"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_240DD949536E06B67870153833EE073C"
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\StartupApproved\Run: => "com.squirrel.splice.Splice"
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-80507450-1725328437-1556703838-1000\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A5EEF7B6-57EF-4815-8804-D91A092ABF81}] => (Allow) C:\Program Files\EA Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{0DD2276F-3DAE-449D-BFEB-B5CDB235EC89}] => (Allow) C:\Program Files\EA Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{FB9C229F-614A-479F-AC4E-4BF9037F43BC}] => (Allow) C:\Program Files\EA Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{856492E5-A3FD-412E-B6DE-9AB84549F232}] => (Allow) C:\Program Files\EA Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{D8B36D7F-9750-4078-9D65-8721401DE28E}C:\programdata\ableton\live 11 suite\program\ableton live 11 suite.exe] => (Block) C:\programdata\ableton\live 11 suite\program\ableton live 11 suite.exe (Ableton AG -> Ableton)
FirewallRules: [TCP Query User{EE6A960B-5FE7-433C-B96D-404E4632009F}C:\programdata\ableton\live 11 suite\program\ableton live 11 suite.exe] => (Block) C:\programdata\ableton\live 11 suite\program\ableton live 11 suite.exe (Ableton AG -> Ableton)
FirewallRules: [{9A38A1E3-FF49-4F16-B9D7-D4FEC52B14BA}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.7.5\rekordboxAgent-win32-x64\rekordboxAgent.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
FirewallRules: [{951314D0-8A68-475E-A008-10920811E256}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.7.5\rbHttpServer.exe (AlphaTheta Corporation -> )
FirewallRules: [{2BBE288E-9138-4594-A386-A539D970E4BF}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.7.5\ls-unity-rekordbox-win-64bit.exe (AlphaTheta Corporation -> )
FirewallRules: [{08166777-AD59-46D4-912A-5C20832368C9}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.7.5\edb_streamd.exe (AlphaTheta Corporation -> )
FirewallRules: [{61E89CB0-FC55-4925-B506-9832874E355C}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.7.5\psvlinksysmgr.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
FirewallRules: [{0D3290B4-6842-439F-9E45-09C81C4CE523}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.7.5\psvnfsd.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
FirewallRules: [{CBBCA219-BFFF-4946-AA6F-41353D6A11A1}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.7.5\rekordbox.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
FirewallRules: [UDP Query User{4A4C0903-859A-4312-81A6-9C3E79FDCBC3}C:\users\anwender\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\anwender\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{48FC8D5B-67BD-42D0-97A1-C47FC8164E04}C:\users\anwender\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\anwender\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC872DD8-0128-414E-9991-AA94B9D7DADB}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.7.4\rekordboxAgent-win32-x64\rekordboxAgent.exe => Keine Datei
FirewallRules: [UDP Query User{54EE9C37-EA8B-4D84-B0CE-067DCBF7A172}C:\program files\ea games\battlefield 4\bf4.exe] => (Allow) C:\program files\ea games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{AEC7864B-590A-4796-BEC6-265ACB013A8F}C:\program files\ea games\battlefield 4\bf4.exe] => (Allow) C:\program files\ea games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{91C0DA39-1171-4765-A81A-56847A866FD8}C:\program files (x86)\steam\steamapps\common\six days in fallujah\sixdays\binaries\win64\sixdays-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\six days in fallujah\sixdays\binaries\win64\sixdays-win64-shipping.exe (Victura, Inc. -> Victura)
