Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Gefälschtes Windows Pop-up mit angeblicher Virus Warnung.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Thema geschlossen
Alt 27.03.2025, 17:11   #1
Lovecraftian
 
Gefälschtes Windows Pop-up mit angeblicher Virus Warnung. - Standard

Gefälschtes Windows Pop-up mit angeblicher Virus Warnung.



Hallo liebe community,

Kürzlich für eine Person aus meinem Haushalt mit seinem Benutzerkonto an meinem PC. Das Konto hat keine Adminrechte. Sie hat in Microsoft Edge eine unbekannte Webseite (Bing Bildersuche) aufgerufen, die nach einem Zugriff gefragt hat. Den Zugriff hat sie angenommen. Daraufhin sind unten rechts in Windows hintereinander, zwei Pop-ups auf geblockt. Die Pop-ups haben sich als Antivirus Software getarnt Und angeblich ein Virus gefunden. In dem Moment war ich zum Glück dabei Und der Pop-Up wurde nicht angeklickt.

Direkt im Anschluss habe ich die Internetverbindung an den PC unterbrochen, die Browserdaten gelöscht, Microsoft Defender und im Anschluss noch Malewarebytes laufen lassen. Beide Programme haben keine Bedrohung gefunden.

Nach einem Neustart trat auch kein Pop-up mehr auf. Eine Veränderung ist mir jetzt erst einmal nicht aufgefallen.

Meine Frage ist, ob es sich damit erledigt hat oder ob ich noch andere Maßnahmen greifen sollte? Wenn es hilft, könnte ich noch mal versuchen, diese Webseite herauszufinden im Verlauf (den Verlauf habe ich nicht gelöscht).

Vielen herzlichen Dank schon mal im Voraus, eine weitere Spende folgt nach Abschluss.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-03-2025
durchgeführt von Admin (Administrator) auf Users-COMPUTE (CSL-Computer GmbH & Co. KG Ultimate) (27-03-2025 17:04:04)
Gestartet von C:\Users\Admin\Downloads\FRST64.exe
Geladene Profile: User2 & Admin
Plattform: Microsoft Windows 11 Pro Version 24H2 26100.3476 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe <8>
(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe <2>
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe ->) (Native Instruments GmbH -> ) C:\Program Files\Common Files\Native Instruments\NTK\crashpad_handler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe <2>
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe <2>
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries A/S) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe <2>
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\sonar\SteelSeriesSonar.exe
(C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.85\msedgewebview2.exe <12>
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Meta Platforms, Inc. -> Facebook Technologies, LLC) D:\Oculus\Support\oculus-runtime\OVRRedir.exe
(D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Meta Platforms, Inc. -> Facebook Technologies, LLC) D:\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(DriverStore\FileRepository\u0409974.inf_amd64_db5d684bd08db28d\B409690\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0409974.inf_amd64_db5d684bd08db28d\B409690\atieclxx.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <46>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(explorer.exe ->) (SteelSeries ApS -> SteelSeries A/S) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe <2>
(explorer.exe ->) (VOICEMOD, INC. SUCURSAL EN ESPAÑA -> Voicemod) D:\Programme\Voicemod Desktop\VoicemodDesktop.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0409974.inf_amd64_db5d684bd08db28d\B409690\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.03.02\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Meta Platforms, Inc. -> Facebook Technologies, LLC) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\Synology Active Backup for Business Service.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
(services.exe ->) (Virtual Desktop, Inc -> Virtual Desktop, Inc.) C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25021.28.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <13>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\consent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.3321_none_a52dfe0d774762b3\TiWorker.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [16864080 2025-03-24] (SteelSeries ApS -> SteelSeries A/S)
HKLM\...\Run: [FWS_FlawlessWidescreen] => C:\Program Files (x86)\Flawless Widescreen\FlawlessWidescreen.exe [2607104 2014-05-30] (Flawless Widescreen) [Datei ist nicht signiert]
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [613048 2023-03-22] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9238408 2025-03-18] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-742015436-2650572314-4209869716-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5010744 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1002\...\Run: [MicrosoftEdgeAutoLaunch_D2D5D3B89CD0B658E56F5D111A67AC3D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291136 2025-03-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5010744 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [Discord] => C:\Users\User1\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37448168 2024-04-10] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [MicrosoftEdgeAutoLaunch_78483AFC51CC79D0D8B0490D05207333] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291136 2025-03-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [155032 2024-05-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14319440 2024-08-26] (GOG  sp. z o.o -> GOG.com)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [Synology Image Assistant] => C:\Program Files\Synology\Synology Image Assistant\Synology Image Assistant.exe [176705744 2024-12-06] (Synology Inc. -> Synology Inc.)
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5010744 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4693088 2025-03-11] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\...\Run: [Voicemod] => D:\Programme\Voicemod Desktop\VoicemodDesktop.exe [5760912 2024-01-30] (VOICEMOD, INC. SUCURSAL EN ESPAÑA -> Voicemod)
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [155032 2024-05-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14319440 2024-08-26] (GOG  sp. z o.o -> GOG.com)
HKLM\...\Windows x64\Print Processors\sht13cPC: C:\Windows\System32\spool\prtprocs\x64\sht13cpc.dll [101080 2022-01-24] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
AppInit_DLLs: C:\PROGRA~1\VIRTUA~1\VIRTUA~4.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector64.dll [136056 2024-11-24] (Virtual Desktop, Inc -> Virtual Desktop, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {513AE322-6D0A-4672-936C-247719161EE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {3A1CFF52-860C-493B-962A-FE2D9D6D8540} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1031384 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {047EDB2C-32B0-484D-A800-4A1D47022060} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1031384 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {EDFD7886-728D-4E42-A765-459CE842633E} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [184024 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {8B84C495-9F03-428E-A38A-3C89654BA32B} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [309608 2022-10-17] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {1A2630E1-9C89-4551-BA85-C4025670AC75} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1859944 2022-10-17] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {6CC436D3-6D8B-469B-8DC2-1985EA064F3B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d912e99e9d4e7e => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-12-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {79FE1179-3F19-46DA-9A9C-66581003C688} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-12-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {F61FE449-0FDB-4BA2-A74F-CBD71455BC54} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [152109928 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {C24EADE4-3F48-4408-85E5-BDF1FEF879A7} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2023-12-07] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {DAC8D055-2B2B-42EE-9D0E-5923ADB7344A} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (Keine Datei)
Task: {7D743289-1968-4DC9-8341-0690F3CE7D9E} - System32\Tasks\DropboxSystem\DropboxUpdater\DropboxUpdaterTaskSystem123.0.6299.89{F38539AC-5FEE-4153-8D0A-381A6244F8DF} => C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.89\updater.exe [5895032 2025-02-17] (Dropbox, Inc -> Dropbox, Inc.)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {560A7B0A-1318-4D3F-94F8-0CE5A6BA9A62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4ED2CF94-FD5C-4D28-87A3-74C52FFE3ABD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F2446D23-EBB2-4EF3-B880-A97AD16F5000} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {54081C89-0D61-4200-86FE-B6FE5AE117B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FD64FA16-EEF1-401D-9082-5FC0727040B5} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1031384 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {46171060-7BE0-4598-9932-9F7E84F4A0E7} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222760 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2B6CCA9-E5DC-4F64-96F8-5A01B12177B1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  /reporting (Keine Datei) <==== ACHTUNG
Task: {CA93261D-2BC8-4F69-944E-3B8B86189857} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222760 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {57444368-F1B3-4A31-9792-88DB9B1108DE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  /reporting (Keine Datei) <==== ACHTUNG
Task: {4E9394B1-75C0-4F70-91C3-0E30E88579D2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222760 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A2F4B19-EBAF-41C7-9624-85D62A039111} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1010 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222760 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE149E17-8E67-4BEE-A803-91FB5DA0A9B9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1011 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222760 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB94FD73-4ED1-4706-92FF-A2C87ED0CB7D} - System32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1002 => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\OneDriveLauncher.exe  /startInstances (Keine Datei)
Task: {EF425A02-6699-408A-BA82-D5C8447DC8A6} - System32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1005 => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\OneDriveLauncher.exe  /startInstances (Keine Datei)
Task: {631187C2-1094-40F1-9F39-6C827333C715} - System32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1011 => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\OneDriveLauncher.exe  /startInstances (Keine Datei)
Task: {D09BE782-6E77-46F8-8F33-BE57CDB0410A} - System32\Tasks\Shutdown => C:Windows\System32\shutdown.exe  -> -s
Task: {19E4983A-40A6-465A-8D52-5E892A3FF3A6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {1DD5B55D-968F-472E-825E-10CF00176621} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4d1b61c0-65ba-477f-a851-37f438df3773}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4d1b61c0-65ba-477f-a851-37f438df3773}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{a8007744-234c-4475-986f-575b8d880eea}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{eec00823-27e6-4302-af75-219d8609173e}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-27]
Edge Extension: (NordVPN - the Fastest VPN proxy for privacy) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fphgeikpdcdcheaochkhldmnfblfogla [2025-03-27]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-12]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKLM-x32\...\Edge\Extension: [fphgeikpdcdcheaochkhldmnfblfogla]

FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [Keine Datei]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
U2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [401880 2024-12-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.03.02\atkexComSvc.exe [909160 2024-05-02] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-12-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [503144 2024-09-25] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2023-10-17] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-12-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678256 2022-12-21] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1134480 2025-03-27] (ASUSTeK Computer Inc. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5895032 2025-02-17] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5895032 2025-02-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48528 2025-03-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\220.4.4126\DropboxElevationService.exe [1659280 2025-03-18] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterInternalService123.0.6299.89; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.89\updater.exe [5895032 2025-02-17] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterService123.0.6299.89; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.89\updater.exe [5895032 2025-02-17] (Dropbox, Inc -> Dropbox, Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [13902952 2024-08-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [960752 2024-07-02] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-10-18] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncHelper.exe [3534632 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2432608 2023-08-14] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2282320 2024-08-26] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7191888 2024-08-26] (GOG  sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-03-05] (HP Inc. -> HP Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4955496 2024-08-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9484384 2025-03-21] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-08] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [17119968 2023-09-25] (Native Instruments GmbH -> Native Instruments GmbH)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.035.0223.0003\OneDriveUpdaterService.exe [3881808 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
S3 OVRLibraryService; D:\Oculus\Support\oculus-librarian\OVRLibraryService.exe [146616 2025-03-13] (Meta Platforms, Inc. -> Facebook Technologies, LLC)
R2 OVRService; D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [428728 2025-03-13] (Meta Platforms, Inc. -> Facebook Technologies, LLC)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [613048 2023-03-22] (geek software GmbH -> geek software GmbH)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2125352 2024-11-22] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559344 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-13] (GN Hearing A/S -> )
R2 Synology Active Backup for Business Service; C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\Synology Active Backup for Business Service.exe [3780816 2025-02-10] (Synology Inc. -> )
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [356568 2024-10-28] (Synology Inc. -> )
S3 Updater; C:\Program Files\Virtual Desktop Streamer\Updater.exe [1385848 2024-11-25] (Virtual Desktop, Inc -> Virtual Desktop, Inc.)
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [11465592 2024-10-12] (Virtual Desktop, Inc -> Virtual Desktop, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV22; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [60576 2024-06-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_66bdd11a4e97edd1\amdsafd.sys [112840 2024-05-02] (AMD Test Build -> Advanced Micro Devices)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0409974.inf_amd64_db5d684bd08db28d\B409690\amdkmdag.sys [106158496 2024-12-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [63008 2024-05-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [58936 2024-09-24] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2024-12-16] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2024-12-16] (Microsoft Corporation) [Datei ist nicht signiert]
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [34920 2025-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 e2fnexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2fn.inf_amd64_d9445744f52b5b9b\e2fn.sys [1410688 2024-02-17] (Intel Corporation -> Intel Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-16] (Microsoft Windows -> Microsoft Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54888 2024-07-02] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140744 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterx64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [361472 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1617920 2024-03-06] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [73400 2024-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2024-07-09] (Oculus VR, LLC -> Facebook Inc.)
R3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a6eb3abe5befec7d\rtucx22x64.sys [1876424 2024-04-24] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43568 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_7a086649438f4409\SteelSeries-Sonar-VAD.sys [95400 2024-08-07] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [44936 2024-05-24] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R3 vdvge; C:\WINDOWS\System32\drivers\vdvge.sys [75832 2024-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Virtual Desktop, Inc.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2023-08-30] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-03-05] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601520 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
R3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-03-27 17:04 - 2025-03-27 17:04 - 000039040 _____ C:\Users\Admin\Downloads\FRST.txt
2025-03-27 17:03 - 2025-03-27 17:04 - 000000000 ____D C:\FRST
2025-03-27 17:03 - 2025-03-27 17:03 - 000745650 _____ C:\WINDOWS\system32\perfh007.dat
2025-03-27 17:03 - 2025-03-27 17:03 - 000158752 _____ C:\WINDOWS\system32\perfc007.dat
2025-03-27 17:03 - 2025-03-27 17:03 - 000000000 ____D C:\Users\Admin\AppData\Roaming\com.adobe.dunamis
2025-03-27 17:03 - 2025-03-27 17:03 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2025-03-27 17:03 - 2025-03-27 17:03 - 000000000 ____D C:\Users\Admin\AppData\Local\SolidDocuments
2025-03-27 17:03 - 2025-03-27 17:03 - 000000000 ____D C:\Users\Admin\.ms-ad
2025-03-27 17:02 - 2025-03-27 17:03 - 002404352 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2025-03-27 17:02 - 2025-03-27 17:03 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2025-03-27 17:01 - 2025-03-27 17:01 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2025-03-27 17:00 - 2025-03-27 17:01 - 000000000 ____D C:\ProgramData\Oculus
2025-03-27 17:00 - 2025-03-27 17:00 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Oculus
2025-03-27 16:59 - 2025-03-27 17:00 - 000000000 ____D C:\Users\Admin\AppData\Roaming\asus_framework
2025-03-27 16:59 - 2025-03-27 16:59 - 000000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2025-03-27 16:59 - 2025-03-27 16:59 - 000000000 ____D C:\Users\Admin\AppData\Local\Comms
2025-03-26 14:07 - 2025-03-26 14:07 - 000112749 _____ C:\Users\User2\Downloads\April 2024.pdf
2025-03-26 14:07 - 2025-03-26 14:07 - 000106460 _____ C:\Users\User2\Downloads\Juni 2024.pdf
2025-03-26 14:07 - 2025-03-26 14:07 - 000087749 _____ C:\Users\User2\Downloads\März 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000122445 _____ C:\Users\User2\Downloads\Dezember 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000113834 _____ C:\Users\User2\Downloads\November 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000111219 _____ C:\Users\User2\Downloads\August 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000111170 _____ C:\Users\User2\Downloads\September 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000109451 _____ C:\Users\User2\Downloads\Oktober 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000109438 _____ C:\Users\User2\Downloads\Juli 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000106339 _____ C:\Users\User2\Downloads\Mai 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000090737 _____ C:\Users\User2\Downloads\Februar 2025.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000088470 _____ C:\Users\User2\Downloads\Januar 2025.pdf
2025-03-26 13:54 - 2025-03-26 13:54 - 000044728 _____ C:\Users\User2\Downloads\Verdienstbescheinigung # 117 SGB XII.pdf
2025-03-26 12:41 - 2025-03-26 12:41 - 000000000 ____D C:\Users\User2\AppData\Local\SynologyDrive
2025-03-26 12:40 - 2025-03-26 12:41 - 029089792 _____ C:\Users\User2\Downloads\AusweisApp-2.3.1.msi
2025-03-25 22:45 - 2025-03-25 22:45 - 000000000 ____D C:\Users\User2\Downloads\Elterngeld Antrag
2025-03-22 16:55 - 2025-03-25 22:54 - 000000000 ____D C:\Users\User1\AppData\Local\SynologyDrive
2025-03-22 16:55 - 2025-03-22 16:55 - 000001360 _____ C:\Users\Public\Desktop\Synology Drive Client.lnk
2025-03-22 16:55 - 2025-03-22 16:55 - 000000000 ____D C:\Users\Admin\AppData\Local\SynologyDrive
2025-03-22 16:54 - 2025-03-22 16:54 - 072353192 _____ (Synology) C:\Users\User1\Downloads\Synology Drive Client-3.5.1-16102-x86.exe
2025-03-20 19:30 - 2025-03-20 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2025-03-18 12:02 - 2025-03-18 12:02 - 000048528 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2025-03-14 14:39 - 2025-03-14 14:39 - 000000000 ____D C:\Users\User2\Downloads\Fotos User2 Arbeit
2025-03-14 14:27 - 2025-03-14 14:35 - 1191397142 _____ C:\Users\User2\Downloads\ZIP Fotos User2.zip
2025-03-09 21:59 - 2025-03-09 21:59 - 000000000 ____D C:\WINDOWS\Windows.SystemToast.PresenceSensing.OnlookerDetection
2025-03-09 19:51 - 2025-03-27 16:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-09 19:49 - 2025-03-09 19:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\DropboxSystem
2025-03-09 19:49 - 2025-03-09 19:49 - 000000000 ____D C:\Program Files\Dropbox
2025-03-05 20:47 - 2025-03-05 20:47 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-03-05 20:47 - 2025-03-05 20:47 - 000070484 _____ C:\WINDOWS\system32\ctac.json

