| |
| |||||||
Log-Analyse und Auswertung: Windows 10: Umleitung bei Suche im EdgeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
Gestern, 08:30
| #1 |
 |  Windows 10: Umleitung bei Suche im Edge Hallo zusammen, als ich heute in Edge etwas suchen wollte, bin ich ungewollt auf eine unbekannte Suchmaschine umgeleitet worden. Scheinbar habe ich mir etwas eingefangen, aber ich weiß nicht, wobei. Falls Ihr Euch das anschauen könntet, wäre ich sehr dankbar! Viele Grüße Daniel P.S.: Beitrag ist zu lang, die Addition.txt poste ich, wenn der Beitrag gesehen wurde. Hier die FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
durchgeführt von danie (Administrator) auf DANIEL-G-ASUS (ASUS System Product Name) (21-04-2025 09:10:39)
Gestartet von C:\Users\danie\Desktop\FRST64.exe
Geladene Profile: danie & UIFlowService
Plattform: Microsoft Windows 10 Pro for Workstations Version 22H2 19045.5737 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe ->) (GN Audio A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct6\SoftphoneIntegrations.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\106.0.4.0\crashpad_handler.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\msedgewebview2.exe <13>
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AI\ai.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cmd.exe ->) (Agilebits -> AgileBits, Inc.) C:\Users\danie\AppData\Local\1Password\app\8\1Password-BrowserSupport.exe
(cmd.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Power Automate Desktop\PAD.BrowserNativeMessageHost.exe
(explorer.exe ->) () [Datei ist nicht signiert] D:\xampp\xampp-control.exe
(explorer.exe ->) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.NE.exe
(explorer.exe ->) (Agilebits -> 1Password) C:\Users\danie\AppData\Local\1Password\app\8\1Password.exe <5>
(explorer.exe ->) (Compu Köln Dokument Management GmbH -> CompuKöln Dokument Management GmbH) C:\Program Files\CompuKöln Dokument Management GmbH\CompuSME\CompuDMS.exe <2>
(explorer.exe ->) (GN Audio A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC.) C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (IDRIX SARL -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE <2>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Power Automate Desktop\PAD.Console.Host.exe
(Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Learnpulse SAS -> Learnpulse) C:\Users\danie\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <18>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.056.0324.0003\Microsoft.SharePoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(Microsoft Corporation -> Microsoft) C:\Users\danie\AppData\Local\Microsoft\On-premises data gateway (personal mode)\Microsoft.PowerBI.DataMovement.PersonalGateway.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) C:\Program Files\2BrightSparks\SyncBackPro\SchedulesMonitor.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(services.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\API Service\Lexware.Faktura.Api.HotChocolateHost.exe
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\internal API Service\Lexware.Faktura.Api.InternalApi.exe
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\WebApps Service\Lexware.Faktura.WebApps.WebAppsHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LauncherService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LogShipper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.UpdateService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\UIFlowService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (NAVIMATICS LLC -> Navimatics LLC) C:\Program Files (x86)\WinFsp\SxS\sxs.20240621T172454Z\bin\launcher-x64.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Open Text Corporation -> MailStore Software GmbH) C:\Program Files (x86)\MailStore\MailStore Server\MailStoreServer_x64.exe
(services.exe ->) (Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(services.exe ->) (WireGuard LLC -> WireGuard LLC) C:\Program Files\WireGuard\wireguard.exe <2>
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2502.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2514.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (E3B702FF-0072-4BD3-ABA0-48E25130F000 -> ) C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2\AudibleRT.WindowsPhone.exe
(svchost.exe ->) (FOXIT SOFTWARE INC. -> Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\Shell Extensions\FoxitPreviewhost.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\MicrosoftCorporationII.PowerAppsforWindows10_3.25041.4.0_x64__8wekyb3d8bbwe\PowerAppsNative.Generic.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.Todos_2.143.2921.0_x64__8wekyb3d8bbwe\Todo.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1792408 2024-10-18] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [654040 2025-04-10] (Geek Software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [868328 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [414432 2024-10-08] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Haufe.Loge.AutostartLauncher.exe] => C:\Program Files (x86)\Common Files\Lexware\Dll\Haufe.Loge.AutostartLauncher.exe [21872 2025-03-21] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" [87794984 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Keine Datei)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\Installer\setup.exe [7690824 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-04-02] (Google LLC -> Google LLC.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-04-02] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [Screenpresso] => C:\Users\danie\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [20305408 2025-03-23] (Learnpulse SAS -> Learnpulse)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [1Password] => C:\Users\danie\AppData\Local\1Password\app\8\1Password.exe [190596448 2025-04-09] (Agilebits -> 1Password)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [Zoom] => C:\Users\danie\AppData\Roaming\Zoom\bin\Zoom.exe [434488 2025-03-07] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [MicrosoftEdgeAutoLaunch_E0359248083FDB44B7852C7D3585D0D2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\danie\AppData\Local\Microsoft\Teams\Update.exe [2589552 2023-09-30] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-04-02] (Google LLC -> Google LLC.)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\Microsoft.SharePoint.exe [1031976 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [PowerAutomate] => C:\Program Files (x86)\Power Automate Desktop\PAD.Console.Host.exe [485824 2023-12-20] (Microsoft Corporation -> Microsoft)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\danie\AppData\Local\Programs\Canva\Canva.exe [186629248 2024-11-12] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe [153972472 2025-01-17] (GN Audio A/S -> GN Audio A/S)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\MountPoints2: {4b7d3868-7437-11eb-9df9-f02f74300e86} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\MountPoints2: {80bf366c-0b59-11ed-9e5a-00e04cb4db03} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-80-3017052307-2994996872-1615411526-3164924635-3391446484\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-04-02] (Google LLC -> Google LLC.)
HKU\S-1-5-80-3017052307-2994996872-1615411526-3164924635-3391446484\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-04-02] (Google LLC -> Google LLC.)
HKLM\...\Windows x64\Print Processors\hpcpp120: C:\Windows\System32\spool\prtprocs\x64\hpcpp120.DLL [342016 2012-01-27] (Hewlett-Packard Corporation) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.96\Installer\chrmstp.exe [2025-04-18] (Google LLC -> Google LLC)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2025-04-14]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\On-premises data gateway (personal mode).lnk [2024-02-15]
ShortcutTarget: On-premises data gateway (personal mode).lnk -> C:\Users\danie\AppData\Roaming\Microsoft\Installer\{B96BE8F1-D620-45B9-8735-5D79F17BBEEA}\gatewayicon.exe (Microsoft Corporation -> Microsoft)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SyncBackPro.exe - Verknüpfung.lnk [2021-02-21]
ShortcutTarget: SyncBackPro.exe - Verknüpfung.lnk -> C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-02-20]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume14autocheck autochk /m /P \Device\HarddiskVolume17autocheck autochk /m /P \Device\HarddiskVolume19autocheck autochk *
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {A9057CDE-23B4-4597-B9C7-DE67C4BF16F3} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\Daniel Cloud Backup => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Daniel Cloud Backup"
Task: {CF786753-359E-42B3-B673-0FF2CAA8A485} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\Gewerbe Cloud Backup => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Gewerbe Cloud Backup"
Task: {8738DE28-7DC1-4245-89C0-1C6FF0319E80} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\Lexware Ordner auf NAS => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Lexware Ordner auf NAS"
Task: {5175B474-173C-48C2-AEDB-9049F23AC91C} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Ausgangsrechnungen auf lokal => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Ausgangsrechnungen auf lokal"
Task: {51B00875-2096-4127-8427-AB8B6A4704B3} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Daniel auf OneDrive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Daniel auf OneDrive"
Task: {D913F9B0-8661-459A-B823-EB672C955457} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro DMS Gewerbe auf One Drive encrypted => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "DMS Gewerbe auf One Drive encrypted"
Task: {7F528239-15E1-4D0B-A9A5-E81C795A2E40} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro DMS privat auf One Drive encrypted => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "DMS privat auf One Drive encrypted"
Task: {57866004-BCF6-4900-9479-998497975EED} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro DMS Server Backup => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "DMS Server Backup"
Task: {B0494485-691C-46FC-8BEA-47CCA1F1881C} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro facebook Bilder auf One Drive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "facebook Bilder auf One Drive"
Task: {02C4AC23-2691-4EBE-8193-48E79613E157} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Fotos auf One Drive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Fotos auf One Drive"
Task: {0321FCF5-1C14-4313-B5FD-945FBC5BAA8E} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Logo auf One Drive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Logo auf One Drive"
Task: {704188F4-C0D3-45EF-B4CA-EA16B7FA549A} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Shop Datenbank auf NAS => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Datenbanken Site und Shop auf NAS"
Task: {40BFB1EF-9AFB-4151-AD7B-DFB1810EE543} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Shop Web auf NAS => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Shop Web auf NAS"
Task: {24685410-0BF0-4725-BE06-86BD9D3B8160} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Sony Kamera auf One Drive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Sony Kamera auf One Drive"
Task: {71F46DFC-F0EF-47EA-8514-5E9C2B2B950C} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Spiegelung Gewerbe auf Business OneDrive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Spiegelung Gewerbe auf Business OneDrive"
Task: {AF34ED4B-CDDA-47B5-9E5F-0AE3456A7323} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Website Backup auf NAS => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Website Backup auf NAS"
Task: {973F0BA7-2057-4827-8B63-B145F51F4A77} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Keine Datei)
Task: {941E7B7D-C54B-4FC3-B503-A542FE5A19AC} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (Keine Datei)
Task: {30DE7B58-7F6B-42D6-AC96-D9257DCD9B26} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2025488 2021-01-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {FA3C23A9-2B0D-4BD6-B315-458D3C753C96} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d70752ec7682d0 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {ABDB82B2-0BC1-4653-9217-E8FB8CD8712D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {2CA4A9B2-83AF-4B6D-8BEB-9F880BCF5113} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [45540760 2021-01-13] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {230411DA-B163-4CFA-9DE1-7914B60F28DD} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {6129F1D3-9FA9-48A8-AB0F-3A210F636D2D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{EB26BFAF-BA7F-40BD-B744-B123DB97C035} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {5C2D41AD-A0F6-41A2-B963-102779D7BBF7} - System32\Tasks\Lexware Datensynchronisation_DANIEL-G-ASUS_danie => C:\Program Files (x86)\Lexware\professional\2024\Lexware.Faktura.Datensynchronisation.exe (Keine Datei)
Task: {75279E9D-5C64-435F-A157-7996DE0A1073} - System32\Tasks\LexwareAppSysOpt => C:\Program Files (x86)\Lexware\professional\2025\Haufe.Components.LxAppSysOpt.exe [38248 2024-12-12] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