FirewallRules: [TCP Query User{C0CEBCAD-A54F-4BC9-BB94-6F2738656EED}C:\program files (x86)\steam\steamapps\common\six days in fallujah\sixdays\binaries\win64\sixdays-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\six days in fallujah\sixdays\binaries\win64\sixdays-win64-shipping.exe (Victura, Inc. -> Victura)
FirewallRules: [UDP Query User{EAB75D2C-F9E4-41B7-ACFC-6F42F57E6236}C:\users\anwender\appdata\local\splice\app-4.3.48217\splice.exe] => (Allow) C:\users\anwender\appdata\local\splice\app-4.3.48217\splice.exe (Splice) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BB505BF7-115E-4C4D-A1B0-B2E6957A5A7C}C:\users\anwender\appdata\local\splice\app-4.3.48217\splice.exe] => (Allow) C:\users\anwender\appdata\local\splice\app-4.3.48217\splice.exe (Splice) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{8A7A8268-ADF2-4707-ACDE-BA0496AC0498}C:\programdata\ableton\live 11 suite\program\ableton live 11 suite.exe] => (Allow) C:\programdata\ableton\live 11 suite\program\ableton live 11 suite.exe (Ableton AG -> Ableton)
FirewallRules: [TCP Query User{B730AA12-F50C-493F-8ED0-F6A6D38D751D}C:\programdata\ableton\live 11 suite\program\ableton live 11 suite.exe] => (Allow) C:\programdata\ableton\live 11 suite\program\ableton live 11 suite.exe (Ableton AG -> Ableton)
FirewallRules: [{1E9DE607-45F6-4DEB-9442-0F0E0B79F8E4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9CAA45D8-2212-4F9D-9D5F-D09AE0DE043B}C:\program files\ea games\battlefield 4\bf4.exe] => (Allow) C:\program files\ea games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{50BE7901-0E72-4C0E-83FC-64162B443694}C:\program files\ea games\battlefield 4\bf4.exe] => (Allow) C:\program files\ea games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{C5BF3D86-187C-49D3-B348-936E27C91946}] => (Allow) C:\Program Files\EA Games\Battlefield 2042\BF2042_launcher.exe => Keine Datei
FirewallRules: [{994FF07E-8B09-4FEC-9D35-368CB087980D}] => (Allow) C:\Program Files\EA Games\Battlefield 2042\BF2042_launcher.exe => Keine Datei
FirewallRules: [{0F52C5B6-3E60-49E1-A788-E2FAA89A327C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1F5FEE05-ECEB-4BA8-8568-E48F99B9AB97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B8656424-66A2-437B-AB04-90F80B04BCF9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D2B129D-7841-4FBD-92D0-503B94736C9B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F9B3FCA3-B289-421B-8603-A075467DC1CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Six Days in Fallujah\SixDays.exe (Victura, Inc. -> Epic Games, Inc.)
FirewallRules: [{E7FAB7F4-E134-4AA7-A71E-849D1F445A25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Six Days in Fallujah\SixDays.exe (Victura, Inc. -> Epic Games, Inc.)
FirewallRules: [{4A345B5A-2F81-4B67-B4B0-CBBD5797C2DF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{32C6B071-B178-45DA-B00E-45173C4AA5D7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{08F46EF4-F3E0-4549-A986-3473D2E67A00}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe => Keine Datei
FirewallRules: [{A8933347-707B-4CE3-937C-F2F7E571BB19}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe => Keine Datei
FirewallRules: [{F2B64E43-C66D-4A7B-9DED-D2307D7F18D1}] => (Allow) C:\Program Files\EA Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{2D63C6CA-642C-4634-9A66-E46B18252A5B}] => (Allow) C:\Program Files\EA Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{BFE00F73-4185-46E3-BA9E-745FA799E7CE}] => (Allow) C:\Program Files\EA Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{94E59DD1-E857-4DD6-BD34-F260ECBDE67F}] => (Allow) C:\Program Files\EA Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{C17629CB-1A53-43CD-B399-1047EFC83D26}] => (Allow) C:\Users\Anwender\AppData\Local\Programs\Mixed In Key\Mashup 2\Mashup.exe (Mixed In Key LLC) [Datei ist nicht signiert]