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-03-27 17:05 - 2024-03-12 15:26 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2025-03-27 17:04 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-27 17:04 - 2022-12-18 15:04 - 000000000 ____D C:\Program Files\ASUS
2025-03-27 17:03 - 2024-12-17 19:26 - 001729504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-27 17:03 - 2024-12-16 21:46 - 000000000 ____D C:\Users\Admin
2025-03-27 17:03 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-03-27 17:03 - 2024-03-12 15:26 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2025-03-27 17:02 - 2024-03-12 15:27 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2025-03-27 17:01 - 2024-08-27 18:49 - 000000000 ____D C:\Users\Admin\AppData\Local\Steam
2025-03-27 17:01 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-27 17:01 - 2024-03-17 17:44 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2025-03-27 17:01 - 2024-03-12 17:38 - 000000000 ____D C:\Program Files (x86)\Steam
2025-03-27 17:01 - 2024-03-12 15:27 - 000000000 ____D C:\Users\Admin\AppData\Local\Dropbox
2025-03-27 17:00 - 2024-12-16 21:46 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows
2025-03-27 17:00 - 2024-07-09 18:10 - 000000000 ____D C:\Users\Admin\AppData\Local\Oculus
2025-03-27 17:00 - 2024-04-24 17:21 - 000000000 ____D C:\Users\Admin\AppData\Local\Voicemod
2025-03-27 17:00 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-27 17:00 - 2024-03-12 15:27 - 000000000 ____D C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder
2025-03-27 17:00 - 2024-03-12 15:26 - 000000000 ____D C:\Users\Admin\AppData\Local\AMD
2025-03-27 17:00 - 2024-01-06 10:36 - 000000000 ____D C:\Users\User2\AppData\Roaming\Dropbox
2025-03-27 17:00 - 2023-08-12 16:10 - 000000000 ____D C:\Users\User2\AppData\Local\Dropbox
2025-03-27 16:59 - 2024-12-16 22:39 - 000003130 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2025-03-27 16:59 - 2024-12-16 22:39 - 000003122 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2025-03-27 16:59 - 2024-12-16 22:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-27 16:59 - 2024-12-16 22:38 - 000015038 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-03-27 16:59 - 2024-12-16 21:46 - 000000000 ____D C:\WINDOWS\system32\SteelSeries
2025-03-27 16:59 - 2024-07-13 09:30 - 000000000 ____D C:\Users\User2\AppData\Roaming\asus_framework
2025-03-27 16:59 - 2024-07-13 09:30 - 000000000 ____D C:\Users\User2\AppData\Local\Oculus
2025-03-27 16:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-03-27 16:59 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-27 16:59 - 2024-02-25 14:37 - 000000000 ____D C:\Users\User2\AppData\Local\Malwarebytes
2025-03-27 16:59 - 2024-02-25 14:37 - 000000000 ____D C:\Users\User2\AppData\Local\CrashDumps
2025-03-27 16:59 - 2024-02-20 17:06 - 000000000 ____D C:\ProgramData\ActiveBackupforBusinessAgent
2025-03-27 16:59 - 2022-12-18 14:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-03-27 16:59 - 2022-12-18 14:43 - 001173024 _____ C:\WINDOWS\system32\wpbbin.exe
2025-03-27 16:59 - 2022-12-18 14:43 - 001134480 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2025-03-27 16:59 - 2022-12-18 14:43 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-26 14:08 - 2024-04-01 08:21 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-03-26 11:46 - 2024-12-16 22:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-26 11:21 - 2022-12-27 09:59 - 000000000 ____D C:\Users\User2\AppData\Local\D3DSCache
2025-03-26 10:41 - 2022-12-18 14:43 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-26 10:41 - 2022-12-18 14:43 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-03-26 10:33 - 2024-06-14 10:21 - 000000000 ____D C:\Users\User2\AppData\Roaming\steelseries-gg-client
2025-03-26 10:32 - 2022-12-27 10:00 - 000000000 ___RD C:\Users\User2\OneDrive
2025-03-25 22:54 - 2024-12-31 15:41 - 000000000 ____D C:\Users\User1\AppData\Roaming\Synology Image Assistant
2025-03-25 22:54 - 2024-07-08 13:51 - 000000000 ____D C:\Users\User1\AppData\Roaming\asus_framework
2025-03-25 22:53 - 2024-02-22 13:44 - 000000000 ____D C:\Users\User1\AppData\Local\Malwarebytes
2025-03-25 21:34 - 2024-02-27 14:12 - 000000000 ____D C:\Users\User1\AppData\Local\CrashDumps
2025-03-25 21:34 - 2023-03-04 16:13 - 000000000 ____D C:\Users\User1\AppData\Roaming\Dropbox
2025-03-25 21:34 - 2023-03-04 16:13 - 000000000 ____D C:\Users\User1\AppData\Local\Dropbox
2025-03-25 21:34 - 2022-12-19 13:11 - 000000000 ___RD C:\Users\User1\OneDrive
2025-03-25 21:33 - 2024-11-19 19:26 - 000000000 ____D C:\Users\User1\AppData\Roaming\Oculus Remote Desktop
2025-03-25 21:33 - 2024-07-09 18:24 - 000000000 ____D C:\Users\User1\AppData\Local\Oculus
2025-03-25 21:33 - 2024-03-12 17:43 - 000000000 ___RD C:\Users\User1\iCloudDrive
2025-03-25 21:32 - 2023-12-21 17:29 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-03-24 22:16 - 2024-03-17 16:30 - 000000000 ____D C:\Users\User1\AppData\Roaming\obsidian
2025-03-24 21:13 - 2024-12-16 22:39 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1011
2025-03-24 21:13 - 2024-12-16 22:39 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1005
2025-03-24 21:13 - 2024-12-16 22:39 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1002
2025-03-24 21:13 - 2024-12-16 22:39 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-03-24 21:13 - 2023-12-21 17:29 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-23 14:28 - 2022-12-30 13:54 - 000000000 ____D C:\Users\User2\AppData\Local\AMD_Common
2025-03-23 13:46 - 2024-12-16 21:46 - 000000000 ____D C:\Users\User2\AppData\Roaming\Microsoft\Spelling
2025-03-23 12:56 - 2022-12-27 09:59 - 000000000 ____D C:\Users\User2\AppData\Local\Packages
2025-03-22 17:17 - 2024-02-20 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2025-03-22 17:17 - 2024-02-20 16:48 - 000000000 ____D C:\Program Files (x86)\Synology
2025-03-22 16:59 - 2022-12-19 13:10 - 000000000 ____D C:\Users\User1\AppData\Local\Packages
2025-03-22 16:59 - 2022-12-18 14:48 - 000000000 ____D C:\ProgramData\Packages
2025-03-22 16:57 - 2024-12-16 22:39 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-03-22 16:57 - 2023-03-17 23:51 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-20 19:30 - 2023-03-04 16:13 - 000000000 ____D C:\Program Files (x86)\Dropbox
2025-03-18 19:53 - 2022-12-22 17:18 - 002897472 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-03-18 19:53 - 2022-12-22 17:18 - 000788008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-03-18 19:53 - 2022-12-22 17:18 - 000267816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-03-18 19:53 - 2022-12-22 17:18 - 000243264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-03-18 19:53 - 2022-12-22 17:18 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-03-18 19:53 - 2022-12-22 17:18 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-03-18 19:53 - 2022-12-22 17:18 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-03-18 19:52 - 2022-12-21 13:08 - 000000000 ____D C:\Users\User1\AppData\Local\AMD_Common
2025-03-15 22:20 - 2024-12-16 22:36 - 000306312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-15 22:20 - 2024-12-16 22:36 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-03-15 22:19 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-03-15 22:19 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-15 22:19 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-15 20:00 - 2022-12-19 13:10 - 000000000 ____D C:\Users\User1\AppData\Local\D3DSCache
2025-03-12 20:50 - 2024-12-16 22:39 - 003346432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-09 21:59 - 2024-04-01 17:37 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-09 21:59 - 2024-04-01 17:37 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-03-09 21:59 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-03-09 21:59 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-09 20:06 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-03-09 20:01 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2025-03-09 19:58 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-03-09 19:58 - 2024-02-22 13:43 - 000022120 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2025-03-07 17:36 - 2024-12-16 22:39 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-07 17:36 - 2024-12-16 22:39 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-05 22:25 - 2024-12-16 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-03-05 22:25 - 2023-01-09 11:36 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-03-05 20:34 - 2022-12-18 14:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-03-04 19:18 - 2025-02-06 21:21 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1011
2025-03-04 19:18 - 2025-02-06 21:21 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1005
2025-03-04 19:18 - 2025-02-06 21:21 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1002
2025-03-02 23:00 - 2022-12-21 13:17 - 000000000 ____D C:\Users\User1\AppData\Roaming\steelseries-gg-client
2025-02-28 23:16 - 2023-03-01 21:44 - 000000000 ____D C:\Users\User1\AppData\Roaming\DeepL_SE

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         

Geändert von Lovecraftian (27.03.2025 um 17:28 Uhr)