Task: {F184BC98-8165-49A4-A538-879086D9C317} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EE4CBA6-9DA5-4ACE-AAF9-0AC8CBDC61D2} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9F508CF-365F-4DED-9FC4-1E5EAF431FDD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F566C44-FCC5-4A36-9144-FF0E57BE9A34} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [68328 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BBF2E36-31F0-4D76-BD03-67D92E054720} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B31B9AB-4C94-4F91-AE2C-078FE197D6FC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FDE3A0C-8672-4591-AB2A-BDAF47545C8A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B841D55-1727-42D7-8A9E-9024FB1A5E4F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [204400 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {811F499B-7F47-4154-8221-4B50801C8E2C} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4536760 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {05610FA1-B147-42BB-867B-48BCE93A46CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1EDA9643-59FA-44D4-91B7-2DF3E69E4987} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51334C4F-1274-4BEC-8636-F37B875D7C80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7C638B85-AA96-45B5-A85E-8005B8E1C25B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AEB51FA5-7265-4F0D-9280-D5BD21A62E06} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {554B6514-022C-45CE-96A1-5D2A1EFFB5E0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA2B41EC-E4BD-47EC-9403-34814DE87355} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {3D8A420B-DB47-4B62-9797-7D97E156CDED} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\CEIP.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {FFD174A5-637E-4F2E-93E5-0F7CB30D0DBD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0179C23-08A7-4F6A-BBD2-D1C800A03CF8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {224CC6A8-156C-4F37-9B47-4F94BEE12DBD} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {CD769156-A117-4483-98C4-C0B21BC751E5} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2782327805-1913230689-3329431176-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {313BF36C-74EB-494E-9891-1E50BAD3C843} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-04-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {3CDD1788-2B58-4297-85EC-427C8A86875E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {17D44A42-52F8-4B83-B938-2597E8BF4877} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50AC65C2-D4CB-471D-BD09-8A6CF281C52A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {F0872436-BCC0-4268-A9AD-E9DAD87B05E8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {381EBDB8-D2DA-409B-A097-51B48A567226} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF70EC72-95B6-43C6-B716-6089CBE16106} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50A93B24-1DD4-4637-8479-71A54B945E70} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {532F2B14-6F80-4B6C-9B4E-0AFF4E8AEA0A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB27FAFF-688E-44BB-921C-07BBC225EC2C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0013EA0F-3E00-40F4-97D3-715D6B623806} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F33E1033-CCF4-4805-BE15-8AAE344061F9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2782327805-1913230689-3329431176-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C16476C9-3558-4419-941A-562C31160123} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2782327805-1913230689-3329431176-1001 => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECF0A55C-872B-4401-9A08-09CF8C66FE2D} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2782327805-1913230689-3329431176-1001 => C:\Users\danie\AppData\Roaming\Zoom\bin\Zoom.exe [434488 2025-03-07] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{2bf19533-b5bf-4791-95db-88d8f7e8724d}: [NameServer] 192.168.178.1
Tcpip\..\Interfaces\{309d5d73-737b-4ccf-a8bb-28bbe2c6d3f1}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{309d5d73-737b-4ccf-a8bb-28bbe2c6d3f1}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{f608156c-5946-4206-a989-ce12309293ae}\14E64627F696461405: [DhcpNameServer] 192.168.36.63
Tcpip\..\Interfaces\{f608156c-5946-4206-a989-ce12309293ae}\64259445A51224F687026353931302341626C656023444: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f608156c-5946-4206-a989-ce12309293ae}\64259445A51224F687026353931302341626C656023444: [DhcpDomain] fritz.box
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-21]
Edge Notifications: Default -> hxxps://www.facebook.com; hxxps://www.panerai.com
Edge Extension: (ColorZilla) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2024-06-11]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (DuckDuckGo) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2025-04-09]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (lock) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dppgmdbiimibapkepcbdbmkaabgiofem [2025-04-21]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (MyJDownloader Browser Erweiterung) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2023-01-15]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Ghostery Tracker- & Werbeblocker | Datenschutz AdBlocker) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2025-04-21]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (NordVPN - the Fastest VPN proxy for privacy) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fphgeikpdcdcheaochkhldmnfblfogla [2025-03-30]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-09]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (True Key™ by McAfee) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gnnbmcifkkjgjdbkilfglpdpmidkgefn [2024-07-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (ScriptBlock) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2021-02-21]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (MyJDownloader Browser Erweiterung) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2021-07-04]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Edge relevant text changes) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Microsoft Power Automate) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kagpabjoboikccfdghpdlaaopmgpgfdc [2025-03-22]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Tag Assistant) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2025-04-21]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2025-04-21]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Total Script Blocker) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oakdjiehbhihbklollmmmkhfilbklgkf [2023-01-15]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Smart Color Picker Eyedropper) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ochgakkmfibnneodjiehdpgdimcondao [2025-04-21]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (uBlock Origin) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2025-01-04]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (OneNote Web Clipper) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oogbnpmeihfgnccdnmmlgicknopghhma [2025-04-15]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Live color picker) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pkdpnbbbflbafkdifkgpifolofjhdeca [2024-03-28]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc]
FireFox:
========
FF DefaultProfile: ks8urf0i.default
FF ProfilePath: C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\ks8urf0i.default [2024-07-09]
FF ProfilePath: C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\7lqen0pg.default-release [2024-10-31]
FF Extension: (True Key™ by McAfee) - C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\7lqen0pg.default-release\Extensions\@true-key.xpi [2023-01-21] [UpdateUrl:hxxps://downloads.truekey.com/firefox/update.json]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-12-23] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2025-04-19]
CHR Extension: (lock) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2025-04-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ColorZilla) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2024-05-29]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (DuckDuckGo) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2025-04-11]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (uBlock Origin) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-03-22]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (change-language) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2025-04-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (True Key™ by McAfee) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpaibbcbodhimfnjnakiidgbpiehfgci [2024-08-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2025-04-05]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ScriptBlock) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2021-02-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Audio Verbinden) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihiafjkopgiakbmihgoieodihjcblfbk [2021-02-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Tag Assistant) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2025-04-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Microsoft Power Automate) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljglajjnnkapghbckkcmodicjhacbfhk [2025-03-22]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2025-04-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Ghostery Tracker- & Werbeblocker | Datenschutz AdBlocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2025-04-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Video Cutter) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nodkcjollmmjidmcnhloaoahmciabnai [2021-02-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Audio Cutter) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimnkafgoiilijmlbnfoafihjjijbfp [2021-02-20]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-03-26]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-04-12]
CHR Extension: (lock) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2025-04-04]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Microsoft Power Automate) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ljglajjnnkapghbckkcmodicjhacbfhk [2025-03-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-12]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2025-04-19]
CHR HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk]
CHR HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S4 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3910472 2024-02-07] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [382112 2022-08-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe [907112 2023-12-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-08-18] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2023-12-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [838760 2025-04-09] (ASUSTeK Computer Inc. -> )
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13862104 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
S4 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [5751024 2022-03-30] (devolo AG -> devolo AG)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-06-03] (Bayerisches Landesamt fuer Steuern -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncHelper.exe [3545416 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-08] (HP Inc. -> HP Inc.)
S4 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] (Shrew Soft Inc -> )
S4 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] (Shrew Soft Inc -> )
R2 Lexware API Service; C:\Program Files (x86)\Lexware\API Service\Lexware.Faktura.Api.HotChocolateHost.exe [172842656 2025-03-26] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 Lexware internal API Service; C:\Program Files (x86)\Lexware\internal API Service\Lexware.Faktura.Api.InternalApi.exe [174960 2025-03-26] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 Lexware WebApps Service; C:\Program Files (x86)\Lexware\WebApps Service\Lexware.Faktura.WebApps.WebAppsHost.exe [93088888 2025-03-26] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [85728 2024-10-07] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MailStoreServer; C:\Program Files (x86)\MailStore\MailStore Server\MailStoreServer_x64.exe [492032 2025-03-13] (Open Text Corporation -> MailStore Software GmbH)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [320088 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-12-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveUpdaterService.exe [3892568 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [654040 2025-04-10] (Geek Software GmbH -> geek software GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [493544 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2025-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SonosLibraryService; C:\Program Files (x86)\SonosV2\SonosLibraryService.exe [27648 2023-09-12] () [Datei ist nicht signiert]
R2 SyncBackProSchedulesMonitor; C:\Program Files\2BrightSparks\SyncBackPro\SchedulesMonitor.exe [5567720 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd)
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16463160 2022-11-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UIFlowAgentLauncherService; C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LauncherService.exe [30240 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 UIFlowLogShipper; C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LogShipper.exe [26656 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 UIFlowService; C:\Program Files (x86)\Power Automate Desktop\UIFlowService.exe [46624 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 UIFlowUpdateService; C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.UpdateService.exe [43040 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [42560 2024-12-21] (Microsoft Corporation -> Microsoft)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinFsp.Launcher; C:\Program Files (x86)\WinFsp\SxS\sxs.20240621T172454Z\bin\launcher-x64.exe [34592 2023-03-16] (NAVIMATICS LLC -> Navimatics LLC)
R2 WireGuardManager; C:\Program Files\WireGuard\wireguard.exe [8185648 2021-12-22] (WireGuard LLC -> WireGuard LLC)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43168 2022-08-18] (ASUSTeK Computer Inc. -> )
R1 avm_nwim; C:\Windows\system32\DRIVERS\avmnwim.sys [396088 2017-03-17] (WDKTestCert shuebner,130916460956458304 -> AVM)
S3 BrSerIb; C:\Windows\system32\DRIVERS\BrSerIb.sys [95344 2014-06-06] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\Windows\system32\DRIVERS\BrUsbSIb.sys [21872 2014-06-06] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 dokan1; C:\Windows\System32\DRIVERS\dokan1.sys [385528 2021-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Dokan Project)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\Program Files\NordVPN\7.32.5.0\Drivers\NDivert.sys [131472 2024-10-31] (nordvpn s.a. -> Nordvpn S.A.)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [44928 2024-05-29] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [36496 2022-03-30] (devolo AG -> Riverbed Technology, Inc.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [91584 2024-06-05] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [41120 2024-08-29] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2021-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [817672 2025-03-02] (Microsoft Windows Hardware Compatibility Publisher -> IDRIX)
R1 vflt; C:\Windows\system32\DRIVERS\vfilter.sys [24064 2013-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S3 vnet; C:\Windows\System32\drivers\virtualnet.sys [17408 2013-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WinFsp+20240621T172454Z; C:\Program Files (x86)\WinFsp\SxS\sxs.20240621T172454Z\bin\winfsp-x64.sys [168512 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Navimatics LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-09-23] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-04-21 09:10 - 2025-04-21 09:11 - 000066414 _____ C:\Users\danie\Desktop\FRST.txt