FirewallRules: [{9C1EBA29-2C56-4163-B7CE-E5E350D6F570}] => (Allow) C:\Users\Anwender\AppData\Local\Programs\Mixed In Key\Mashup 2\Mashup.exe (Mixed In Key LLC) [Datei ist nicht signiert]
FirewallRules: [{355F8D7C-8EC6-4ACC-96CD-0233BB2703CB}] => (Allow) C:\Users\Anwender\AppData\Local\Programs\Mixed In Key\Mashup 2\Mashup.exe (Mixed In Key LLC) [Datei ist nicht signiert]
FirewallRules: [{4792369C-D998-4D63-A426-8BFFFDE40D8C}] => (Allow) C:\Users\Anwender\AppData\Local\Programs\Mixed In Key\Mashup 2\Mashup.exe (Mixed In Key LLC) [Datei ist nicht signiert]
FirewallRules: [{9D15F971-AF5D-49EE-AB99-7D27CD9FFB51}] => (Allow) C:\Program Files\EA Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{C3B8BF71-62C8-4136-9978-C6C9DFABCC47}] => (Allow) C:\Program Files\EA Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{F9E8A1F8-40A4-4988-81DB-746676C4F77A}] => (Allow) C:\Program Files\EA Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{CBD2B6DE-236C-4623-9E30-BA80418E1EA4}] => (Allow) C:\Program Files\EA Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{1DB5551E-F61F-40E2-897B-AC844DEEB0E7}] => (Allow) C:\Program Files\EA Games\Battlefield 2042\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F6C14D9C-7B7E-458B-B8FC-9F07DE1D380C}] => (Allow) C:\Program Files\EA Games\Battlefield 2042\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{99CA636E-6AAB-4AC3-AA9F-E5CC407B93D3}] => (Allow) C:\Program Files\EA Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{B7351350-3387-4045-A992-9956727C1BAA}] => (Allow) C:\Program Files\EA Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{033A7743-005A-446F-B628-DABB12A2B89D}] => (Allow) C:\Program Files\EA Games\Battlefield V\bfv.exe (EA Digital Illusions CE AB) [Datei ist nicht signiert]
FirewallRules: [{6AEFD60C-1F92-4D90-9AA3-0A41899305D6}] => (Allow) C:\Program Files\EA Games\Battlefield V\bfv.exe (EA Digital Illusions CE AB) [Datei ist nicht signiert]
FirewallRules: [{D2554967-EE0D-4E13-9177-37186BBE04D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe () [Datei ist nicht signiert]
FirewallRules: [{83EA6FFE-9A6B-457B-9112-8BE4ADE14591}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe () [Datei ist nicht signiert]
FirewallRules: [{C4751583-4B88-43CC-A95E-A5B8FAB0466C}] => (Allow) C:\Program Files (x86)\iMobie\PhoneRescue\xldownload\download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{D6BAE40D-244C-49DA-BD40-81CCF5D19591}] => (Allow) C:\Program Files (x86)\iMobie\PhoneRescue\xldownload\download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{CF0D7624-668C-4031-93A2-91158DA18DFE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{552EAADB-4C39-42E3-AB0A-529535CBD481}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{4EFF025D-9B34-455A-A44D-E968575AB5D1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E3FD2161-146E-47CF-8C92-BF7F023F2C6F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{64FD76E6-87CC-4290-90FA-5E4216671929}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{022E224F-7690-4151-AA8D-90B39CD66CAC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{21E150A8-8384-4710-91D8-3CB4C7CB7011}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{31A7E1CB-C126-4ED0-8825-3F4FB6E5F7AB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [TCP Query User{6913B95A-2C25-4A3E-9748-4D7E08C5B397}C:\program files (x86)\steam\steamapps\common\six days in fallujah\sixdays\binaries\win64\sixdays-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\six days in fallujah\sixdays\binaries\win64\sixdays-win64-shipping.exe (Victura, Inc. -> Victura)
FirewallRules: [UDP Query User{F948AEFC-5348-487E-B30D-BBD2229AA30A}C:\program files (x86)\steam\steamapps\common\six days in fallujah\sixdays\binaries\win64\sixdays-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\six days in fallujah\sixdays\binaries\win64\sixdays-win64-shipping.exe (Victura, Inc. -> Victura)