Alt 27.03.2025, 17:23   #2
Lovecraftian
 
Gefälschtes Windows Pop-up mit angeblicher Virus Warnung. - Standard

Addition



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-03-2025
durchgeführt von Admin (27-03-2025 17:05:50)
Gestartet von C:\Users\Admin\Downloads
Microsoft Windows 11 Pro Version 24H2 26100.3476 (X64) (2024-12-17 18:19:48)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-742015436-2650572314-4209869716-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-742015436-2650572314-4209869716-503 - Limited - Disabled)
Nutzer1 (S-1-5-21-742015436-2650572314-4209869716-1005 - Limited - Enabled) => C:\Users\Nutzer1
Admin (S-1-5-21-742015436-2650572314-4209869716-1011 - Administrator - Enabled) => C:\Users\Admin
Gast (S-1-5-21-742015436-2650572314-4209869716-501 - Limited - Disabled)
Nutzer2 (S-1-5-21-742015436-2650572314-4209869716-1002 - Limited - Enabled) => C:\Users\Nutzer2
WDAGUtilityAccount (S-1-5-21-742015436-2650572314-4209869716-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 25.001.20435 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.08.02.027 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD Product Verification Tool Version 1.0.6.4 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.6.4 - AMD)
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.24.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.6.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{94dc9043-935f-4e10-ac8b-5ce0ac055188}) (Version: 5.08.02.027 - Advanced Micro Devices, Inc.) Hidden
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
AOMEI Partition Assistant 10.3.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: 10.3.0 - AOMEI International Network Limited.)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.9.13 - ASUS)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.3.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{8fd8086a-a017-4dde-9157-e762e69ad2c9}) (Version: 1.3.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{127BAA1F-BF99-457D-92AD-DCCD7698B294}) (Version: 4.2.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{984fc5fa-e6ab-4cfa-880b-81b5db4f8b4b}) (Version: 4.2.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{359B9A9D-A289-4962-BCE2-13EBFD50D532}) (Version: 1.5.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{fd65673f-f2c8-4ec3-9673-9e423bf854e7}) (Version: 1.5.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.46 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.7.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{20fc0fa3-6bf2-47fd-8cc7-09088f59b129}) (Version: 0.0.7.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.2.0.4 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.02.03 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.129 - ASUSTeK Computer Inc.) Hidden
Audacity 3.5.1 (HKLM\...\Audacity_is1) (Version: 3.5.1 - Audacity Team)
AURA DRAM Component (HKLM\...\{B6B3BA9B-2FA3-4B3A-9C3A-0945B89E725C}) (Version: 1.1.27 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{9983b059-3dd9-449a-80e6-bcb45c840bdf}) (Version: 1.1.27 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.54 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{5a78a7d3-44e9-4462-8796-3746f1c62cb8}) (Version: 3.07.54 - ASUSTeK Computer Inc.)
Authorizer 2.9.5d1 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.9.5d1 - Propellerhead Software AB)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
Camel Audio CamelPhat64 (HKLM-x32\...\Camel Audio CamelPhat64) (Version: 3.50.0 - Camel Audio)
Cardinal version 23.10 (HKLM\...\Cardinal_is1) (Version: 23.10 - DISTRHO)
CEWE Fotowelt (HKU\S-1-5-21-742015436-2650572314-4209869716-1002\...\CEWE Fotowelt) (Version: 8.0.2 - CEWE Stiftung u Co. KGaA)
Deelay version 1.2.1 (HKLM\...\Deelay_is1) (Version: 1.2.1 - )
DeepL (HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: 24.11.4 - DeepL SE)
Discord (HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 220.4.4126 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.983.1 - Dropbox, Inc.) Hidden
Dungeon Keeper Gold (HKLM-x32\...\1207658934_is1) (Version: 1.01_fix - GOG.com)
Dungeondraft version 1.0.4.7 (HKLM\...\Dungeondraft_is1) (Version: 1.0.4.7 - Tailwind Games, LLC)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.280.0.5793 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{c467f425-8ccb-480e-a66d-e77fad36e5b2}) (Version: 13.280.0.5793 - Electronic Arts)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.53.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{34c42fa7-d8b5-4396-b5d0-5e377ca5c3ad}) (Version: 1.1.53.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0d380ad9-daa5-4680-ada2-dc3ed9207e16}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{8ADEA716-6C06-4092-A62B-794F8BF8336A}) (Version: 1.3.51.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2023.2.0.21408 - Foxit Software Inc.)
Frohmager (HKLM\...\{4F466D32-83F0-4C9E-A032-6031825E4E80}) (Version: 1.0.0 - Ohm Force)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.77.22 - GOG.com)
iCloud Outlook (HKLM\...\{F4523358-0218-44DA-8A86-7C40FAF2262B}) (Version: 15.0.0.215 - Apple Inc.)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{afab10dc-c1d5-45c1-ad91-fe33af8ac488}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 5.2.8.173 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.8.173 - Malwarebytes)
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM-x32\...\{9d3fc73f-1cf4-412c-a1c9-d2ad28ccbd62}) (Version: 6.0.36.34214 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.85 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.85 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.035.0223.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
Native Access 3.7.0 (HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.7.0 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.14.0.0 - Native Instruments)
Native Instruments Raum (HKLM-x32\...\Native Instruments Raum) (Version: 1.3.1.34474 - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.4.5.34474 - Native Instruments)
Obsidian (HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\bd400747-f0c1-5638-a859-982036102edf) (Version: 1.5.8 - Obsidian)
Oculus (HKLM\...\Oculus) (Version: 1.97.0 - Facebook Technologies, LLC)
Ozone 11 Equalizer (HKLM\...\Ozone Equalizer) (Version: 11.0.0 - iZotope, Inc.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{55993b50-5bec-47c8-8b2b-1aecad927e48}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PDF24 Creator 11.11.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.11.0 - PDF24.org)
PDFgear 2.1.5 (HKLM\...\{7DACF63A-4EE4-4837-9AF9-C65D4509FFB4}_is1) (Version: 2.1.5 - PDFgear)
PHIL SPEISER CONTROL CENTER version 1.4.1 (HKLM\...\{D3BFF8F5-1FF2-4837-AD16-98E9D342B2EB}_is1) (Version: 1.4.1 - PHIL SPEISER)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PlayStation Plus (HKLM-x32\...\{0D20157F-6A90-41DD-85BD-5746E0CC2EE7}) (Version: 12.3.0 - Sony Interactive Entertainment Inc.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Realm Works 1.0.1097.257 (HKLM-x32\...\{D0B6D037-9DBE-4E1A-A17B-AAE0CA2C281C}_is1) (Version: 1.0.1097.257 - Lone Wolf Development, Inc.)
Reason 10 10.4.0d4 (HKLM\...\Reason10.0Stable_64_is1) (Version: 10.4.0d4 - Propellerhead Software AB)
Reason 12 12.7.1d91 (HKLM\...\Reason12.0Stable_64_is1) (Version: 12.7.1d91 - Reason Studios AB)
Reason Companion 2.0.8 (HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\42377de7-4d6d-5c8f-9435-1cb2a14e2275) (Version: 2.0.8 - Reason Studios)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.4.26.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
RyzenMasterSDK (HKLM\...\{8C8AEA2F-7AC4-4A41-B79B-B1B82C08F947}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
STAR WARS Jedi - Survivor™ (HKLM-x32\...\{B9CBE70C-C93E-467A-B112-D126650B08A5}) (Version: 1.0.0.10 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 83.0.0 (HKLM\...\SteelSeries GG) (Version: 83.0.0 - SteelSeries ApS)
Synology Active Backup for Business Agent (HKLM-x32\...\{CB9F3CBB-569C-41E6-AFD8-81A16DB384C2}) (Version: 2.7.3235 - Synology Inc.)
Synology Drive Client (remove only) (HKLM\...\Synology Drive) (Version: 7.5.1.16102 - Synology, Inc.)
Synology Image Assistant 1.0.1-54 (HKLM\...\70f7506f-6740-5e7b-8650-5d68a656aca9) (Version: 1.0.1-54 - Synology Inc.)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.7 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{9a732423-e2f4-47d0-87ab-ef745c7dba69}) (Version: 1.0.0.7 - PD) Hidden
ValhallaFreqEcho version 1.2.0 (HKLM-x32\...\{701F5756-0DA6-43F1-B7EB-64656A02BCD7}_is1) (Version: 1.2.0 - Valhalla DSP, LLC)
ValhallaSpaceModulator version 1.1.6v3 (HKLM-x32\...\{424F3232-965A-4D12-BDD0-EF33B67D82E8}_is1) (Version: 1.1.6v3 - Valhalla DSP, LLC)
ValhallaSupermassive version 3.0.0b3 (HKLM-x32\...\{7715A01A-CD56-4A37-A2A5-F8EBE814BEB6}_is1) (Version: 3.0.0b3 - Valhalla DSP, LLC)
VGA (HKLM-x32\...\{0f87ebb7-aabb-43e5-9c5d-28744f517468}) (Version: 3.01.05 - ASUSTek Computer Inc.)
Vinyl (HKLM\...\Vinyl) (Version: 1.12.1 - iZotope, Inc.)
Virtual Desktop Service (HKLM\...\{7286073E-7D28-450D-8A9F-32C034059BDC}) (Version: 1.18.50 - Virtual Desktop, Inc.)
Virtual Desktop Streamer (HKLM\...\{D3F6B04A-6112-44FD-A7BE-1B8192486E83}) (Version: 1.33.3 - Virtual Desktop, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.48.0.0 - Voicemod, Inc., Sucursal en España)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.2063 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{4254C1AD-B9B0-4020-A4B1-D8B61D12142A}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Yahoo Mail (HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\98e1b303d9c64ce00aa1696306383778) (Version: 1.0 - Yahoo Mail)
Zoom (HKU\S-1-5-21-742015436-2650572314-4209869716-1002\...\ZoomUMX) (Version: 5.17.11 (34827) - Zoom Video Communications, Inc.)