2025-04-21 09:10 - 2025-04-21 09:11 - 000000000 ____D C:\FRST
2025-04-21 09:08 - 2025-04-21 09:09 - 002404864 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2025-04-15 21:31 - 2025-04-15 21:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-04-15 11:35 - 2025-04-15 11:35 - 000002221 _____ C:\Users\Public\Desktop\COM Vibilia beSt.lnk
2025-04-15 11:35 - 2025-04-15 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COM Vibilia beSt
2025-04-15 11:35 - 2025-04-15 11:35 - 000000000 ____D C:\Program Files\Governikus KG
2025-04-15 11:28 - 2025-04-15 11:28 - 000001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp.lnk
2025-04-15 11:28 - 2025-04-15 11:28 - 000001045 _____ C:\Users\Public\Desktop\AusweisApp.lnk
2025-04-12 18:10 - 2025-04-12 18:10 - 000001667 _____ C:\Users\Public\Desktop\PDF24 Toolbox.lnk
2025-04-12 18:10 - 2025-04-12 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2025-04-12 18:10 - 2025-04-12 18:10 - 000000000 ____D C:\Program Files\PDF24
2025-04-10 13:36 - 2025-04-10 13:36 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2025-04-10 13:36 - 2025-04-10 13:36 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2025-04-09 08:44 - 2025-04-09 08:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-04-09 08:38 - 2025-04-09 08:38 - 000000000 ____D C:\inetpub
2025-04-09 08:11 - 2025-04-09 08:11 - 000000000 ___HD C:\$WinREAgent
2025-04-08 16:34 - 2025-04-08 16:34 - 000000001 ____R C:\Users\danie\serverport
2025-04-08 16:34 - 2025-04-08 16:34 - 000000000 ____D C:\Users\danie\.jivex
2025-04-02 19:30 - 2025-04-02 19:30 - 000001384 _____ C:\Users\Public\Desktop\MailStore Client.lnk
2025-04-02 19:30 - 2025-04-02 19:30 - 000001343 _____ C:\Users\Public\Desktop\Konfiguration des MailStore Server-Dienstes.lnk
2025-04-02 19:30 - 2025-04-02 19:30 - 000001071 _____ C:\Users\Public\Desktop\MailStore Client auf weiteren Rechnern installieren.lnk
2025-04-02 19:30 - 2025-04-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MailStore Server
2025-03-30 16:56 - 2025-03-30 16:56 - 000002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung Steuerjahr 2024.lnk
2025-03-30 16:56 - 2025-03-30 16:56 - 000002211 _____ C:\Users\Public\Desktop\SteuerSparErklärung Steuerjahr 2024.lnk
2025-03-30 16:56 - 2025-03-30 16:56 - 000002183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuerwissen 2024-2025.lnk
2025-03-30 16:56 - 2025-03-30 16:56 - 000002171 _____ C:\Users\Public\Desktop\Steuerwissen 2024-2025.lnk
2025-03-30 16:56 - 2025-03-30 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung Steuerjahr 2024
2025-03-30 16:55 - 2025-03-30 16:55 - 000000000 ____D C:\Program Files\Steuertipps
2025-03-26 22:07 - 2025-03-26 22:07 - 000339824 _____ C:\Windows\SysWOW64\LxDNT122.dll
2025-03-26 22:07 - 2025-03-26 22:07 - 000247656 _____ C:\Windows\SysWOW64\LXPrnUtil10.dll
2025-03-26 22:07 - 2025-03-26 22:07 - 000172392 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxReportManage.ocx
2025-03-26 22:07 - 2025-03-26 22:07 - 000148328 _____ C:\Windows\SysWOW64\LxDNTvmc122.dll
2025-03-26 22:07 - 2025-03-26 22:07 - 000082800 _____ C:\Windows\SysWOW64\LxDNTvm122.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 005001064 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxXtreme130.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 001259880 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTool250.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000218992 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxBasics250.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000131952 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxMail200.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000095592 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxPXTree250.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000095080 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxCI20.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000081768 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LXCurr210.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000055656 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTPSW210.dll
2025-03-26 18:34 - 2025-03-26 18:34 - 000121192 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxUISettingsN250.dll
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-04-21 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-21 08:59 - 2024-07-07 21:18 - 000000000 ____D C:\Users\danie\AppData\Roaming\Jabra Direct
2025-04-21 08:56 - 2021-02-20 08:13 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-04-21 08:44 - 2021-02-20 08:31 - 000000000 ___SD C:\Users\danie\AppData\Roaming\Microsoft\Credentials
2025-04-21 06:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2025-04-21 04:45 - 2021-12-15 02:27 - 000000000 ____D C:\Windows\SystemTemp
2025-04-21 00:00 - 2024-11-09 20:08 - 003763766 _____ C:\nlog-internal.txt
2025-04-20 22:15 - 2021-10-16 14:22 - 000000000 ____D C:\ProgramData\firebird
2025-04-20 20:19 - 2021-02-20 12:31 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Excel
2025-04-20 12:25 - 2021-02-20 08:13 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-20 12:06 - 2021-02-20 08:39 - 000000000 ____D C:\Program Files\ASUS
2025-04-20 08:59 - 2021-02-20 11:50 - 000000000 ____D C:\ProgramData\Lexware
2025-04-20 08:58 - 2023-06-06 22:13 - 000004090 _____ C:\Windows\system32\Tasks\LexwareAppSysOpt
2025-04-19 14:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-19 11:52 - 2025-02-06 03:29 - 000003552 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2782327805-1913230689-3329431176-1001
2025-04-19 11:52 - 2021-12-11 19:00 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2782327805-1913230689-3329431176-1001
2025-04-19 11:52 - 2021-09-08 15:59 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-19 11:52 - 2021-06-20 11:00 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-04-19 11:52 - 2021-06-20 11:00 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-19 09:23 - 2021-02-20 08:33 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2025-04-19 02:38 - 2021-02-20 08:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-18 18:28 - 2021-02-20 10:36 - 000015911 _____ C:\Windows\BRRBCOM.INI
2025-04-18 03:18 - 2021-02-20 09:13 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-16 03:17 - 2022-09-25 12:17 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-04-16 03:17 - 2021-04-06 19:36 - 000001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-04-15 17:51 - 2021-02-20 13:24 - 000000000 ____D C:\Users\danie\AppData\Roaming\vlc
2025-04-15 16:19 - 2022-10-19 15:00 - 000000000 ____D C:\Users\danie\AppData\Local\JDownloader 2.0
2025-04-15 11:28 - 2023-07-03 17:43 - 000000000 ____D C:\Program Files\AusweisApp2
2025-04-15 09:26 - 2021-02-21 15:48 - 000000000 ____D C:\Users\danie\AppData\Local\CrashDumps
2025-04-14 17:15 - 2023-10-05 20:51 - 000000000 ____D C:\Users\danie\AppData\Roaming\1Password
2025-04-12 10:33 - 2019-12-07 16:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2025-04-11 08:42 - 2021-02-27 21:21 - 000000000 ____D C:\Users\danie\AppData\Local\ElevatedDiagnostics
2025-04-10 13:36 - 2021-05-23 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2025-04-10 13:36 - 2021-02-20 12:02 - 000000000 ____D C:\Program Files\Microsoft Office
2025-04-10 06:23 - 2021-02-20 08:13 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-04-09 10:17 - 2021-04-06 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-04-09 08:49 - 2021-02-20 08:19 - 001717270 _____ C:\Windows\system32\PerfStringBackup.INI
2025-04-09 08:49 - 2019-12-07 16:51 - 000740668 _____ C:\Windows\system32\perfh007.dat
2025-04-09 08:49 - 2019-12-07 16:51 - 000149866 _____ C:\Windows\system32\perfc007.dat
2025-04-09 08:49 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2025-04-09 08:44 - 2024-01-03 10:10 - 000001356 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2025-04-09 08:44 - 2021-04-06 21:26 - 000000000 ____D C:\Users\danie\AppData\Local\1Password
2025-04-09 08:44 - 2021-02-20 08:31 - 000000000 ____D C:\Users\danie
2025-04-09 08:42 - 2021-02-20 08:13 - 000838760 _____ C:\Windows\system32\AsusUpdateCheck.exe
2025-04-09 08:42 - 2021-02-20 08:13 - 000568016 _____ C:\Windows\system32\FNTCACHE.DAT
2025-04-09 08:42 - 2021-02-20 08:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-04-09 08:41 - 2021-02-20 08:13 - 000877320 _____ C:\Windows\system32\wpbbin.exe
2025-04-09 08:39 - 2019-12-07 11:03 - 001835008 _____ C:\Windows\system32\config\BBI
2025-04-09 08:38 - 2024-06-26 22:53 - 000000000 ____D C:\Windows\system32\compatrel
2025-04-09 08:38 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-04-09 08:38 - 2019-12-07 16:52 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2025-04-09 08:24 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2025-04-09 08:17 - 2021-02-20 08:17 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-04-09 08:11 - 2021-02-20 08:37 - 000000000 ____D C:\ProgramData\Package Cache
2025-04-08 21:07 - 2024-12-12 14:36 - 000000000 ____D C:\Users\danie\AppData\Local\D3DSCache
2025-04-08 17:15 - 2021-02-20 12:30 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Word
2025-04-08 13:01 - 2021-02-20 10:59 - 000000000 ____D C:\Users\danie\AppData\Roaming\FileZilla
2025-04-07 16:55 - 2022-10-18 12:40 - 000000000 ____D C:\Users\danie\AppData\Roaming\Bitwarden
2025-04-07 16:02 - 2021-08-14 23:10 - 000000000 ____D C:\Program Files (x86)\Lexware
2025-04-07 15:59 - 2021-02-20 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2025-04-06 20:10 - 2023-07-03 21:23 - 000000000 ____D C:\Users\danie\AppData\Local\Haufe-Lexware_GmbH_&_Co._
2025-04-06 16:46 - 2023-10-01 10:58 - 000001128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncBackPro.lnk
2025-04-06 16:46 - 2023-10-01 10:58 - 000000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncBackPro (Not Elevated).lnk
2025-04-05 22:32 - 2021-02-20 08:14 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-05 22:32 - 2021-02-20 08:14 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-04 09:28 - 2021-02-28 18:40 - 000000128 _____ C:\Users\danie\AppData\Local\PUTTY.RND
2025-04-02 19:31 - 2021-02-20 12:41 - 000000000 ____D C:\Users\danie\AppData\Local\MailStore Client Launcher
2025-04-02 18:13 - 2022-09-23 13:13 - 000002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-04-02 18:13 - 2022-09-23 13:13 - 000002008 _____ C:\Users\danie\Desktop\Google Drive.lnk
2025-04-01 15:44 - 2021-02-20 12:17 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Outlook
2025-03-30 12:05 - 2021-02-20 12:07 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Office
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-09-21 11:19 - 2023-09-21 17:20 - 000000099 _____ () C:\ProgramData\101280_mgr.dat
2022-10-05 09:50 - 2023-11-14 20:30 - 000000128 _____ () C:\Users\danie\AppData\Roaming\PUTTY.RND
2021-02-28 18:40 - 2025-04-04 09:28 - 000000128 _____ () C:\Users\danie\AppData\Local\PUTTY.RND
2022-01-31 12:33 - 2022-01-31 12:33 - 000001662 _____ () C:\Users\danie\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
Gestern, 15:56
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10: Umleitung bei Suche im Edge Beitrag gelesen. Poste die Addition.txt in CODE-Tags.
__________________
__________________ |
|
Gestern, 15:59
| #3 |
| | Windows 10: Umleitung bei Suche im Edge Hallo cosinus,
__________________danke für die schnelle Rückmeldung. Hier die Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-04-2025
durchgeführt von danie (21-04-2025 09:12:47)
Gestartet von C:\Users\danie\Desktop
Microsoft Windows 10 Pro for Workstations Version 22H2 19045.5737 (X64) (2021-02-20 06:15:52)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-2782327805-1913230689-3329431176-500 - Administrator - Disabled)
danie (S-1-5-21-2782327805-1913230689-3329431176-1001 - Administrator - Enabled) => C:\Users\danie
DefaultAccount (S-1-5-21-2782327805-1913230689-3329431176-503 - Limited - Disabled)
Gast (S-1-5-21-2782327805-1913230689-3329431176-501 - Limited - Disabled)
olgas (S-1-5-21-2782327805-1913230689-3329431176-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2782327805-1913230689-3329431176-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1Password (HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\1Password) (Version: 8.10.70 - AgileBits, Inc.)
7-Zip 21.00 alpha (x64) (HKLM\...\7-Zip) (Version: 21.00 alpha - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 22.003.20310 - Adobe)
Adobe PDF iFilter 11 for 64-bit platforms (HKLM\...\{BA5C0CC3-421B-4AE5-9370-1650D1941F30}) (Version: 11.0.00 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.15 - philandro Software GmbH)
API Service 2025 (HKLM-x32\...\{1C2C8D62-DE3C-4B37-B284-6A623A1C1E0B}) (Version: 3.3.0.234 - Haufe-Lexware GmbH & Co.KG) Hidden
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.2.10 - ASUS)
Ashampoo Slideshow Studio HD 4 (HKLM-x32\...\{91B33C97-69A7-95EF-82EA-AAEAA76D338D}_is1) (Version: 4.0.9 - Ashampoo GmbH & Co. KG)
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.24 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{a75323e1-f1a4-4aff-a7ce-3858cbc1c0d2}) (Version: 1.0.24 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.3.1 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{2357cd84-6c2b-4174-87c7-4f9f9db8746b}) (Version: 0.0.3.1 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{659ff51d-6e35-42de-83ec-aa394eabe9eb}) (Version: 2.0.2.2 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.2.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.129 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.06 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{684f7887-cc5b-469a-81e9-36d38142cc46}) (Version: 1.1.06 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.15 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.15 - ASUS)
AURA Service (HKLM-x32\...\{0fcadbd2-1a6a-4a4a-a56d-fc7163d9b3fa}) (Version: 3.07.25 - ASUSTeK Computer Inc.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.25 - ASUSTeK Computer Inc.) Hidden
AusweisApp (HKLM\...\{76BCD646-0551-41D7-B2B2-F379C874CB98}) (Version: 2.3.1 - Governikus GmbH & Co. KG)
Bitwarden (HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 2025.2.1 - Bitwarden Inc.)
Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
Canva (HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\3d0ba22d-e02b-5c6d-93a1-4e2a9af9c1f2) (Version: 1.98.0-beta - Canva Pty Ltd)
CCS64 V3.7 (HKLM-x32\...\{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}) (Version: 1.0.0 - Computerbrains C.C.S.)