FirewallRules: [{448C97F0-D626-4129-A410-C68F18155907}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24102.2309.2851.4917_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{77966BE4-B7D1-4D60-8FCD-EEB41EA1268A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24102.2309.2851.4917_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0766FB15-5135-42B8-A8D9-C8AB921E2BB5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{367D3908-FC80-4098-98C3-BA0B16C2D1BA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{583295E1-0FEC-4EFE-96D0-B822B6569D71}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB292DAC-C2EA-4295-B902-15283A37A31C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{68552661-CB66-4950-9EF6-731B953218A9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6777B60D-F9DD-4368-87D9-51D689CBE272}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{841909CD-AAC5-4C83-8774-B18E008B8E86}C:\program files\adobe\adobe premiere pro 2024\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro 2024\adobe premiere pro.exe (Adobe Inc. -> Adobe)
FirewallRules: [UDP Query User{AC15B107-27C2-417A-9141-9CD715F2CCD8}C:\program files\adobe\adobe premiere pro 2024\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro 2024\adobe premiere pro.exe (Adobe Inc. -> Adobe)
FirewallRules: [{54243260-9A0D-4CF7-9FDC-A466F2A59A26}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6AD56E97-24E9-4CCB-9F75-B7856D425003}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F3337C4-1A67-4C57-8DF7-ACF69134D546}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{554720F5-F453-4952-BFDC-CD0D0CD6BBAF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56CF468B-15E0-49F9-AD4F-8D120B6C2834}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87A8075D-2C56-44F0-8188-7CECDF973A56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2599BCE8-95C6-4CEB-8EB7-F03EE45C8927}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5A4C748F-3C62-4257-809B-3683C4B83EE9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6FD95695-EF2B-4FB0-9080-EB5C014DC58D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7B250A65-1A0E-4F24-8153-B29D52C104F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CBEB40BC-7551-4C86-9E63-C30D62687411}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{06138CB8-50C8-4507-8A6A-F422E55E979C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D3A768EA-3672-4538-B6D5-A87D67A6AB4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{46EF278D-197E-42BC-9805-7A7017C3418B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C76D7F73-1ED9-4686-B676-CA969B30ED0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C7BBE4B2-2807-484E-BE76-E5E4E8FA008C}] => (Allow) LPort=32683
FirewallRules: [{516EEE95-0D55-4AAA-AB67-33CA08DEC3AF}] => (Allow) LPort=26822
FirewallRules: [{69855CF0-9FC4-4DF2-BE95-D0820AD770B1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2B95292B-DD87-4578-AE6F-2CB9628C5EC5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4CEC4B7A-0B90-4511-9180-653511B75537}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1FC6D8B1-3876-466E-A478-F2D86754617B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F19CB8BA-D49D-4919-A6DE-AE2376B7BCCB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{71E5D1C2-6F03-4B1E-8033-FDD90D3E35E7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{25A81183-38DE-4806-AF98-0B060C1F81F5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{AF6BBF21-7C15-4B6D-A32C-069B0E082CBE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D393B81C-FF47-434D-951F-7E351401B026}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B13B072C-B59D-4B6B-B4F3-C0B17190525E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E17466D8-D3BB-4A78-A027-CFB510687A6A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)