Packages:
=========
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2025-03-27] (Dropbox Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-742015436-2650572314-4209869716-1002_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-742015436-2650572314-4209869716-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Nutzer2\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.19202\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-742015436-2650572314-4209869716-1002_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Nutzer2\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\23\x64\ContextMenu.dll (Synology Inc. -> )
CustomCLSID: HKU\S-1-5-21-742015436-2650572314-4209869716-1002_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-742015436-2650572314-4209869716-1002_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Nutzer2\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\23\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-742015436-2650572314-4209869716-1002_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Nutzer2\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\23\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-742015436-2650572314-4209869716-1002_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Nutzer2\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\23\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-742015436-2650572314-4209869716-1002_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Nutzer2\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\23\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-742015436-2650572314-4209869716-1002_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Nutzer2\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\23\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-12-14] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-12-14] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-742015436-2650572314-4209869716-1002: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} =>  -> Keine Datei
ContextMenuHandlers6_S-1-5-21-742015436-2650572314-4209869716-1002: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} =>  -> Keine Datei

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2024-04-24 17:21 - 2023-02-09 20:02 - 001160704 _____ () [Datei ist nicht signiert] [Datei wird verwendet] D:\Programme\Voicemod Desktop\CefSharp.BrowserSubprocess.Core.dll
2024-04-24 17:21 - 2023-02-09 20:02 - 001804288 _____ () [Datei ist nicht signiert] [Datei wird verwendet] D:\Programme\Voicemod Desktop\CefSharp.Core.Runtime.dll
2025-01-08 20:48 - 2024-07-03 15:49 - 000346112 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\@img\sharp-win32-ia32\lib\sharp-win32-ia32.node
2024-07-07 16:59 - 2024-08-13 14:58 - 000449536 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2024-04-24 17:21 - 2023-02-09 10:27 - 195932672 _____ () [Datei ist nicht signiert] D:\Programme\Voicemod Desktop\libcef.dll
2024-04-24 17:21 - 2023-02-09 08:01 - 000468992 _____ () [Datei ist nicht signiert] D:\Programme\Voicemod Desktop\libegl.dll
2024-04-24 17:21 - 2023-02-09 07:58 - 007437312 _____ () [Datei ist nicht signiert] D:\Programme\Voicemod Desktop\libglesv2.dll
2024-04-24 17:21 - 2023-02-09 07:50 - 005020160 _____ () [Datei ist nicht signiert] D:\Programme\Voicemod Desktop\vk_swiftshader.dll
2024-04-24 17:21 - 2023-02-09 07:50 - 000911360 _____ () [Datei ist nicht signiert] D:\Programme\Voicemod Desktop\vulkan-1.dll
2025-02-10 01:14 - 2025-02-10 01:14 - 000580096 _____ (Hystax) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\vsstracker_x64.dll
2024-04-24 17:21 - 2023-02-09 08:29 - 001428992 _____ (The Chromium Authors) [Datei ist nicht signiert] D:\Programme\Voicemod Desktop\chrome_elf.dll
2025-02-10 01:14 - 2025-02-10 01:14 - 004113408 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\libcrypto-1_1-x64.dll
2025-02-10 01:14 - 2025-02-10 01:14 - 001203712 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\libssl-1_1-x64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============


==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 10:14 - 2024-03-11 08:39 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> D:\Oculus\Support\oculus-runtime;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-742015436-2650572314-4209869716-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzer2\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\17072384967955085470\133872046274878330.jpg
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzer1\Downloads\vladimir-manyukhin-dark-ages.jpg
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\DesktopSpotlight\Assets\Images\image_1.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

Network Binding:
=============
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Intel(R) Ethernet Controller I225-V -> e2fn.sys
Ethernet 2: Realtek USB GbE Family Controller -> rtucx22x64.sys
WLAN: RZ608 Wi-Fi 6E 80MHz -> mtkwl6ex.sys

vms_vsf: Erweiterungsfilter für virtuellen Hyper-V-Switch
ms_l1vhlwf: Geschachtelte Netzwerkvirtualisierung
vms_vsp: Extension-Protokoll für virtuellen Hyper-V-Switch