CompuDMS (HKLM\...\{0F7318CE-CCA0-43F6-9E4D-07EE1FFCAF68}) (Version: 10.1.5.8 - CompuKöln Dokument Management GmbH) Hidden
CompuDMS (HKLM-x32\...\{2d01cb86-58a2-4e48-8a94-127c3489d863}) (Version: 10.1.5.8 - CompuKöln Dokument Management GmbH)
CompuDMS Office AddIn (HKLM-x32\...\{4BB4393C-5B5D-488C-A678-50D9E9F6F7AF}) (Version: 10.1.5.8 - CompuKöln Dokument Management GmbH) Hidden
CompuDMS Office AddIn 64-bit (HKLM\...\{046BE177-F243-40BD-9936-16E0491729F3}) (Version: 10.1.5.8 - CompuKöln Dokument Management GmbH) Hidden
Cryptomator (HKLM\...\{76D8AED6-A0DB-3DB0-AB12-C263B35F0220}) (Version: 1.12.4.5223 - Skymatic GmbH) Hidden
Cryptomator (HKLM-x32\...\{e6f3ecac-d254-47b7-b40a-c0dc9f70a960}) (Version: 1.12.4.5223 - Skymatic GmbH)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 5.2.0.185 - devolo AG)
DFUDriverSetupX64Setup (HKLM-x32\...\{D662C345-04FD-4F6C-AB68-B9BC6D6A5D2F}) (Version: 7.0.32822.0 - GN Netcom A/S) Hidden
Dokan Library 1.5.0.3000 (x64) (HKLM\...\{65A3A964-3DC3-0105-0000-210531145800}) (Version: 1.5.0.3000 - Dokany Project)
ElsterFormular (HKLM-x32\...\{8A261933-AEA6-4C5E-B6D0-B88A478BF56C}) (Version: 21.3.0 - Thüringer Landesamt für Finanzen)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.28.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{d22b5310-9f1e-43a8-8547-58fa44742994}) (Version: 1.1.28.0 - Ene Tech.) Hidden
FileZilla 3.68.1 (HKLM-x32\...\FileZilla Client) (Version: 3.68.1 - Tim Kosse)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2024.4.0.27683 - Foxit Software Inc.)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.4.1 - AVM Berlin)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.96 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 106.0.4.0 - Google LLC)
Governikus COM Vibilia beSt (HKLM\...\{2237BB58-DFFF-4E14-84E5-BA1FB047D6AE}) (Version: 3.2.3 - Governikus KG)
HP Unified IO (HKLM\...\{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}) (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (HKLM-x32\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
IIS 10.0 Express (HKLM\...\{A43F6F96-4CED-4152-8086-AF954755E324}) (Version: 10.0.08608 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
ImageScan_V1.06.143d8 (HKLM-x32\...\ImageScan) (Version: - )
Intel(R) Visual Fortran Redistributables on Intel(R) 64 (HKLM-x32\...\{C05BE0CE-DF74-472D-8E8F-4C663B8B47E3}) (Version: 19.0.203 - Intel Corporation)
IrfanView 4.67 (64-bit) (HKLM\...\IrfanView64) (Version: 4.67 - Irfan Skiljan)
Jabra Direct (HKLM-x32\...\{16493369-2579-408f-ba67-84f2fe747ecb}) (Version: 6.21.1701 - GN Audio A/S)
Jabra Direct (HKLM-x32\...\{E9C670C0-B36E-428E-958C-48BFB50CAD46}) (Version: 6.21.01701 - GN Audio A/S) Hidden
Jabra Direct (HKLM-x32\...\{ED7AD906-E2AF-4100-97B2-14B41A4B4C8A}) (Version: 6.21.01701 - GN Audio A/S) Hidden
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.28 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{511a62a9-1ff0-4cc5-adfe-4a5bd044a3c0}) (Version: 1.0.28 - KINGSTON COMPONENTS INC.) Hidden
Kodi (HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Kodi) (Version: 21.0.0.0 - XBMC Foundation)
Lexware API Service 2024 (HKLM-x32\...\{f7bd207b-3cdb-4ac2-bf43-4c15d1e8028f}) (Version: 2.4.0.185 - Haufe-Lexware GmbH & Co. KG)
Lexware EasyArchive 2025 (HKLM-x32\...\{8FE1DEF0-855F-48F8-AD21-6B17D749B761}) (Version: 10.0.0.144 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2025 (HKLM-x32\...\{7f2804ef-ad2e-4cca-a237-86de26235549}) (Version: 25.4.0.128 - Haufe-Lexware GmbH & Co. KG)
Lexware Elster 2025 (HKLM-x32\...\{9DB87ECA-3C52-4BB5-900B-83363D0F02C0}) (Version: 25.4.0.228 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware financial office pro 2025 (HKLM-x32\...\{8CAC7731-EA6D-4DB6-8CFF-877FEC47BB3F}) (Version: 25.6.0.263 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware financial office pro 2025 (HKLM-x32\...\{dd50abc9-b8a0-491e-bb88-cdb09b4eb72f}) (Version: 25.6.0.154 - Haufe-Lexware GmbH & Co. KG)
Lexware Info Service 2025 (HKLM-x32\...\{0FD514BB-02C4-46E8-B241-9D8D871959CB}) (Version: 25.0.0.147 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst 2025 (HKLM-x32\...\{9A4A8AA3-104B-4B2B-846A-0E644EA8B011}) (Version: 14.0.0.148 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware lohn+gehalt Diagnose 2025 (HKLM-x32\...\{7C9F027F-0821-427A-A95C-C3071DC9B920}) (Version: 12.0.0.148 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking 2025 (HKLM-x32\...\{88265FEC-F1D2-4F02-853F-29C8C6C64842}) (Version: 32.1.0.149 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware pro DesktopIcon 2025 (HKLM-x32\...\{9FB3A2B8-F9AD-4231-8280-FDBFEABCD0F5}) (Version: 25.0.0.144 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Remoteunterstützung (HKLM-x32\...\{A02C99D1-2883-C367-9BC3-E98742A74B2F}) (Version: 7.11.760 - LogMeIn, Inc.)
Logitech Options (HKLM\...\LogiOptions) (Version: 10.22.14 - Logitech)
MailStore Client 12.1.2.14774 (HKLM-x32\...\{BA1438E0-3F98-47B2-BA4E-17A377DCFF4E}) (Version: 12.100.14774 - MailStore Software GmbH)
MailStore Outlook Add-in 22.3.0.21002 (HKLM-x32\...\{5AC8BE2A-7B8C-4C23-B511-1E5184227E3C}) (Version: 22.100.21002 - MailStore Software GmbH)
MailStore Server 25.2 (HKLM-x32\...\MailStore Server_is1) (Version: 25.2.0.22812 - MailStore Software GmbH)
MergeModule_x64 (HKLM\...\{8B591A6B-253E-4E62-B2A8-3668CDA0A907}) (Version: 11.0.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{51B45206-47B1-4B51-B46A-330B9156D6C1}) (Version: 11.0.00 - Sony Corporation) Hidden
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.15 (x64) (HKLM\...\{4C903F19-B4C3-4D0C-8CC9-D444C511AF1C}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.15 (x64) (HKLM\...\{11CCC9F6-77AA-4421-9EAC-BAEC36D96817}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM-x32\...\{9d3fc73f-1cf4-412c-a1c9-d2ad28ccbd62}) (Version: 6.0.36.34214 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.15 (x64) (HKLM\...\{8731E6E3-AF96-4515-ACEC-DBFB3DF55292}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft 365 Apps for Business - de-de (HKLM\...\O365BusinessRetail - de-de) (Version: 16.0.18623.20178 - Microsoft Corporation)
Microsoft 365 Apps for business - en-gb (HKLM\...\O365BusinessRetail - en-gb) (Version: 16.0.18623.20178 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.36 - Shared Framework (x64) (HKLM-x32\...\{4b7c3d4f-051a-464c-aaa0-e7de6bc793de}) (Version: 6.0.36.24516 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.36 Shared Framework (x64) (HKLM\...\{215198BD-8EE1-385D-8194-0D3FF304296D}) (Version: 6.0.36.24516 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.056.0324.0003 - Microsoft Corporation)
Microsoft SQL Server 2019 LocalDB (HKLM\...\{E5B3A478-C4C3-49E3-8384-A12D4B2008D4}) (Version: 15.0.4382.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Teams) (Version: 1.6.00.26474 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.06502 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33816 (HKLM-x32\...\{77169412-f642-45e7-b533-0c6f48de12f9}) (Version: 14.40.33816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33816 (HKLM-x32\...\{4373d0b5-4457-4a80-bad9-029de8df097b}) (Version: 14.40.33816.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33816 (HKLM\...\{5904914B-9FC8-44C2-AE48-5C7F30A603EC}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33816 (HKLM\...\{560D2DA4-096E-4868-B22A-DA6418FDE6FB}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33816 (HKLM-x32\...\{0DF1D9F9-6038-4641-AB6D-13DD654758A7}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33816 (HKLM-x32\...\{D7A66DA5-B103-45C1-A0A7-736C08E2F464}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{C931A1C6-A7BF-3737-874A-818881A37E1B}) (Version: 10.0.60915 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60910 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60910 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.12.2149.20818 - Microsoft Corporation)
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{E281F6E2-136B-4AF0-895B-253279711697}) (Version: 3.7.2182.35401 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{82FD8C73-C24D-433C-85A9-48AE93570410}) (Version: 10.0.8305 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM\...\{0E4A7820-FDA4-4250-B7AC-E7A2F7B43B64}) (Version: 64.60.31203 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM-x32\...\{5625bb48-295c-4113-bc92-d6a69b19b04c}) (Version: 8.0.15.34718 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 14.41.137.0 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 137.0.2 (x64 de)) (Version: 137.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 87.0 - Mozilla)
Mp3tag v3.18 (HKLM\...\Mp3tag) (Version: 3.18 - Florian Heidenreich)
MySQL Connector Net 8.0.23 (HKLM-x32\...\{75436886-702E-472E-A7CC-1BB52B3027D8}) (Version: 8.0.23 - Oracle)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.6.950 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.32.5.0 - Nord Security)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.6 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Grafiktreiber 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
On-premises data gateway (personal mode) (HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\{22c64d6b-52d3-462a-93f3-2617b5eaf856}) (Version: 3000.202.16 - Microsoft Corporation)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.1 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{e38442c0-a433-48c2-84e2-51ac0b30c3ab}) (Version: 1.0.9.1 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{8839fbd5-69f9-41c5-a1cf-cdfbec966d66}) (Version: 1.0.6.3 - Patriot Memory)
PDF24 Creator 11.25.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.25.0 - geek software GmbH)
PersonalGatewayComponents (HKLM\...\{B96BE8F1-D620-45B9-8735-5D79F17BBEEA}) (Version: 15.202.16 - Microsoft Corporation) Hidden
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.6.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{c8f7044c-7f48-404a-9a5d-9f038f28a789}) (Version: 1.0.6.0 - PHISON Electronics Corp.) Hidden
PlayChess (HKLM\...\PlayChess) (Version: - ChessBase GmbH)
PlayMemories Home (HKLM-x32\...\{AEB04E0E-0A28-4014-A96A-282E43B7227B}) (Version: 6.0.00.12211 - Sony Corporation)
PMB_ModeEditor (HKLM-x32\...\{F8063714-BD75-42DC-8FAA-D0E1EED92519}) (Version: 11.0.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{CF081855-ED80-445A-BF63-025584939230}) (Version: 11.0.00 - Sony Corporation) Hidden
Power Automate for desktop (HKLM-x32\...\{28efe34e-5608-4450-b147-7c10950c32f6}) (Version: 2.40.151.24012 - Microsoft Corporation)
Power Automate for desktop (HKLM-x32\...\{7B9B4344-56DA-4D78-AB1E-B1384B86BF95}) (Version: 2.40.00151.24012 - Microsoft Corporation) Hidden
PowerShell 7.2.24.0-x64 (HKLM-x32\...\{897f89fd-0eb2-4bd6-871e-03a7807a35fe}) (Version: 7.2.24.0 - Microsoft Corporation)
PowerShell 7.6.3.0-x64 (HKLM-x32\...\{10a87cc8-198c-49d9-a419-cd0f6ed55300}) (Version: 7.6.3.0 - Microsoft Corporation)
PowerShell 7-preview-x64 (HKLM\...\{BD83E859-420D-425A-8AC6-AAC4737E58A9}) (Version: 7.6.0.3 - Microsoft Corporation) Hidden
PowerShell 7-x64 (HKLM\...\{0C01156B-C07E-49D3-AF0E-86CCD58212D5}) (Version: 7.2.24.0 - Microsoft Corporation) Hidden
PuTTY release 0.77 (64-bit) (HKLM\...\{E078C644-A120-4668-AD62-02E9FD530190}) (Version: 0.77.0.0 - Simon Tatham)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.1.5.0 - ASUSTek COMPUTER INC.)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - )
Screenpresso (HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Screenpresso) (Version: 2.1.36.0 - Learnpulse)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Sonos (HKLM-x32\...\{6FB7DAEC-5DAD-491E-9951-4684423F291C}) (Version: 75.1.45120 - Sonos, Inc.)