==================== Wiederherstellungspunkte =========================

02-06-2024 11:41:49 Windows Update
05-06-2024 12:20:20 Windows Update
12-06-2024 13:45:45 Windows Update
13-06-2024 20:18:47 Cyberduck
17-06-2024 14:51:52 Windows Update
17-06-2024 14:51:54 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (06/18/2024 08:06:44 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm bf4.exe Version 1.8.2.48475 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (06/18/2024 08:04:16 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm bf4.exe Version 1.8.2.48475 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (06/18/2024 07:59:43 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm bf4.exe Version 1.8.2.48475 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (06/17/2024 12:53:32 PM) (Source: Application Error) (EventID: 1000) (User: BEAST)
Description: Name der fehlerhaften Anwendung: Acrobat.exe, Version: 24.2.20857.0, Zeitstempel: 0x666cd01f
Name des fehlerhaften Moduls: TWAIN_32.DLL, Version: 1.7.1.3, Zeitstempel: 0xa0f8a732
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000d0f9
ID des fehlerhaften Prozesses: 0x0x1fb4
Startzeit der fehlerhaften Anwendung: 0x0x1dac0a487bdfa70
Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Acrobat DC\Acrobat\x86\Acrobat\Acrobat.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\TWAIN_32.DLL
Berichtskennung: 63c24b92-f158-4ae2-81b8-1b4f30cb64d7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/13/2024 09:25:22 PM) (Source: Application Error) (EventID: 1000) (User: BEAST)
Description: Name der fehlerhaften Anwendung: WhatsApp.exe, Version: 0.0.0.0, Zeitstempel: 0x66670234
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.22621.3733, Zeitstempel: 0x67ca8829
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000000000010c8f9
ID des fehlerhaften Prozesses: 0x0x26dc
Startzeit der fehlerhaften Anwendung: 0x0x1dabdb9f1fa4e39
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2423.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 7a8b7333-fa65-449a-93b2-ff0f8329bad1
Vollständiger Name des fehlerhaften Pakets: 5319275A.WhatsAppDesktop_2.2423.7.0_x64__cv1g1gvanyjgm
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (06/12/2024 07:26:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..

Error: (06/12/2024 07:26:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.]

Error: (06/12/2024 07:26:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..


Systemfehler:
=============
Error: (06/18/2024 08:08:45 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (78:64:c0:c4:42:64) ist fehlgeschlagen.

Error: (06/18/2024 08:06:55 PM) (Source: DCOM) (EventID: 10010) (User: BEAST)
Description: Der Server "{FD06603A-2BDF-4BB1-B7DF-5DC68F353601}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (06/18/2024 07:13:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "EABackgroundService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/17/2024 11:29:26 PM) (Source: DCOM) (EventID: 10010) (User: BEAST)
Description: Der Server "Microsoft.Windows.ContentDeliveryManager_10.0.22621.2506_neutral_neutral_cw5n1h2txyewy!App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (06/17/2024 11:29:25 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (06/17/2024 02:52:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop

Error: (06/17/2024 02:52:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9WZDNCRFHVQM-MICROSOFT.WINDOWSCOMMUNICATIONSAPPS

Error: (06/16/2024 06:32:18 PM) (Source: DCOM) (EventID: 10010) (User: BEAST)
Description: Der Server "{69B7FE84-6361-4423-B948-1D64820B1E96}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2024-06-18 10:46:10
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5E6F085E-9A6E-4B57-B546-584A6520A7F8}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM 

Date: 2024-06-18 10:41:20
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {60991D73-411E-48E3-A285-C1BDA073DA91}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM 

Date: 2024-06-16 18:33:05
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {2D5F804E-93AD-441C-A7DA-7F9DD117CDA6}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM 

Date: 2024-06-15 12:26:22
Description: 
Der überwachte Ordnerzugriff hat C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2024-06-15T10:26:22.303Z
Benutzer: BEAST\Anwender
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
Sicherheitsversion: 1.413.275.0
Modulversion: 1.1.24050.5
Produktversion: 4.18.24050.7
 

Date: 2024-06-15 12:26:11
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {6E0F6EB1-D2CB-43A9-BDE9-6067E6711A75}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM 
Event[0]

Date: 2024-04-21 13:47:20
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.409.377.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.24030.4
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.  

Date: 2024-04-21 13:47:20
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.409.377.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.24030.4
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.  

Date: 2024-04-21 13:47:20
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.409.377.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.24030.4
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.  

Date: 2024-04-21 13:47:20
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.409.377.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.24030.4
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.  

Date: 2024-04-21 13:47:20
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.409.377.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.24030.4
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.  

CodeIntegrity:
===============
Date: 2024-06-18 20:38:10
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. 

Date: 2024-06-18 20:27:55
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. 