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "FWS_FlawlessWidescreen"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk"
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_78483AFC51CC79D0D8B0490D05207333"
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4331620A-A52D-456C-A6E1-BF6FC69ACE1F}] => (Allow) D:\SteamLibrary\steamapps\common\Wolfenstein.II.The.New.Colossus\NewColossus_x64vk.exe (MachineGames Sweden AB) [Datei ist nicht signiert]
FirewallRules: [{A8BA85B6-786F-4590-9918-DB0EFE3D20A3}] => (Allow) D:\SteamLibrary\steamapps\common\Wolfenstein.II.The.New.Colossus\NewColossus_x64vk.exe (MachineGames Sweden AB) [Datei ist nicht signiert]
FirewallRules: [{a41400b5-35d9-4655-912f-b444cb3449e8}] => (Allow) C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Streamer.exe (Virtual Desktop, Inc -> Virtual Desktop, Inc.)
FirewallRules: [{C7FE6D45-4361-49CA-B89A-6BCE7EA3CC4C}] => (Allow) D:\SteamLibrary\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe () [Datei ist nicht signiert]
FirewallRules: [{CD5C4BEB-47B0-4C35-8E81-B29E3D1E766F}] => (Allow) D:\SteamLibrary\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe () [Datei ist nicht signiert]
FirewallRules: [{8B3F08A4-BA0E-4D6B-BE40-CADE64285293}] => (Allow) D:\SteamLibrary\steamapps\common\Disco Elysium\disco.exe () [Datei ist nicht signiert]
FirewallRules: [{92294E9E-BB03-4F67-AAA0-DB8C162C094B}] => (Allow) D:\SteamLibrary\steamapps\common\Disco Elysium\disco.exe () [Datei ist nicht signiert]
FirewallRules: [{04600366-F009-4958-B29E-9EB0EF1B1A83}] => (Allow) D:\SteamLibrary\steamapps\common\Frostpunk2\Frostpunk2.exe (11 BIT STUDIOS S A -> Epic Games, Inc.)
FirewallRules: [{17FD3685-7DDF-4C14-929B-7661DADF3C7C}] => (Allow) D:\SteamLibrary\steamapps\common\Frostpunk2\Frostpunk2.exe (11 BIT STUDIOS S A -> Epic Games, Inc.)
FirewallRules: [{BA35E755-618F-4C1C-BE70-0DC046DCED4C}] => (Allow) D:\SteamLibrary\steamapps\common\Dungeons 4\d4.exe () [Datei ist nicht signiert]
FirewallRules: [{D44CCB35-3817-4A6D-AC8D-B74DC4842614}] => (Allow) D:\SteamLibrary\steamapps\common\Dungeons 4\d4.exe () [Datei ist nicht signiert]
FirewallRules: [{A7CFE3CE-6580-4705-8BA1-29A2E9737351}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{01CBFB24-71DE-4320-ADDC-207DF51ED617}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6D92237B-9AD2-466F-96C7-50088AE56843}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{CBCF0A08-AA80-416D-A027-068B91872BE2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B72C75F8-66A4-43DA-A4E7-E52A42A796DC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C02A47C2-C631-46DF-A26D-5715CF3B51D5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C7BE265A-BD50-434E-A96D-B25B44BBA671}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{EF607CC1-2815-4DE4-B648-2E203BD4B9C6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2D21C81E-41A4-4449-86A6-58927390BF02}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{DAA352CA-58A5-42B5-A85E-9EA8F66146C0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{13478538-BF81-4BAB-8D70-E67399EC5948}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{FED96510-4889-4B44-8228-5BDC49C548A6}D:\alienisolation\ai.exe] => (Allow) D:\alienisolation\ai.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{74795898-40C8-4CD6-9973-949A0EB0AB47}D:\alienisolation\ai.exe] => (Allow) D:\alienisolation\ai.exe () [Datei ist nicht signiert]
FirewallRules: [{B8FA5666-46A3-4F03-9C19-F9F2DA449D6B}] => (Allow) D:\SteamLibrary\steamapps\common\Alien Isolation\AI.exe () [Datei ist nicht signiert]
FirewallRules: [{E861B6A0-9A9F-4B4B-ADA1-F480F4F22715}] => (Allow) D:\SteamLibrary\steamapps\common\Alien Isolation\AI.exe () [Datei ist nicht signiert]
FirewallRules: [{220FB472-D160-4BFA-A518-7B796C60240E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1103.3051.6995_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9579530-B8CA-4FF9-9136-FD967CFFAC23}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1103.3051.6995_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EAA37A96-0A64-49A3-B059-3A2E639247A9}] => (Allow) D:\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe () [Datei ist nicht signiert]
FirewallRules: [{BA220061-7B66-45B4-8CE8-25EF9A6DD915}] => (Allow) D:\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe () [Datei ist nicht signiert]
FirewallRules: [{91D8A006-B20C-470A-9BEB-F1BF266ECCD6}] => (Allow) D:\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe () [Datei ist nicht signiert]
FirewallRules: [{68C5CCB2-0249-4D95-841C-D63BED1644BD}] => (Allow) D:\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe () [Datei ist nicht signiert]
FirewallRules: [{086B4ED1-3884-47AB-ABA9-67F33B778D4F}] => (Allow) D:\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe () [Datei ist nicht signiert]
FirewallRules: [{85EB039A-E38B-466D-B5A8-EA5A9444CD8E}] => (Allow) D:\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe () [Datei ist nicht signiert]
FirewallRules: [{A8B9E6E1-647C-4BC5-838C-884528F10155}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{11BE6B7E-5D8B-4C1F-AB7B-FB2D85CDB5D2}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{341DACB5-8BBD-4C89-8141-0780893279B1}] => (Allow) D:\SteamLibrary\steamapps\common\Dagon\Dagon.exe () [Datei ist nicht signiert]
FirewallRules: [{8ED52E14-6BD1-45DE-B6F4-3055CCFBF68F}] => (Allow) D:\SteamLibrary\steamapps\common\Dagon\Dagon.exe () [Datei ist nicht signiert]
FirewallRules: [{AC3E2EAC-B387-4F61-81C4-F741EC4AABB7}] => (Allow) D:\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{4F0C3E43-FE87-4743-92FC-37DCC73D1864}] => (Allow) D:\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{989BF71A-FBDB-4E60-80CD-33B70FFB0251}] => (Allow) D:\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Meta Platforms, Inc. -> )
FirewallRules: [{B864AC7C-E140-45EE-8584-1533D24355E2}] => (Allow) D:\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Meta Platforms, Inc. -> )
FirewallRules: [{FA632EF5-D532-44E4-897F-93422EFB32BB}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Meta Platforms, Inc. -> Facebook Technologies, LLC)
FirewallRules: [{D9809159-0BF0-48F9-B846-2336CB9805F8}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Meta Platforms, Inc. -> Facebook Technologies, LLC)
FirewallRules: [{CF5C0C95-B8F1-4405-8007-04D528BCF4D1}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRRedir.exe (Meta Platforms, Inc. -> Facebook Technologies, LLC)
FirewallRules: [{91FC8369-DC58-4C49-991F-71892EE0AFA1}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRRedir.exe (Meta Platforms, Inc. -> Facebook Technologies, LLC)
FirewallRules: [{C7BFB4D7-6434-4F58-81F6-B511856487AA}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Meta Platforms, Inc. -> Facebook Technologies, LLC)
FirewallRules: [{FC06DC4E-932D-4FCF-8F6A-04D6712EB66C}] => (Allow) D:\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Meta Platforms, Inc. -> Facebook Technologies, LLC)
FirewallRules: [{E2BAEA5A-C8D1-4FCA-B8ED-FD9763DD80E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve Corp. -> )
FirewallRules: [{73CFF343-3D59-4DC6-A1A0-74B492449E1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve Corp. -> )
FirewallRules: [{B84AA461-B40E-4058-943C-571025FEF8BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve Corp. -> )
FirewallRules: [{4E316950-C84A-4930-B3E4-1E92FF3F6EE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve Corp. -> )
FirewallRules: [{71689959-A14B-4277-8DDE-C3E594FA629B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win64\vrserver.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{04696DCF-EA97-4E58-9D97-5AF114F6FC0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win64\vrserver.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E9358457-9944-47BA-9CAD-9D5CA3507F41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2E9213E6-E800-4A00-B993-04E79D98A575}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{047EDB8B-6BEC-4FA0-9FBE-33E5D67BDA8E}] => (Allow) D:\SteamLibrary\steamapps\common\X4 Foundations\X4.exe (Egosoft GmbH -> EGOSOFT GmbH)
FirewallRules: [{DCDECE92-5A88-4634-84E2-9B8D122F4918}] => (Allow) D:\SteamLibrary\steamapps\common\X4 Foundations\X4.exe (Egosoft GmbH -> EGOSOFT GmbH)
FirewallRules: [{935F6AC9-4168-4544-9405-07D8ECA2C3CB}] => (Allow) D:\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{CF72AC6F-C169-4352-93EA-0FBA3B574BB0}] => (Allow) D:\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{1051FFB9-E8FB-4693-BC0F-2F5A6F4795A5}] => (Allow) D:\Programme\Voicemod Desktop\VoicemodDesktop.exe (VOICEMOD, INC. SUCURSAL EN ESPAÑA -> Voicemod)
FirewallRules: [{EBC5798E-B139-42A2-AB25-A7E7CFCBD3F6}] => (Allow) D:\Programme\Voicemod Desktop\VoicemodDesktop.exe (VOICEMOD, INC. SUCURSAL EN ESPAÑA -> Voicemod)
FirewallRules: [UDP Query User{9B67257F-8CAD-488D-9709-F865A0578222}C:\users\Nutzer2\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\Nutzer2\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{CA808EC2-486B-4B66-9064-2C33DA0F15A3}C:\users\Nutzer2\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\Nutzer2\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F65C50BE-FE75-4073-89F1-1E9232296041}] => (Allow) D:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{5A4D9BBA-EEFE-47D5-8446-176A66F7BB2C}] => (Allow) D:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{B19871BB-58F2-4083-9086-2C0342976DFD}] => (Allow) C:\Program Files (x86)\Realm Works\RealmWorks.exe (Lone Wolf Development, Inc -> LWD Technology, Inc.)
FirewallRules: [{8E856002-5272-48A0-88E3-4E67A90A860B}] => (Allow) C:\Program Files (x86)\Realm Works\RealmWorks.exe (Lone Wolf Development, Inc -> LWD Technology, Inc.)
FirewallRules: [{3BE1B668-67BE-4C5B-9238-10648F5DB525}] => (Allow) C:\Program Files\EA Games\Jedi Survivor\SwGame\Binaries\Win64\JediSurvivor.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{353790EF-7F37-4D58-865F-D40B7519B71C}] => (Allow) C:\Program Files\EA Games\Jedi Survivor\SwGame\Binaries\Win64\JediSurvivor.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{B5EF4A57-1148-4D07-B476-F5AFE759FF71}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D41A9033-4FCB-4D68-9B94-B9B83C8EAA46}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{78ACB773-A683-4AD6-A651-D3AC890D549B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{623C8FD3-22C9-4D16-A3D5-8C17F280F3F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{A82BDDBF-1465-447B-952F-DBCDF9366803}C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe] => (Allow) C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [TCP Query User{CCD7B5BA-078B-41C4-B275-1B9EB949DAA2}C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe] => (Allow) C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [UDP Query User{6415D98D-8D7F-4963-BE87-D8C176394FFF}C:\program files (x86)\asus\armourydevice\asus_framework.exe] => (Allow) C:\program files (x86)\asus\armourydevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [TCP Query User{DDE1AF8E-7171-49B7-9521-A82C83D30768}C:\program files (x86)\asus\armourydevice\asus_framework.exe] => (Allow) C:\program files (x86)\asus\armourydevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{59459925-EAF5-4848-8831-E85313C8F5DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{6D518D74-6A61-47A8-81F6-030CAD55D12F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{A731CDFE-5929-4344-941C-8DB53A69A43B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{6B628DD0-0B83-4D08-86D4-E295A4B838CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{38C018D6-9AC1-4FD5-B764-FB8CE730CEC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{299A87D3-FBA1-4CAB-BF3D-AB32FA45A439}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{21A592C0-8A2A-434C-8985-D2F5F37DA00D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{87C90D77-153D-400E-9EE2-E654209BD2F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{C52E41DB-F471-4314-9818-79A3A9BDD1C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{9A500812-27AF-4F28-A69B-BEAF7F335487}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{15621EFF-18CD-4672-9157-956D7846D49A}] => (Allow) D:\Program Files (x86)\PlayStationPlus\pspluslauncher.exe (Sony Interactive Entertainment LLC -> Sony Interactive Entertainment LLC)
FirewallRules: [{DC3705FE-737A-4979-85D4-8DDFDCDD6170}] => (Allow) C:\Users\Admin\AppData\Local\Gaikai\CrashReports\dumpupload.exe (Sony Interactive Entertainment LLC -> )
FirewallRules: [{923338F1-C744-49B8-9254-53B09C411251}] => (Allow) D:\Program Files (x86)\PlayStationPlus\unidater.exe (Sony Interactive Entertainment LLC -> Sony Interactive Entertainment)
FirewallRules: [TCP Query User{43FAAE2A-AB0B-4DF9-BB84-33194EDC6B05}D:\program files (x86)\playstationplus\agl\agl.exe] => (Allow) D:\program files (x86)\playstationplus\agl\agl.exe (Sony Interactive Entertainment LLC -> "Eric Poulsen")
FirewallRules: [UDP Query User{4F002AC3-F29C-402D-81FB-97DA12ED311D}D:\program files (x86)\playstationplus\agl\agl.exe] => (Allow) D:\program files (x86)\playstationplus\agl\agl.exe (Sony Interactive Entertainment LLC -> "Eric Poulsen")
FirewallRules: [{42424AA7-EE46-4CB5-9FA7-E16D387CA11C}] => (Allow) C:\Users\Nutzer1\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{A6480127-9EC5-4EE1-8829-27DB17FF52EB}] => (Allow) C:\Users\Nutzer1\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{27D35818-0355-4B27-A0F0-C71C354B06E8}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{7227FB6B-D343-4C66-B632-686BBB794FED}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{1C8FD6AB-8F84-412E-80C4-F0F3457196F1}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{4834D973-36CB-4D42-8228-3CE099678861}] => (Allow) D:\program files\asus\aacambienthal\aacambientlighting.exe => Keine Datei
FirewallRules: [{B5C2E0C9-3219-4B13-A3F4-A13AB9E74ACE}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{9179F578-8A00-40BB-8E9D-4E01454C81CD}] => (Allow) D:\SteamLibrary\steamapps\common\Sekiro\sekiro.exe (Activision Publishing Inc -> FromSoftware, Inc.)
FirewallRules: [{46CC5C16-F1F3-44FA-920D-08DFA4493C5F}] => (Allow) D:\SteamLibrary\steamapps\common\Sekiro\sekiro.exe (Activision Publishing Inc -> FromSoftware, Inc.)
FirewallRules: [{0D39F20A-C44E-4BC0-AFF3-AE4D38D705EB}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2579C93B-7C46-4049-8601-1737E4D52C8B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27E52896-B6E0-4181-AD19-4EFF2F1C8BD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3E26993E-A572-4D11-B338-3866055D1168}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2ED5985E-D901-4D7B-8387-23621AC02461}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{10EDA578-4B57-4955-9E0D-3CBF21E2F964}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ABDFCD05-4445-4819-B4C0-B4C5BA5BE697}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{65A56A65-5231-4794-A607-D0BD52BB7BC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8A5DC5E2-01AC-46B4-A88D-4825E436110E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{85D15800-25BD-472B-BD9D-AF382DB96F10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4671CA5B-2A63-487A-8A00-0A2EB8BC9A82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{08F34F03-DFE2-451B-BF75-CA9DF0C881CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DECBB231-F7C3-4EBF-8159-48677690B358}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{029DE15D-0F17-44FB-96C5-8A3609593C55}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5E2D65E-5738-42DF-A70F-2818DE43FEFC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2ED0D9A3-3997-490C-9F56-80AB577E0671}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC195791-A490-4219-8DC7-22575D25871D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{7F5E76EA-2E83-47D7-B8D8-5B66C88E264A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{4478F101-BDED-43DB-A7D4-ECE2B40987F5}C:\users\Nutzer1\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\Nutzer1\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [UDP Query User{4158AEEE-17E8-48EA-8299-BD0468C24FE6}C:\users\Nutzer1\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\Nutzer1\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [TCP Query User{6B375458-9603-4AB9-BAC6-0A677CD346F2}C:\users\Nutzer1\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\Nutzer1\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [UDP Query User{3FA3A7E1-5A34-4AF3-B388-BEEC7990CA0E}C:\users\Nutzer1\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\Nutzer1\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [{542CF553-5642-474E-8E39-98745A90E2D8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{751A1DEE-432D-4695-A062-46569F7381B5}C:\users\Nutzer2\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Block) C:\users\Nutzer2\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [UDP Query User{FE68A155-0817-4B11-8A05-2E39C8EFB0B3}C:\users\Nutzer2\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Block) C:\users\Nutzer2\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.)