Steuer-Ratgeber 2018-2019 (HKLM-x32\...\{E5169222-3911-4786-AF99-42E6ABEDF2F7}) (Version: 19.09.1 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2019-2020 (HKLM-x32\...\{7467B029-83DF-47FA-B4CF-1411AA8D8D12}) (Version: 20.09.12 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2020-2021 (HKLM-x32\...\{2E5063A0-872A-4B65-8163-168B25E6D50A}) (Version: 21.01.1 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2021-2022 (HKLM-x32\...\{03F5B20E-69BB-426F-B873-6549E6F80C60}) (Version: 27.22.03.4 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2022-2023 (HKLM-x32\...\{9886EDBE-795A-447E-AD30-99DCC50F69A1}) (Version: 28.22.10.21 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2019 (HKLM-x32\...\{C1274A30-7822-4CAE-A4C8-395E9E687107}) (Version: 24.40.146 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2020 (HKLM-x32\...\{E7E3F711-933D-4D9A-BA51-01F47179F23C}) (Version: 25.44.100 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2021 (HKLM-x32\...\{8C111EC2-454D-4C0B-B0D7-E845F1B3AAAD}) (Version: 26.47.130 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2022 (HKLM-x32\...\{7FED71CC-993E-42A4-A2C7-798D4416A192}) (Version: 27.34.87 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2023 (HKLM-x32\...\{3DC8F379-3D6D-4424-8AC9-9D5477CBC41F}) (Version: 28.34.73 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2024 (HKLM-x32\...\{9882BD33-6F36-4582-9743-CFEAED5C2BC9}) (Version: 29.34.59 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung Steuerjahr 2024 (HKLM\...\{A38EEBAA-9276-44FC-A311-4E4D15FFA719}) (Version: 30.34.44 - Wolters Kluwer Steuertipps GmbH)
Sweet Home 3D version 7.1 (HKLM\...\Sweet Home 3D_is1) (Version: 7.1 - eTeks)
SyncBackPro x64 (HKLM-x32\...\SyncBackPro64_is1_is1) (Version: 11.3.87.0 - 2BrightSparks)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.36.8 - TeamViewer)
TreeSize Free V4.7 (64 bit) (HKLM\...\TreeSize Free_is1) (Version: 4.7 - JAM Software)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.1 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{68fb2ff9-0618-4948-b68f-9f95e5687067}) (Version: 1.0.0.1 - PD)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.25.9 - IDRIX)
VirtualDJ 2021 (HKLM\...\{31F98891-DBC9-4557-AF67-B75DD0DD913B}) (Version: 8.5.6503.0 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
vs_CoreEditorFonts (HKLM-x32\...\{1851460E-0E63-4117-B5BA-25A2F045801B}) (Version: 17.7.40001 - Microsoft Corporation)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
Windows-PC-Integritätsprüfung (HKLM\...\{AD47C6B2-6C72-4F0E-B66F-7685C28ACDFD}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Windows-Treiberpaket - Realtek Semiconductor Corp. (RtkBtFilter) Bluetooth (12/12/2019 1.6.1015.3010) (HKLM\...\A251C507301C79B85C3E1CEEAA1B04A16B62832B) (Version: 12/12/2019 1.6.1015.3010 - Realtek Semiconductor Corp.)
WinFsp 2023 (HKLM-x32\...\{E4C768C9-0ED1-4E8D-9B05-CC533F7D1B1A}) (Version: 2.0.23075 - Navimatics LLC)
WireGuard (HKLM\...\{2FDB79CE-5193-4A39-82BB-E00158CC1533}) (Version: 0.5.3 - WireGuard LLC)
Workflow Manager Client 1.0 (HKLM\...\{69CD1F2D-DF68-4E23-9108-1B70783F2855}) (Version: 2.1.10525.2 - Microsoft Corporation) Hidden
XAMPP (HKLM\...\xampp) (Version: 8.2.12-0 - Apache Friends)
Zoom Workplace (HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\ZoomUMX) (Version: 6.3.11 (60501) - Zoom Communications, Inc.)
Packages:
=========
Affinity Designer 2 -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityDesigner2_2.6.0.3134_x64__3cqzy0nppv2rt [2025-02-19] (Serif Europe Ltd)
Affinity Photo 2 -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityPhoto2_2.6.0.3134_x64__3cqzy0nppv2rt [2025-02-19] (Serif Europe Ltd)
Affinity Publisher 2 -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityPublisher2_2.6.2.3228_x64__3cqzy0nppv2rt [2025-04-06] (Serif Europe Ltd)
allango -> C:\Program Files\WindowsApps\www.allango.net-7EB84AC_1.0.0.2_neutral__z8g699nkgs3t6 [2025-04-09] (www.allango.net)
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.5.2.0_x86__kc6t79cpj4tp0 [2023-10-03] (AMZN Mobile LLC)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.9.14.0_x64__qmba6cd70vzyy [2025-02-21] (ASUSTeK COMPUTER INC.)
Audible - Hörbuch und Hörspiel App -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2 [2024-05-14] (Audible Inc)
Bestellungen -> C:\Program Files\WindowsApps\xxx.sharepoint.com-D7CF8827_1.0.0.0_neutral__f74kv08qkv3jy [2023-07-07] (xxx.sharepoint.com)
Bestellungen -> C:\Program Files\WindowsApps\xxx.sharepoint.com-F5A8FCA5_1.0.0.2_neutral__f74kv08qkv3jy [2025-04-09] (xxx.sharepoint.com)
ChatGPT -> C:\Program Files\WindowsApps\chatgpt.com-DFCB3CE4_1.0.0.1_neutral__ch69rtgtz055j [2025-04-09] (chatgpt.com)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-10-15] (Microsoft Corporation)
Gemini -> C:\Program Files\WindowsApps\gemini.google.com-3A05D80_1.0.0.1_neutral__vn3jms8s81tkg [2025-04-09] (gemini.google.com)
Google Keep -> C:\Program Files\WindowsApps\keep.google.com-28152D5D_1.0.0.2_neutral__x6wzt11gmmj3r [2025-04-09] (keep.google.com)
Google Keep -> C:\Program Files\WindowsApps\keep.google.com-E3AC328F_1.0.0.0_neutral__x6wzt11gmmj3r [2022-09-06] (keep.google.com)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa [2025-04-02] (Apple Inc.) [Startup Task]
Kundenbestellungen Sharepoint – Power BI -> C:\Program Files\WindowsApps\app.powerbi.com-39B6CB7_1.0.0.1_neutral__8swjxnzqk9kdy [2025-04-09] (app.powerbi.com)
Löhne - Steuerberater -> C:\Program Files\WindowsApps\xxx.sharepoint.com-61D10D20_1.0.0.0_neutral__p3eep5faafw58 [2025-04-19] (xxx.sharepoint.com)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-03] (Microsoft Corporation)
Microsoft Lists -> C:\Program Files\WindowsApps\xxx-my.sharepoint.com-4880851_1.0.0.1_neutral__300b2jqjs1wa6 [2025-04-09] (xxx-my.sharepoint.com)
Microsoft Lists -> C:\Program Files\WindowsApps\xxx-my.sharepoint.com-6366F836_1.0.0.0_neutral__300b2jqjs1wa6 [2022-10-21] (xxx-my.sharepoint.com)
Microsoft Planner -> C:\Program Files\WindowsApps\tasks.office.com-9969EB3F_1.0.0.0_neutral__m2jx2wswj0msy [2023-07-05] (tasks.office.com)
Microsoft Planner -> C:\Program Files\WindowsApps\tasks.office.com-B2BF0720_1.0.0.2_neutral__m2jx2wswj0msy [2025-04-09] (tasks.office.com)
Microsoft-Remotedesktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.4008.0_x64__8wekyb3d8bbwe [2025-02-26] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-08-30] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-26] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-04-10] ()
Perplexity -> C:\Program Files\WindowsApps\www.perplexity.ai-6A6DD7F0_1.0.0.1_neutral__sfyg0xmy1x778 [2025-04-09] (www.perplexity.ai)
Power Apps -> C:\Program Files\WindowsApps\MicrosoftCorporationII.PowerAppsforWindows10_3.25041.4.0_x64__8wekyb3d8bbwe [2025-04-17] (Microsoft Corp.)
Power BI Desktop -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPowerBIDesktop_2.141.1754.0_x64__8wekyb3d8bbwe [2025-04-19] (Microsoft Corporation)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.173.0_x64__pwbj9vvecjh7j [2025-03-27] (Amazon Development Centre (London) Ltd)
Spotify – Musik und Podcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0 [2025-04-15] (Spotify AB) [Startup Task]
True Key -> C:\Program Files\WindowsApps\5A894077.TrueKey_4.0.9245.0_neutral__wafk5atnkzcwy [2021-04-17] (McAfee Inc.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2514.4.0_x64__cv1g1gvanyjgm [2025-04-15] (WhatsApp Inc.) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\web.whatsapp.com-6EC4871F_1.0.0.1_neutral__910631y4v73xw [2022-09-04] (web.whatsapp.com)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2024-05-14] (New Work SE)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2782327805-1913230689-3329431176-1001_Classes\CLSID\{04271989-C4D2-1FEB-C560-C3B465F83CF1} -> [OneDrive - XXX] => D:\Daniel G\OneDrive - XXX [2022-09-27 12:11]
CustomCLSID: HKU\S-1-5-21-2782327805-1913230689-3329431176-1001_Classes\CLSID\{23B3E3D8-C162-4A8B-AB0C-0905DCB1DF19}\InprocServer32 -> C:\Program Files (x86)\Power Automate Desktop\RDP\DVCPlugin\x64\Microsoft.Flow.RPA.Desktop.UIAutomation.RDP.DVC.Plugin.dll (Microsoft Corporation -> )
CustomCLSID: HKU\S-1-5-21-2782327805-1913230689-3329431176-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> nordvpn S.A.)
CustomCLSID: HKU\S-1-5-21-2782327805-1913230689-3329431176-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\danie\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-01-19] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-02-14] (Notepad++ -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-01-19] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-04-02] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-01-19] (Igor Pavlov) [Datei ist nicht signiert]
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Drivers32: [vidc.spv1] => C:\Users\danie\AppData\Local\Learnpulse\Screenpresso\ScreenpressoCodec.dll [167656 2025-03-23] (Learnpulse -> LearnPulse)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\danie\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\134.0.3124.93\Default\Web Applications\_crx__jgoomiglbcliighmnknenfipggebiili\Microsoft Planner.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jgoomiglbcliighmnknenfipggebiili --app-url=hxxps://tasks.office.com/xxx.de/de-DE/Home/Planner/#/plantaskboard?groupId=15e4b2a6-7655-4aed-9a29-243dd9d1d069&planId=IqfTtLSD50SLo8SMh6RVbJgAFTQY --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\134.0.3124.93\Default\Web Applications\_crx__hnpfjngllnobngcgfapefoaidbinmjnm\WhatsApp.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hnpfjngllnobngcgfapefoaidbinmjnm --app-url=hxxps://web.whatsapp.com/ --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\134.0.3124.93\Default\Web Applications\_crx__fpjoaiceicpnfiddgfkjpieodmhjjfib\Bestellungen.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=fpjoaiceicpnfiddgfkjpieodmhjjfib --app-url=hxxps://xxx.sharepoint.com/sites/Bestellungen/Lists/Bestelldaten%20aus%20Forms/AllItems.aspx --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\134.0.3124.93\Default\Web Applications\_crx__epkicjbmamoadhhjkgdldilfmhdlfiog\Microsoft Planner.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=epkicjbmamoadhhjkgdldilfmhdlfiog --app-url=hxxps://tasks.office.com/xxx.de/de-DE/Home/Planner/#/plantaskboard?groupId=15e4b2a6-7655-4aed-9a29-243dd9d1d069&planId=IqfTtLSD50SLo8SMh6RVbJgAFTQY --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\134.0.3124.93\Default\Web Applications\_crx__eilembjdkfgodjkcjnpgpaenohkicgjd\Google Keep.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd --app-url=hxxps://keep.google.com/?usp=installed_webapp --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\134.0.3124.93\Default\Web Applications\_crx__dkkcmgmapfpcffhappfkncdglmfddafe\Kundenbestellungen Sharepoint – Power BI.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dkkcmgmapfpcffhappfkncdglmfddafe --app-url=hxxps://app.powerbi.com/groups/me/reports/47edc608-3497-449e-9bc2-4e8aa4492aa8/ReportSection?experience=power-bi --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\134.0.3124.93\Default\Web Applications\_crx__dimbdkclfnjpjdpbffpfhgajocegfmng\allango.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dimbdkclfnjpjdpbffpfhgajocegfmng --app-url=hxxps://www.allango.net/ --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\133.0.3065.92\Default\Web Applications\_crx__jgoomiglbcliighmnknenfipggebiili\Microsoft Planner.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jgoomiglbcliighmnknenfipggebiili --app-url=hxxps://tasks.office.com/xxx.de/de-DE/Home/Planner/#/plantaskboard?groupId=15e4b2a6-7655-4aed-9a29-243dd9d1d069&planId=IqfTtLSD50SLo8SMh6RVbJgAFTQY --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\133.0.3065.92\Default\Web Applications\_crx__hnpfjngllnobngcgfapefoaidbinmjnm\WhatsApp.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hnpfjngllnobngcgfapefoaidbinmjnm --app-url=hxxps://web.whatsapp.com/ --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\133.0.3065.92\Default\Web Applications\_crx__fpjoaiceicpnfiddgfkjpieodmhjjfib\Bestellungen.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=fpjoaiceicpnfiddgfkjpieodmhjjfib --app-url=hxxps://xxx.sharepoint.com/sites/Bestellungen/Lists/Bestelldaten%20aus%20Forms/AllItems.aspx --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\133.0.3065.92\Default\Web Applications\_crx__epkicjbmamoadhhjkgdldilfmhdlfiog\Microsoft Planner.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=epkicjbmamoadhhjkgdldilfmhdlfiog --app-url=hxxps://tasks.office.com/xxx.de/de-DE/Home/Planner/#/plantaskboard?groupId=15e4b2a6-7655-4aed-9a29-243dd9d1d069&planId=IqfTtLSD50SLo8SMh6RVbJgAFTQY --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\133.0.3065.92\Default\Web Applications\_crx__eilembjdkfgodjkcjnpgpaenohkicgjd\Google Keep.