Date: 2024-06-18 20:22:55
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: American Megatrends International, LLC. H.50 04/18/2023
Hauptplatine: Micro-Star International Co., Ltd. MAG Z790 TOMAHAWK WIFI (MS-7D91)
Prozessor: 13th Gen Intel(R) Core(TM) i7-13700KF
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 32616.06 MB
Verfügbarer physikalischer RAM: 26764.5 MB
Summe virtueller Speicher: 34664.06 MB
Verfügbarer virtueller Speicher: 26311.05 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:1862.2 GB) (Free:727.95 GB) (Model: Samsung SSD 980 PRO 2TB) NTFS
Drive d: (Datensicherung) (Fixed) (Total:465.76 GB) (Free:141.64 GB) (Model: StoreJet Transcend USB Device) NTFS

\\?\Volume{bb2c3f25-f64d-432f-a700-95f9780128be}\ () (Fixed) (Total:0.7 GB) (Free:0.07 GB) NTFS
\\?\Volume{b0edf61c-b508-429c-a87c-b7d9021abf25}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 8C157AA8)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt =======================
         

Zitat:

Microsoft Windows 11 Pro for Workstations

Wo hast du diese Edition denn her?

Die kam mit dem PC fertig installiert! Also es war WIN 10 drauf und das Upgrade konnte ich dann ausführen!

Ich meinte nicht das Windows 11, sondern das for Workstations - das ist eine Version über der Pro-Edition. Nicht dass der Händler dir da da irgendwas Illegales angedreht aber dafür kassiert hat. Was steht denn auf der Rechnung?

Zitat:

Erkannt: PUABundler:Win32/FileZilla_BundleInstaller

Du hast FileZilla bestimmt aus irgendeiner Schrottquelle geladen. Wo genau?

Der Händler war DUBARO, ich denke nicht das da etwas illegales gelaufen ist. Zumal das Upgrade habe ich direkt über Microsoft mit dem kostenlosen Upgrade von WIN 10 Pro auf 11 gemacht!
Auf dem Auftrag steht: Windows 10 Pro 64bit (Installiert inkl Key)

FileZilla kam leider von Chip.de...!!!

Zitat:

FileZilla kam leider von Chip.de...!!!

Und genau davon sollst du nicht laden. Die verteilen zwar keine üble Malware, aber potentiell nervige Adware. Also selbst wenn dieses setup gestartet wäre (was nicht passierte) wäre kein großer Schaden entstanden.

Downloadquellen

Lade keine Software von Chip.de, Softonic.de, sourceforge.net, openoffice.de, VLC.de, audacity.de, gimp24.de oder updatestar.com.
Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software (Potentially unwanted programs, kurz PUP) oder Adware installiert.
Auf manchen Seiten wird direkt PUP / Adware zum Download angeboten.

Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> chocolatey Paketmanager für Windows

Wir empfehlen dringend, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein.
Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch)
Selbstverständlich darfst du auch Fragen zu chocolatey im o.g. Thread zu chocolatey stellen.

Für den seltenen Fall, dass du das benötigte Programm nicht im repository von chocolatey findest: Lade diese Software immer direkt beim jeweiligen Hersteller / Entwickler.

Ok, habe ich verstanden ;-)!
Was muss ich machen um mein Microsoft Defender wieder zu beruhigen?

Da gibt es nichts zu beruhigen. Der hat die Datei gelöscht und das wars. Selbst wenn nicht, es wurde doch erklärt, dass die Datei mehr oder weniger harmlos ist.

Ok, ich dachte schon cih bin ruiniert! Danke für Deine Hilfe!!!

Entfernung der verwendeten Tools
Führe KpRm gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.





Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob du mit uns und unserer Hilfe zufrieden warst...
Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.





Zum Schluss bitte unbedingt die Sicherheitsmaßnahmen lesen und umsetzen:

Lesestoff:
Anleitung: Maßnahmen zur Absicherung des Rechners

Hinweis:
Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Wir sind froh, dass wir helfen konnten

Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.