==================== Wiederherstellungspunkte =========================

25-03-2025 21:44:28 Windows Update
25-03-2025 21:44:41 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Virtual Desktop Monitor
Description: Virtual Desktop Monitor
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Virtual Desktop, Inc.
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (03/27/2025 05:01:24 PM) (Source: Application Error) (EventID: 1000) (User: Users-COMPUTE)
Description: Fehlerhafter Anwendungsname: GalaxyClient Helper.exe, Version: 2.0.77.22, Zeitstempel: 0x66cc3b2e
Fehlerhafter Modulname: ucrtbase.dll, Version: 10.0.26100.3037, Zeitstempel: 0xeb1445d0
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002da51
Fehlerhafte Prozess-ID: 0x25cc
Fehlerhafte Anwendungsstartzeit: 0x1db9f317da0d156
Fehlerhafter Anwendungspfad: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
Fehlerhafter Modulpfad: C:\WINDOWS\System32\ucrtbase.dll
Berichts-ID: 5c033162-407d-490c-a0d0-cbb8751383b6
Vollständiger Name des fehlerhaften Pakets: 
Fehlerhafte paketbezogene Anwendungs-ID:

Error: (03/27/2025 05:01:21 PM) (Source: Application Error) (EventID: 1000) (User: Users-COMPUTE)
Description: Fehlerhafter Anwendungsname: GalaxyClient Helper.exe, Version: 2.0.77.22, Zeitstempel: 0x66cc3b2e
Fehlerhafter Modulname: ucrtbase.dll, Version: 10.0.26100.3037, Zeitstempel: 0xeb1445d0
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002da51
Fehlerhafte Prozess-ID: 0x3e54
Fehlerhafte Anwendungsstartzeit: 0x1db9f317bd8da65
Fehlerhafter Anwendungspfad: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
Fehlerhafter Modulpfad: C:\WINDOWS\System32\ucrtbase.dll
Berichts-ID: b9b55ce9-f3f6-4d7a-a59e-cf2cbad911fe
Vollständiger Name des fehlerhaften Pakets: 
Fehlerhafte paketbezogene Anwendungs-ID:

Error: (03/27/2025 05:01:21 PM) (Source: Application Error) (EventID: 1000) (User: Users-COMPUTE)
Description: Fehlerhafter Anwendungsname: GalaxyClient Helper.exe, Version: 2.0.77.22, Zeitstempel: 0x66cc3b2e
Fehlerhafter Modulname: ucrtbase.dll, Version: 10.0.26100.3037, Zeitstempel: 0xeb1445d0
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002da51
Fehlerhafte Prozess-ID: 0x8020
Fehlerhafte Anwendungsstartzeit: 0x1db9f317bd59b8b
Fehlerhafter Anwendungspfad: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
Fehlerhafter Modulpfad: C:\WINDOWS\System32\ucrtbase.dll
Berichts-ID: 3672f570-5e30-4ab0-9d86-257f3b9b21be
Vollständiger Name des fehlerhaften Pakets: 
Fehlerhafte paketbezogene Anwendungs-ID:

Error: (03/27/2025 05:01:18 PM) (Source: Application Error) (EventID: 1000) (User: Users-COMPUTE)
Description: Fehlerhafter Anwendungsname: GalaxyClient Helper.exe, Version: 2.0.77.22, Zeitstempel: 0x66cc3b2e
Fehlerhafter Modulname: ucrtbase.dll, Version: 10.0.26100.3037, Zeitstempel: 0xeb1445d0
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002da51
Fehlerhafte Prozess-ID: 0x7a14
Fehlerhafte Anwendungsstartzeit: 0x1db9f317a0d4d4f
Fehlerhafter Anwendungspfad: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
Fehlerhafter Modulpfad: C:\WINDOWS\System32\ucrtbase.dll
Berichts-ID: fcdcd77d-1da6-4393-8b9a-2ad3e52928d3
Vollständiger Name des fehlerhaften Pakets: 
Fehlerhafte paketbezogene Anwendungs-ID:

Error: (03/27/2025 05:01:16 PM) (Source: Application Error) (EventID: 1000) (User: Users-COMPUTE)
Description: Fehlerhafter Anwendungsname: GalaxyClient Helper.exe, Version: 2.0.77.22, Zeitstempel: 0x66cc3b2e
Fehlerhafter Modulname: ucrtbase.dll, Version: 10.0.26100.3037, Zeitstempel: 0xeb1445d0
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002da51
Fehlerhafte Prozess-ID: 0x83b4
Fehlerhafte Anwendungsstartzeit: 0x1db9f317898b2b6
Fehlerhafter Anwendungspfad: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
Fehlerhafter Modulpfad: C:\WINDOWS\System32\ucrtbase.dll
Berichts-ID: 0801aa47-6f1f-4178-a509-2f528779ccd2
Vollständiger Name des fehlerhaften Pakets: 
Fehlerhafte paketbezogene Anwendungs-ID:

Error: (03/27/2025 05:01:13 PM) (Source: Application Error) (EventID: 1000) (User: Users-COMPUTE)
Description: Fehlerhafter Anwendungsname: GalaxyClient Helper.exe, Version: 2.0.77.22, Zeitstempel: 0x66cc3b2e
Fehlerhafter Modulname: ucrtbase.dll, Version: 10.0.26100.3037, Zeitstempel: 0xeb1445d0
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002da51
Fehlerhafte Prozess-ID: 0x3ca4
Fehlerhafte Anwendungsstartzeit: 0x1db9f3176d99037
Fehlerhafter Anwendungspfad: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
Fehlerhafter Modulpfad: C:\WINDOWS\System32\ucrtbase.dll
Berichts-ID: cb92b82b-b003-4ade-aa96-81268fa74c69
Vollständiger Name des fehlerhaften Pakets: 
Fehlerhafte paketbezogene Anwendungs-ID:

Error: (03/27/2025 05:01:09 PM) (Source: Application Error) (EventID: 1000) (User: Users-COMPUTE)
Description: Fehlerhafter Anwendungsname: GalaxyClient Helper.exe, Version: 2.0.77.22, Zeitstempel: 0x66cc3b2e
Fehlerhafter Modulname: ucrtbase.dll, Version: 10.0.26100.3037, Zeitstempel: 0xeb1445d0
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0002da51
Fehlerhafte Prozess-ID: 0x801c
Fehlerhafte Anwendungsstartzeit: 0x1db9f31749d4966
Fehlerhafter Anwendungspfad: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
Fehlerhafter Modulpfad: C:\WINDOWS\System32\ucrtbase.dll
Berichts-ID: e3944aaa-62b6-471b-b628-ad5b1ccc37b8
Vollständiger Name des fehlerhaften Pakets: 
Fehlerhafte paketbezogene Anwendungs-ID:

Error: (03/27/2025 05:00:53 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0


Systemfehler:
=============
Error: (03/27/2025 05:05:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: 9P2VP41KK7LF-Microsoft.WindowsAppRuntime.1.6

Error: (03/27/2025 05:04:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80248007 fehlgeschlagen: 9NZM7B1BB5TR-Microsoft.NET.Native.Framework.1.7

Error: (03/27/2025 05:04:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80248007 fehlgeschlagen: 9MTW6RN84LVM-Microsoft.NET.Native.Runtime.1.7

Error: (03/27/2025 05:04:23 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Beim Update für den sicheren Start konnte eine Variable für den sicheren Start nicht aktualisiert werden. Fehler: (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.). Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931

Error: (03/27/2025 05:02:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ArmouryCrateService erreicht.

Error: (03/27/2025 05:02:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ArmouryCrateService erreicht.

Error: (03/27/2025 05:01:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ArmouryCrateService erreicht.

Error: (03/27/2025 05:01:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Dropbox-Update-Service (dbupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


Windows Defender:
================
Date: 2025-03-23 13:29:17
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan

Date: 2025-03-23 13:23:54
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-03-13 20:55:36
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-02-17 21:13:21
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung

Date: 2025-02-16 10:23:43
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung

CodeIntegrity:
===============
Date: 2025-03-27 17:01:02
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\220.4.4126\vulkan-1.dll that did not meet the Microsoft signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 0305 08/13/2021
Hauptplatine: ASUSTeK COMPUTER INC. ROG STRIX B550-F GAMING WIFI II
Prozessor: AMD Ryzen 5 5600X 6-Core Processor 
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 16270.75 MB
Verfügbarer physikalischer RAM: 5816.34 MB
Summe virtueller Speicher: 33678.75 MB
Verfügbarer virtueller Speicher: 12756.98 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.65 GB) (Free:266.85 GB) (Model: KINGSTON SNV2S1000G) NTFS
Drive d: (ZweiteSSD) (Fixed) (Total:931.5 GB) (Free:529.06 GB) (Model: KINGSTON SNV2S1000G) NTFS

\\?\Volume{9a2397fc-3221-46ca-9c2a-e9e2eb0fb478}\ () (Fixed) (Total:0.74 GB) (Free:0.16 GB) NTFS
\\?\Volume{e1d2f535-b398-43d9-8844-cfa213305f30}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
__________________


Alt 27.03.2025, 23:53   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Gefälschtes Windows Pop-up mit angeblicher Virus Warnung. - Standard

Gefälschtes Windows Pop-up mit angeblicher Virus Warnung.



Zitat:
Das Konto hat keine Adminrechte.
Dann gibt es da nichts weiter zu tun. Ohne Adminrechte können sich keine globalen Änderungen d.h. am System oder anderen Benutzerkonten ergeben.
Ich würde einfach das Benutzerkonto und anschließend den Profilordner der fremden Person löschen.
__________________
__________________

Alt Gestern, 16:17   #4
M-K-D-B
/// TB-Ausbilder
 
Gefälschtes Windows Pop-up mit angeblicher Virus Warnung. - Standard

Gefälschtes Windows Pop-up mit angeblicher Virus Warnung.



Entfernung der verwendeten Tools
Führe KpRm gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.





Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob du mit uns und unserer Hilfe zufrieden warst...
Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.





Zum Schluss bitte unbedingt die Sicherheitsmaßnahmen lesen und umsetzen:



Hinweis:
Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Alt Gestern, 16:18   #5
M-K-D-B
/// TB-Ausbilder
 
Gefälschtes Windows Pop-up mit angeblicher Virus Warnung. - Standard

Gefälschtes Windows Pop-up mit angeblicher Virus Warnung.



Wir sind froh, dass wir helfen konnten

Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.


Thema geschlossen

Themen zu Gefälschtes Windows Pop-up mit angeblicher Virus Warnung.
angeblich, anschluss, antivirus, benutzerkonto, defender, frage, gelöscht, getarnt, herzlichen, interne, internetverbindung, microsoft, microsoft edge, neustart, pop-up fenster, pop-up nachricht, pop-ups, programme, rechts, software, unbekannte, verbindung, verlauf, virus, warnung, webseite, windows, zugriff




Ähnliche Themen: Gefälschtes Windows Pop-up mit angeblicher Virus Warnung.


  1. Aktuelle Phishing-Masche: Terminwunsch für Telefonat mit angeblicher Sparkasse
    Nachrichten - 19.09.2024 (0)
  2. Fake Windows Defender Pop-Up mit Audio - Windows wurde aus Sicherheitgründen gesperrt.
    Log-Analyse und Auswertung - 03.03.2023 (14)
  3. Windows 10: Automatisierte Sprachmitteilung mit angeblicher "Windows"-Aufforderung zum Anrufen
    Plagegeister aller Art und deren Bekämpfung - 06.06.2017 (11)
  4. Perfides PayPal-Phishing mit angeblicher Eventim-Rechnung
    Nachrichten - 19.04.2016 (0)
  5. Probleme im Unternehmen mit angeblicher E-Mail Adresse
    Plagegeister aller Art und deren Bekämpfung - 01.02.2016 (5)
  6. Pop-up Warnung, hat schon jemand Erfahrung mit a.karmalink.info
    Log-Analyse und Auswertung - 10.12.2015 (4)
  7. Windows 7 Virus help4u, lästige Pop-Ups, Weiterleitungen
    Plagegeister aller Art und deren Bekämpfung - 21.04.2015 (16)
  8. Windows 7: Angeblicher Anzeigetreiber-Fehler wird in der Windows-Problembehandlung angezeigt
    Log-Analyse und Auswertung - 25.07.2014 (12)
  9. Windows 7 ständig Pop-ups mit wernung und Systemfehlerhinweisen sowie Update-Aufforderungen zu Reparatur von Windows
    Log-Analyse und Auswertung - 14.07.2014 (29)
  10. Entfernen Rvzr-a.akamaihd.net wegen Pop ups und grüne doppelbalken mit pop up beim scrollen
    Log-Analyse und Auswertung - 02.04.2014 (15)
  11. Telefonabzocke mit angeblicher Virenreinigung
    Nachrichten - 13.02.2013 (0)
  12. GVU Trojaner mit angeblicher Webcam Überwachung
    Plagegeister aller Art und deren Bekämpfung - 11.02.2013 (29)
  13. explorer.exe mit Antivir gefunden; Icon auf Desktop mit Windows-Firewall-Optik; OK-Pop-ups in Englisch
    Log-Analyse und Auswertung - 27.12.2012 (12)
  14. Nach (angeblicher) Beseitigung von cycbot.b Probleme mit dem Internet
    Plagegeister aller Art und deren Bekämpfung - 29.01.2011 (22)
  15. angeblicher Virus?
    Plagegeister aller Art und deren Bekämpfung - 24.08.2010 (17)
  16. Antivir meldet Virus trotz angeblicher ENtfernung durch Malware Bytes
    Log-Analyse und Auswertung - 12.07.2010 (1)
  17. BSI distanziert sich von angeblicher Viren-Warnung per E-Mail
    Nachrichten - 04.08.2009 (0)

Zum Thema Gefälschtes Windows Pop-up mit angeblicher Virus Warnung. - Hallo liebe community, Kürzlich für eine Person aus meinem Haushalt mit seinem Benutzerkonto an meinem PC. Das Konto hat keine Adminrechte. Sie hat in Microsoft Edge eine unbekannte Webseite (Bing - Gefälschtes Windows Pop-up mit angeblicher Virus Warnung....
Archiv
Du betrachtest: Gefälschtes Windows Pop-up mit angeblicher Virus Warnung. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.