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd --app-url=hxxps://keep.google.com/?usp=installed_webapp --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\133.0.3065.92\Default\Web Applications\_crx__dkkcmgmapfpcffhappfkncdglmfddafe\Kundenbestellungen Sharepoint – Power BI.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dkkcmgmapfpcffhappfkncdglmfddafe --app-url=hxxps://app.powerbi.com/groups/me/reports/47edc608-3497-449e-9bc2-4e8aa4492aa8/ReportSection?experience=power-bi --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\133.0.3065.92\Default\Web Applications\_crx__dimbdkclfnjpjdpbffpfhgajocegfmng\allango.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dimbdkclfnjpjdpbffpfhgajocegfmng --app-url=hxxps://www.allango.net/ --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\132.0.2957.140\Default\Web Applications\_crx__jgoomiglbcliighmnknenfipggebiili\Microsoft Planner.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jgoomiglbcliighmnknenfipggebiili --app-url=hxxps://tasks.office.com/xxx/de-DE/Home/Planner/#/plantaskboard?groupId=15e4b2a6-7655-4aed-9a29-243dd9d1d069&planId=IqfTtLSD50SLo8SMh6RVbJgAFTQY --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\132.0.2957.140\Default\Web Applications\_crx__hnpfjngllnobngcgfapefoaidbinmjnm\WhatsApp.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hnpfjngllnobngcgfapefoaidbinmjnm --app-url=hxxps://web.whatsapp.com/ --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\132.0.2957.140\Default\Web Applications\_crx__fpjoaiceicpnfiddgfkjpieodmhjjfib\Bestellungen.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=fpjoaiceicpnfiddgfkjpieodmhjjfib --app-url=hxxps://xxx.sharepoint.com/sites/Bestellungen/Lists/Bestelldaten%20aus%20Forms/AllItems.aspx --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\132.0.2957.140\Default\Web Applications\_crx__epkicjbmamoadhhjkgdldilfmhdlfiog\Microsoft Planner.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=epkicjbmamoadhhjkgdldilfmhdlfiog --app-url=hxxps://tasks.office.com/xxx.de/de-DE/Home/Planner/#/plantaskboard?groupId=15e4b2a6-7655-4aed-9a29-243dd9d1d069&planId=IqfTtLSD50SLo8SMh6RVbJgAFTQY --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\132.0.2957.140\Default\Web Applications\_crx__eilembjdkfgodjkcjnpgpaenohkicgjd\Google Keep.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd --app-url=hxxps://keep.google.com/?usp=installed_webapp --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\132.0.2957.140\Default\Web Applications\_crx__dkkcmgmapfpcffhappfkncdglmfddafe\Kundenbestellungen Sharepoint – Power BI.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dkkcmgmapfpcffhappfkncdglmfddafe --app-url=hxxps://app.powerbi.com/groups/me/reports/47edc608-3497-449e-9bc2-4e8aa4492aa8/ReportSection?experience=power-bi --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Snapshots\132.0.2957.140\Default\Web Applications\_crx__dimbdkclfnjpjdpbffpfhgajocegfmng\allango.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dimbdkclfnjpjdpbffpfhgajocegfmng --app-url=hxxps://www.allango.net/ --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__jgoomiglbcliighmnknenfipggebiili\Microsoft Planner.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jgoomiglbcliighmnknenfipggebiili --app-url=hxxps://tasks.office.com/xxx.de/de-DE/Home/Planner/#/plantaskboard?groupId=15e4b2a6-7655-4aed-9a29-243dd9d1d069&planId=IqfTtLSD50SLo8SMh6RVbJgAFTQY --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__hnpfjngllnobngcgfapefoaidbinmjnm\WhatsApp.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hnpfjngllnobngcgfapefoaidbinmjnm --app-url=hxxps://web.whatsapp.com/ --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__fpjoaiceicpnfiddgfkjpieodmhjjfib\Bestellungen.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=fpjoaiceicpnfiddgfkjpieodmhjjfib --app-url=hxxps://xxx.sharepoint.com/sites/Bestellungen/Lists/Bestelldaten%20aus%20Forms/AllItems.aspx --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__epkicjbmamoadhhjkgdldilfmhdlfiog\Microsoft Planner.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=epkicjbmamoadhhjkgdldilfmhdlfiog --app-url=hxxps://tasks.office.com/xxx.de/de-DE/Home/Planner/#/plantaskboard?groupId=15e4b2a6-7655-4aed-9a29-243dd9d1d069&planId=IqfTtLSD50SLo8SMh6RVbJgAFTQY --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__eilembjdkfgodjkcjnpgpaenohkicgjd\Google Keep.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd --app-url=hxxps://keep.google.com/?usp=installed_webapp --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__dkkcmgmapfpcffhappfkncdglmfddafe\Kundenbestellungen Sharepoint – Power BI.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dkkcmgmapfpcffhappfkncdglmfddafe --app-url=hxxps://app.powerbi.com/groups/me/reports/47edc608-3497-449e-9bc2-4e8aa4492aa8/ReportSection?experience=power-bi --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__dimbdkclfnjpjdpbffpfhgajocegfmng\allango.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dimbdkclfnjpjdpbffpfhgajocegfmng --app-url=hxxps://www.allango.net/ --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Kundenbestellungen Sharepoint – Power BI.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dkkcmgmapfpcffhappfkncdglmfddafe --app-url=hxxps://app.powerbi.com/groups/me/reports/47edc608-3497-449e-9bc2-4e8aa4492aa8/ReportSection?experience=power-bi --app-launch-source=4
ShortcutWithArgument: C:\Users\danie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Planner.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=epkicjbmamoadhhjkgdldilfmhdlfiog --app-url=hxxps://tasks.office.com/xxx.de/de-DE/Home/Planner/#/plantaskboard?groupId=15e4b2a6-7655-4aed-9a29-243dd9d1d069&planId=IqfTtLSD50SLo8SMh6RVbJgAFTQY --app-launch-source=4
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-07-08 18:42 - 2020-07-08 18:42 - 000477696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2020-07-08 18:42 - 2020-07-08 18:42 - 000471040 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2020-07-14 18:16 - 2020-07-14 18:16 - 000454656 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2025-01-17 14:20 - 2025-01-17 14:20 - 001315328 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct6\resources\app.asar.unpacked\node_modules\@gnaudio\jabra-node-sdk\Release\sdkintegration.node
2025-01-17 14:20 - 2025-01-17 14:20 - 000687616 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct6\resources\app.asar.unpacked\node_modules\panacastapi\Release\panacastapi.node
2021-02-20 08:38 - 2019-12-23 19:51 - 000093184 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2020-04-22 16:35 - 2020-04-22 16:35 - 000081920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2021-02-20 10:36 - 2009-02-27 17:38 - 000139264 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2021-02-20 10:36 - 2013-04-05 14:23 - 000954880 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrImgProc.dll
2025-01-17 14:18 - 2025-01-17 14:18 - 002380800 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct6\ffmpeg.dll
2025-01-17 14:18 - 2025-01-17 14:18 - 000379904 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct6\libegl.dll
2025-01-17 14:18 - 2025-01-17 14:18 - 007014400 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct6\libglesv2.dll
2025-01-17 14:18 - 2025-01-17 14:18 - 004815872 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct6\vk_swiftshader.dll
2025-04-02 19:30 - 2025-03-13 14:49 - 000082432 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MailStore\MailStore Server\Firebird4_x64\plugins\DBCRYPT.DLL
2021-02-20 10:36 - 2005-04-22 06:36 - 000143360 _____ () [Datei ist nicht signiert] C:\Windows\system32\BrSNMP64.dll
2023-12-29 16:05 - 2025-04-09 08:42 - 000044800 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\4.02.32\PEbiosinterface32.dll
2021-02-20 08:38 - 2020-12-31 18:26 - 002676224 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll
2021-02-20 10:36 - 2012-07-13 14:09 - 000385024 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrMonitor.dll
2021-02-20 10:36 - 2010-09-29 18:07 - 000180224 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BroSNMP.dll
2021-02-20 10:36 - 2011-02-28 12:32 - 000208896 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2021-02-20 10:36 - 2012-11-29 20:04 - 002040832 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2021-02-20 10:36 - 2013-04-05 14:24 - 000137728 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2021-02-20 10:36 - 2012-12-21 13:31 - 000078848 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2021-02-20 10:36 - 2013-04-05 14:23 - 000104960 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcFcnv.dll
2021-02-20 10:36 - 2012-12-21 13:31 - 017666560 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2021-02-20 10:36 - 2013-01-18 15:30 - 000081408 ____N (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcLGer.dll
2021-02-20 10:36 - 2013-04-05 14:24 - 000078848 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcSmon.dll
2021-02-20 10:36 - 2012-10-19 14:02 - 000087040 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Windows\system32\BrNetSti.dll
2021-02-20 10:36 - 2012-09-14 09:53 - 000241664 ____R (Brother Industries,LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrImageConversion.dll
2021-02-20 10:36 - 2012-09-14 09:53 - 000098304 ____R (Brother Industries,LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrImgPdf.dll
2021-02-20 10:36 - 2012-09-14 09:53 - 000118784 ____R (Brother Industries,LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\brTPGSplash.dll
2025-04-02 19:30 - 2025-03-13 14:49 - 002045952 _____ (Firebird Project) [Datei ist nicht signiert] C:\Program Files (x86)\MailStore\MailStore Server\Firebird4_x64\fbclient.dll
2025-04-02 19:30 - 2025-03-13 14:49 - 000012288 _____ (Firebird Project) [Datei ist nicht signiert] C:\Program Files (x86)\MailStore\MailStore Server\Firebird4_x64\ib_util.DLL
2025-04-02 19:30 - 2025-03-13 14:49 - 001111040 _____ (Firebird Project) [Datei ist nicht signiert] C:\Program Files (x86)\MailStore\MailStore Server\Firebird4_x64\intl\fbintl.DLL
2025-04-02 19:30 - 2025-03-13 14:49 - 008055808 _____ (Firebird Project) [Datei ist nicht signiert] C:\Program Files (x86)\MailStore\MailStore Server\Firebird4_x64\plugins\Engine13.DLL
2025-04-07 16:03 - 2025-04-07 16:03 - 000024576 _____ (Haufe-Lexware GmbH & Co. KG) [Datei ist nicht signiert] [Datei wird verwendet] C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\.net\Lexware.Faktura.WebApps.WebAppsHost\Ti5gD9R46J1TcXpF0b12jnCOmJXVjZc=\Lexware.Faktura.WebApps.WebAppsHost.dll
2025-04-07 16:02 - 2025-04-07 16:02 - 000825344 _____ (Haufe-Lexware GmbH & Co. KG) [Datei ist nicht signiert] [Datei wird verwendet] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\.net\Lexware.Faktura.Api.HotChocolateHost\cpyT2hfLTVkhqIqCoi4oHQRTvzLvcLs=\Lexware.Faktura.Api.HotChocolateHost.dll
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\Windows\System32\hptcpmib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\Windows\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\Windows\System32\hpzjrd01.dll
2022-10-19 13:45 - 2012-01-27 17:37 - 000342016 _____ (Hewlett-Packard Corporation) [Datei ist nicht signiert] C:\Windows\system32\spool\PRTPROCS\x64\hpcpp120.DLL
2021-02-20 09:24 - 2021-01-19 17:00 - 000077312 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Windows\System32\HPTcpMUI.dll
2021-02-20 08:05 - 2024-12-12 14:03 - 001286144 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Windows\system32\spool\DRIVERS\x64\3\PS5UI.DLL
2021-02-20 12:03 - 2021-02-20 12:03 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2021-02-20 12:03 - 2021-02-20 12:03 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-02-20 12:03 - 2021-02-20 12:03 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Client\C2R64.dll
2021-02-20 12:03 - 2021-02-20 12:03 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2025-04-07 16:03 - 2025-04-07 16:03 - 000946688 _____ (NLog) [Datei ist nicht signiert] [Datei wird verwendet] C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\.net\Lexware.Faktura.WebApps.WebAppsHost\Ti5gD9R46J1TcXpF0b12jnCOmJXVjZc=\NLog.dll
2025-04-07 16:03 - 2025-04-07 16:03 - 000066048 _____ (NLog) [Datei ist nicht signiert] [Datei wird verwendet] C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\.net\Lexware.Faktura.WebApps.WebAppsHost\Ti5gD9R46J1TcXpF0b12jnCOmJXVjZc=\NLog.Extensions.Logging.dll
2025-04-02 19:30 - 2025-03-13 14:49 - 000003072 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\MailStore\MailStore Server\Firebird4_x64\icudt63.dll
2025-04-02 19:30 - 2025-03-13 14:49 - 002386432 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\MailStore\MailStore Server\Firebird4_x64\icuin63.dll
2025-04-02 19:30 - 2025-03-13 14:49 - 001598976 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\MailStore\MailStore Server\Firebird4_x64\icuuc63.dll
2021-02-20 08:38 - 2019-06-26 17:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2021-02-20 08:38 - 2019-06-26 17:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2021-02-20 13:16 - 2020-06-17 11:01 - 002293248 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\2BrightSparks\SyncBackPro\libeay32.dll
2021-02-20 13:16 - 2020-06-17 11:01 - 000386560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\2BrightSparks\SyncBackPro\ssleay32.dll
2019-12-17 14:20 - 2019-12-17 14:20 - 000246784 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files\ASUS\AURA lighting effect add-on x64\bass.dll
2020-03-31 13:26 - 2020-03-31 13:26 - 000027136 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files\ASUS\AURA lighting effect add-on x64\basswasapi.DLL
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2025-04-10] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2025-04-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\sharepoint.com -> hxxps://xxx-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 11:14 - 2024-07-09 16:33 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\mpirt;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\SQL Anywhere 17\Bin32\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\PuTTY\;C:\Program Files\dotnet\;C:\Program Files\WireGuard\;C:\Program Files\PowerShell\7\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\PowerShell\7-preview\preview
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\danie\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\23--neue--jerks---staffel-wird--tiefschwarz----3-2---spoton-article-1004462.jpg
HKU\S-1-5-80-3017052307-2994996872-1615411526-3164924635-3391446484\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
Network Binding:
=============
WLAN: ASUS PCE-N15 11n Wireless LAN PCI-E Card -> rtwlane_13.sys
LAN-Verbindung: TAP-NordVPN Windows Adapter V9 -> tapnordvpn.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
OpenVPN Data Channel Offload for NordVPN: OpenVPN Data Channel Offload -> ovpn-dco.sys
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
NordLwf: NordVPN LightWeight Firewall
vflt: Shrew Soft Lightweight Filter
avm_nwim: AVM VPN NDIS 6 Driver
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AnyDesk => 2
MSCONFIG\Services: DevoloNetworkService => 2
MSCONFIG\Services: HPPrintScanDoctorService => 2
MSCONFIG\Services: iked => 2
MSCONFIG\Services: ipsecd => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\StartupApproved\StartupFolder: => "On-premises data gateway (personal mode).lnk"
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\StartupApproved\Run: => "CanvaAutoLaunchAvailabilityCheckAgent"
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_E0359248083FDB44B7852C7D3585D0D2"
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\StartupApproved\Run: => "Zoom"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{38FC1112-DAC0-494F-957F-0B896748DA71}C:\program files (x86)\asus\armourydevice\asus_framework.exe] => (Allow) C:\program files (x86)\asus\armourydevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [UDP Query User{49FDC944-5530-4FCC-A4DB-96C3A1258B74}C:\program files (x86)\asus\armourydevice\asus_framework.exe] => (Allow) C:\program files (x86)\asus\armourydevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [TCP Query User{590CC9A5-7B15-4A92-920F-CC754959C003}C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe] => (Allow) C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [UDP Query User{B13725E7-2205-4B35-8A48-A657F4803074}C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe] => (Allow) C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [TCP Query User{388E9349-078F-4CC7-9A31-75030F1CF9DC}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{E3461618-D548-4E35-BEC4-2A3D54FB54EB}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{98CF3059-8F3E-4B54-BEAC-9D4B74AC61FF}C:\program files\compuköln dokument management gmbh\compusme\compudms.exe] => (Allow) C:\program files\compuköln dokument management gmbh\compusme\compudms.exe (Compu Köln Dokument Management GmbH -> CompuKöln Dokument Management GmbH)
FirewallRules: [UDP Query User{946FD216-DAA2-4332-8BB8-E2B8E08DA0E9}C:\program files\compuköln dokument management gmbh\compusme\compudms.exe] => (Allow) C:\program files\compuköln dokument management gmbh\compusme\compudms.exe (Compu Köln Dokument Management GmbH -> CompuKöln Dokument Management GmbH)
FirewallRules: [TCP Query User{43B8370E-A52D-4908-B913-7F35EEBE367C}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{08ED3BAA-A1E9-407F-AE4A-C1EE953A133B}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{65D26214-CBB5-4022-AE32-F4DCDD13FE8E}C:\program files\compuköln dokument management gmbh\compusme\compudms.exe] => (Allow) C:\program files\compuköln dokument management gmbh\compusme\compudms.exe (Compu Köln Dokument Management GmbH -> CompuKöln Dokument Management GmbH)
FirewallRules: [UDP Query User{ACD27054-D8FA-4751-9C9E-CFD209730372}C:\program files\compuköln dokument management gmbh\compusme\compudms.exe] => (Allow) C:\program files\compuköln dokument management gmbh\compusme\compudms.exe (Compu Köln Dokument Management GmbH -> CompuKöln Dokument Management GmbH)
FirewallRules: [{82F1C8F6-3D83-4D74-B252-7DEA313CA11D}] => (Allow) C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd)
FirewallRules: [TCP Query User{9A3A4FD6-1894-4544-981F-1E32AF22057E}C:\program files\ausweisapp2\ausweisapp2.exe] => (Allow) C:\program files\ausweisapp2\ausweisapp2.exe => Keine Datei
FirewallRules: [UDP Query User{574AD586-7C7A-4F28-8BB2-E27A79D4FF5B}C:\program files\ausweisapp2\ausweisapp2.exe] => (Allow) C:\program files\ausweisapp2\ausweisapp2.exe => Keine Datei
FirewallRules: [{DCE72BBA-2F4B-4948-BE4B-9A77A881DADE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B6FCAF46-D4C2-4F0D-A7B9-E4A23D9A5878}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2663FF5D-0C62-484A-BF45-68BBB27791FE}C:\program files\windowsapps\appleinc.itunes_12132.3.2017.0_x64__nzyj5cx40ttqa\itunes.exe] => (Allow) C:\program files\windowsapps\appleinc.itunes_12132.3.2017.0_x64__nzyj5cx40ttqa\itunes.exe => Keine Datei
FirewallRules: [UDP Query User{DE8F6FE5-5E16-469A-83DC-6052EE2A0CFA}C:\program files\windowsapps\appleinc.itunes_12132.3.2017.0_x64__nzyj5cx40ttqa\itunes.exe] => (Allow) C:\program files\windowsapps\appleinc.itunes_12132.3.2017.0_x64__nzyj5cx40ttqa\itunes.exe => Keine Datei
FirewallRules: [{A6DF1871-DCFF-4638-9993-E3CBD9B5D392}] => (Allow) C:\Users\danie\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
FirewallRules: [{74C7C6C2-36F9-491B-B1AE-4DA7A44B81CA}] => (Allow) C:\Users\danie\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1B8D0962-D2B7-48FF-B83F-9F8CA41FA70B}] => (Allow) C:\Users\danie\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{84A6CBDA-0223-44D8-AEAB-1B6C7E59C565}C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe] => (Allow) C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [UDP Query User{502F70A0-B95A-4C2F-A282-D14CA0C98E14}C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe] => (Allow) C:\program files (x86)\asus\armourydevice\dll\armourysocketserver\armourysocketserver.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [TCP Query User{E99DE01B-0E90-4D3C-AD0A-502A065F65A4}D:\xampp\filezillaftp\filezillaserver.exe] => (Allow) D:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{DDB44419-6455-4D26-8F84-6AF336DEB638}D:\xampp\filezillaftp\filezillaserver.exe] => (Allow) D:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F8F2757D-8996-46BB-A03F-A640AA38E3E5}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{510310BD-9ACC-4534-B1C1-FD3A452740BC}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{398537A0-8EF8-41AB-AB9F-DF457F6BE801}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{FC8EFD31-0886-4015-B472-59C3EDC0C1AB}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [{321FEFDB-FCD4-4F29-A23F-1EB8A761CD7E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{813441F8-112C-4027-91CB-0CA6B1C8FD44}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D4EB79E3-E8CB-4ABE-92C5-BD70B408DADF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{EAC6BBFB-C4FE-4FD1-A651-071DD9CE40DD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{9CC52663-D860-487C-B3AF-C485098F78D8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{125B090F-1400-436B-AEC3-81FF6B60D326}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{17CAA474-9D49-4A4E-9118-C945C7F75C4B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{6F4CFB5B-ED78-4CB2-8DDA-277275009AD9}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{2AC149EC-C55E-427C-838F-00781825FDBD}C:\program files\ausweisapp2\ausweisapp.exe] => (Allow) C:\program files\ausweisapp2\ausweisapp.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [UDP Query User{3F4DD684-91FB-4493-8C70-77CF6940F7E3}C:\program files\ausweisapp2\ausweisapp.exe] => (Allow) C:\program files\ausweisapp2\ausweisapp.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [TCP Query User{ADCD454A-8578-4889-A4CB-6102FEC22A1B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{0D578D87-F173-4010-8080-80B46455BC76}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{023D6DA9-5E1E-4EAE-9222-09FC37995B8C}] => (Allow) LPort=5353
FirewallRules: [{C01111D6-C5C3-41EB-A7E5-0D755CF3D2DE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.93\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF8BA3BF-8E21-4FD3-B2CF-8E0FBEE24DCE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FCFFFD56-06D3-47A3-8354-025BFE2BCDEE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03F78663-4474-4653-899D-9C0DF7C7F6AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3815FC1E-FCFB-4B4F-B5D5-0855273D7260}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{46989587-B431-48F9-A466-63D27AAF1E92}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{DC761E92-BB11-4306-B680-7B1F00B63077}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BFFAC383-826F-4D7D-AE17-73853F4302ED}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{5613498C-DA01-46EC-BBD8-AF32D85D6A18}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2EFE6B59-3925-4E62-9105-F6746FC7645B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E4B9F2B3-1ED2-475F-B714-B9F17C6EB393}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{569E999E-49BD-40AE-8BCC-C65254AF47B7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{ABCAFA62-3139-4FF1-9C83-AE3A57504787}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{48529337-4DA1-45A7-8FFE-96C025AA379B}] => (Allow) C:\Program Files (x86)\MailStore\MailStore Server\MailStoreServer_x64.exe (Open Text Corporation -> MailStore Software GmbH)
FirewallRules: [{29D014D8-3C2B-4540-9D6D-239E9015168F}] => (Allow) LPort=8462
FirewallRules: [TCP Query User{F7295CBF-B78C-4F4D-AE20-4F8047C4389F}C:\users\danie\appdata\local\temp\jivexviewer\jre\bin\jivex dicom cd viewer] => (Allow) C:\users\danie\appdata\local\temp\jivexviewer\jre\bin\jivex dicom cd viewer => Keine Datei
FirewallRules: [UDP Query User{852E1A59-DB4F-401E-86D7-9CBCCED1A3FF}C:\users\danie\appdata\local\temp\jivexviewer\jre\bin\jivex dicom cd viewer] => (Allow) C:\users\danie\appdata\local\temp\jivexviewer\jre\bin\jivex dicom cd viewer => Keine Datei
FirewallRules: [{A3392F19-DAB8-4B02-8DE1-8093F4422871}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A86DE2E1-712D-4D74-8988-E5796E0420CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26E0E303-C196-4520-9B98-DF42F0B0CFD1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{760D6D33-657E-4C7F-ACD3-0290F07EF3A9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ADD41423-0C72-4264-89C4-854E56E1E3E3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7CF1A15-404A-4871-B4AD-669EBA98D2C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BE4EEC83-4D47-4704-95DF-A0AF89C0AC75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6E78E02D-A77D-4186-BBD3-9BF57DB29AAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D9BA92A3-C904-4C8B-A88E-CEC3EFA2E880}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{61BB3579-955D-4923-950F-DE62E8133A58}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A3A43E8B-1506-43C8-A83E-C10892914088}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D1D1C8C3-A8A9-4BB0-AEE4-9B1DAB9C36C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8C0AEBC3-C07E-4607-BE3D-334C091D11C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{981F2A2D-B13A-4D86-8BF7-626D9FA14E35}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{223AE874-23E9-404B-A7BE-4B75A75F7C90}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{38107078-834D-4BE3-AA90-1F4AB8F08BC8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{71A6F455-248F-4B53-AED1-4E2FDC52E974}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5DA0046-1317-4892-BF64-E2D4629F2520}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{554F55DC-A7D4-4433-84FE-4C84AADA9979}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (04/21/2025 09:01:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm msedge.exe Version 135.0.3179.73 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 9bd4
Startzeit: 01dbae185f0e2911
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Bericht-ID: bd3b4774-8bc0-4c03-9b00-3861962c88c8
Vollständiger Name des fehlerhaften Pakets:
Relative Anwendungs-ID des fehlerhaften Pakets:
Absturztyp: Top level window is idle
Error: (04/20/2025 10:04:06 PM) (Source: MailStoreServer Lock Monitor) (EventID: 0) (User: )
Description: GetJobs waiting 15014ms timed out
XLock Name: Master
Locks currently held:
[0] StoreMaintainFileSystemDatabases <exclusive> held 241485ms
Queue:
[0] ProfileList waiting 1683ms
Error: (04/20/2025 10:04:02 PM) (Source: MailStoreServer Lock Monitor) (EventID: 0) (User: )
Description: ProfileList waiting 15013ms timed out
XLock Name: Master
Locks currently held:
[0] StoreMaintainFileSystemDatabases <exclusive> held 237289ms
Queue:
[0] GetJobs waiting 10819ms
Error: (04/20/2025 10:03:46 PM) (Source: MailStoreServer Lock Monitor) (EventID: 0) (User: )
Description: GetJobs waiting 15021ms timed out
XLock Name: Master
Locks currently held:
[0] StoreMaintainFileSystemDatabases <exclusive> held 221456ms
Error: (04/20/2025 10:03:45 PM) (Source: MailStoreServer Lock Monitor) (EventID: 0) (User: )
Description: ProfileList waiting 15016ms timed out
XLock Name: Master
Locks currently held:
[0] StoreMaintainFileSystemDatabases <exclusive> held 219771ms
Queue:
[0] GetJobs waiting 13337ms
Error: (04/20/2025 10:03:27 PM) (Source: MailStoreServer Lock Monitor) (EventID: 0) (User: )
Description: ProfileList waiting 15006ms timed out
XLock Name: Master
Locks currently held:
[0] StoreMaintainFileSystemDatabases <exclusive> held 202241ms
Error: (04/20/2025 10:03:26 PM) (Source: MailStoreServer Lock Monitor) (EventID: 0) (User: )
Description: GetJobs waiting 15023ms timed out
XLock Name: Master
Locks currently held:
[0] StoreMaintainFileSystemDatabases <exclusive> held 201423ms
Queue:
[0] ProfileList waiting 14188ms
Error: (04/20/2025 10:03:10 PM) (Source: MailStoreServer Lock Monitor) (EventID: 0) (User: )
Description: ProfileList waiting 15011ms timed out
XLock Name: Master
Locks currently held:
[0] StoreMaintainFileSystemDatabases <exclusive> held 184735ms
Queue:
[0] HeartbeatMaybeDeleteRecentWorkerResults <exclusive> waiting 306ms
Systemfehler:
=============
Error: (04/21/2025 09:10:23 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DANIEL-G-ASUS)
Description: 0x8000002a29\??\C:\FRST\p7Xz7Rh4\SOFTWARE
Error: (04/21/2025 08:47:11 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Das Secure Boot-Update konnte eine Secure Boot-Variable mit dem Fehler (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.) nicht aktualisieren. Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/21/2025 06:36:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop
Error: (04/20/2025 08:47:11 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Das Secure Boot-Update konnte eine Secure Boot-Variable mit dem Fehler (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.) nicht aktualisieren. Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/20/2025 02:35:40 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (04/20/2025 10:30:45 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "Z:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (04/20/2025 10:30:45 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "Y:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (04/20/2025 10:30:44 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "W:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Windows Defender:
================
Date: 2025-04-21 06:45:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-20 06:45:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-19 06:44:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-18 06:44:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-16 06:44:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 1801 01/12/2021
Hauptplatine: ASUSTeK COMPUTER INC. PRIME B550M-K
Prozessor: AMD Ryzen 3 3100 4-Core Processor
Prozentuale Nutzung des RAM: 82%
Installierter physikalischer RAM: 16299.68 MB
Verfügbarer physikalischer RAM: 2775.34 MB
Summe virtueller Speicher: 37303.75 MB
Verfügbarer virtueller Speicher: 11063.96 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.1 GB) (Free:10.48 GB) (Model: Samsung SSD 860 EVO M.2 250GB) NTFS
Drive d: (Daten) (Fixed) (Total:3726.01 GB) (Free:1405.55 GB) (Model: ST4000DM004-2CV104) NTFS
Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:9.96 GB) (Model: ST4000DM004-2CV104) FAT32
Drive l: () (Fixed) (Total:1 GB) (Free:0.98 GB) (Model: ST4000DM004-2CV104) NTFS
Drive o: () (Fixed) (Total:1862.98 GB) (Free:12.32 GB) (Model: ST4000DM004-2CV104) NTFS
Drive t: (Mailstore Backup) (Fixed) (Total:74.5 GB) (Free:37.1 GB) (Model: WD FILEIO SCSI Disk Device) NTFS
Drive u: () (Fixed) (Total:4657.48 GB) (Free:0.14 GB) (Model: ST4000DM004-2CV104) exFAT
\\?\Volume{0a2a5949-8e94-427c-97b9-526e3fadf83e}\ () (Fixed) (Total:0.66 GB) (Free:0.13 GB) NTFS
\\?\Volume{bc3d5ff5-0594-4ca2-a745-5eda20fd080f}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{a98d3bc3-0000-0000-0000-100000000000}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{2121a34e-0000-0000-0000-100000000000}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{3a1f04da-0000-0000-007e-000000000000}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{2fa141fb-0000-0000-0000-100000000000}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{0022bbee-0000-0000-0000-100000000000}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{202a3d5c-3d2a-4e41-b480-c04ecebc21e6}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{2531bd50-a699-4608-a41d-8954d9004d94}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{0004f4e5-0000-0000-007e-000000000000}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{fb86c103-7046-42c0-8c4a-533f3c33b7e2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{fb6ca1ea-742d-11eb-9df9-f02f74300e86}\ () () (Total:0 GB) (Free:0 GB)
\\?\Volume{3159e11f-08a6-11ec-9e2e-00e04cb4db03}\ () () (Total:0 GB) (Free:0 GB)
\\?\Volume{fb6ca1ac-742d-11eb-9df9-f02f74300e86}\ () () (Total:0 GB) (Free:0 GB)
\\?\Volume{fb6ca1da-742d-11eb-9df9-f02f74300e86}\ () () (Total:0 GB) (Free:0 GB)
\\?\Volume{fb6ca1c0-742d-11eb-9df9-f02f74300e86}\ () () (Total:0 GB) (Free:0 GB)
\\?\Volume{fb6ca1e4-742d-11eb-9df9-f02f74300e86}\ () () (Total:0 GB) (Free:0 GB)
\\?\Volume{fb6ca1e0-742d-11eb-9df9-f02f74300e86}\ () () (Total:0 GB) (Free:0 GB)
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 44CF015F)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.
==========================================================
Disk: 6 (Size: 1863 GB) (Disk ID: 3A1F04DA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 7.
==========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0022BBEE)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 11 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 3A7F3856)
Partition 1: (Not Active) - (Size=74.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 12 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 0004F4E5)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
Gestern, 16:12
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Umleitung bei Suche im EdgeZitat:
Ist das ein gewerblich genutztes System? Wieso läuft dieses System noch mit Windows 10? Windows 10 ist in einem halben Jahr EOL und bekommt dann keine Updates mehr. (nur gegen sehr viel Extrakohle)
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
Gestern, 16:51
| #5 |
| | Windows 10: Umleitung bei Suche im Edge Ich hatte mir vor Jahren eine Pro Lizenz gekauft, weil ich per Remote Desktop auf meinen PC kommen wollte. Das ging zumindest damals nicht mit der Home Version. Das ist kein beruflicher PC, aber ich unterstütze meine Frau bei ihrer Selbstständigkeit. Deshalb ist auch ein Buchhaltungsprogramm drauf. Ich hoffe, es ist ok. Es handelt sich um meinen eigenen Rechner. Leider läuft immer noch Windows 10, weil ich jedes mal, wenn ich auf 11 updaten möchte, am Ende des Prozesses einen Bluescreen bekomme. Vielleicht liegt das an einem Treiber, aber ich habe das bislang noch nicht rausfinden können und weiß auch nicht, wo ich ansetzen soll. Wenn ich es nicht hinbekomme, werde ich mir beim EOL sonst einen neuen Rechner holen müssen. |
|
Gestern, 17:12
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Umleitung bei Suche im Edge Ok, danke für die Erläuterung. Einen neuen PC brauchst du nicht. Zumindest nicht, wenn die Hardware i.O. ist, deine CPU (AMD Ryzen 3100) ist auch offiziell mit Windows 11 kompatibel. Es kann aber sein, dass du eine Neuinstallation machen musst. Nicht immer klappt eine Aktualisierung von 10 auf 11. adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ --> Windows 10: Umleitung bei Suche im Edge |
|
Gestern, 17:26
| #7 |
| | Windows 10: Umleitung bei Suche im Edge Danke, auch für den Hinweis mit der Neuinstallation. Stimmt natürlich, ist immer noch leichter und billiger als ein neuer PC. Hier das LOG, das Programm ist vom meiner Kamera, habe ich behalten. Nachdem ich jetzt Edge wieder geöffnet habe, ist komischerweise die Umleitung auch weg. Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.5.1.601
# -------------------------------
# Build: 03-26-2025
# Database: 2025-04-04.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-21-2025
# Duration: 00:00:10
# OS: Windows 10 (Build 19045.5737)
# Scanned: 32102
# Detected: 5
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.SonyPlayMemoriesHome File C:\Users\Public\Desktop\PlayMemories Home.lnk
Preinstalled.SonyPlayMemoriesHome Folder C:\Program Files (x86)\SONY\PLAYMEMORIES HOME
Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|PMBVolumeWatcher
Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|PMBVolumeWatcher
Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AEB04E0E-0A28-4014-A96A-282E43B7227B}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
|
|
Gestern, 17:58
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Umleitung bei Suche im Edge Bitte künftig Firefox als Standardbrowser nutzen. Google Chrome deinstallieren. Edge dann nur als Ausweichbrowser falls was im Firefox nicht geht., Es gibt aber KEINEN Grund zusätzlich auch noch Chrome drauf zu haben. Und einen Kontrollscan mit Malwarebytes bitte machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
Gestern, 18:57
| #9 |
| | Windows 10: Umleitung bei Suche im Edge Danke. Firefox ist jetzt Standardbrowser und chrome deinstalliert. Hier der Kontrollscan, scheint gut auszusehen: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 21.04.2025
Scan-Zeit: 19:41
Protokolldatei: ea9c9b5e-1ed7-11f0-9425-00e04cb4db03.json
-Softwaredaten-
Version: 5.2.11.183
Komponentenversion: 131.0.5227
Version des Aktualisierungspakets: 1.0.98277
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.5737)
CPU: x64
Dateisystem: NTFS
Benutzer: Daniel-G-ASUS\danie
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 278936
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 6 Min., 22 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
Gestern, 19:19
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Umleitung bei Suche im Edge Gut. Auch da nix zu sehen. Dann kannst das Update von Windows 10 auf 11 angehen. 1. Alle Daten sichern 2. aktuelle ISO-Datei von Windows 11 runterladen und wenn fertig per Doppelklick bereitstellen 3. setup.exe ausführen und Anweisungen befolgen, alle Daten und Einstellungen behalten Wenn das nicht geht bleibt nur eine komplette Neuinstallation übrig.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
Gestern, 19:26
| #11 |
| | Windows 10: Umleitung bei Suche im Edge Super, vielen Dank für die Hilfe! Dann werde ich mich an das Update machen, sobald die Zeit es zulässt. Danke! |
|
| Themen zu Windows 10: Umleitung bei Suche im Edge |
| computer, defender, desktop, firefox, google, help, home, internet, mozilla, performance, proxy, prozesse, realtek, registry, rundll, scan, schutz, security, server, services.exe, software, suchmaschine, svchost.exe, system, windows |
Linear-Darstellung
