Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2026 durchgeführt von MarianII (Administrator) auf CSL-MARIAN (CSL-Computer GmbH & Co. KG A0000001) (17-03-2026 22:00:15) Gestartet von C:\Users\MarianII\Desktop\FRST64.exe Geladene Profile: MarianII & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS Plattform: Microsoft Windows 11 Home Version 25H2 26200.8037 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Brave Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler.exe (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler64.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (DriverStore\FileRepository\u0198633.inf_amd64_f6ca42135bb94c90\B025777\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0198633.inf_amd64_f6ca42135bb94c90\B025777\atieclxx.exe (explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <25> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <2> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_2a2d80570dc9cadf\amdfendrsr.exe (services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0198633.inf_amd64_f6ca42135bb94c90\B025777\atiesrxx.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_e7cd8faef8863187\logi_lamparray_service.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlceip.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe (services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe (services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (services.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgc.exe (services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) G:\Program Files\Microvirt\MEmu\MemuService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files\Windscribe\WindscribeService.exe (svchost.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (svchost.exe ->) (Advanced Micro Devices -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4147608 2026-02-12] (Riot Games, Inc. -> Riot Games, Inc.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1086248 2020-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [107977528 2021-01-27] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation) HKLM\Software\Policies\...\system: [PublishUserActivities] 0 HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [WallpaperEngine] => D:\Programme\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe [4649456 2025-09-05] (Skutta Software GmbH -> ) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [DriverFix] => C:\Program Files (x86)\DriverFix\DriverFix.exe [25313536 2022-08-14] (Blueroad Technologies Limited -> DriverFix) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [24773784 2026-01-30] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [RiotClient] => G:\Riot Games\Riot Client\RiotClientServices.exe [75632792 2026-03-17] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3714720 2025-09-27] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\MarianII\AppData\Local\Microsoft\Teams\Update.exe [2591920 2024-02-19] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [Windscribe] => C:\Program Files\Windscribe\Windscribe.exe [8375656 2024-02-17] (Windscribe Limited -> Windscribe Limited) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3243584 2023-02-10] (Unified Intents AB -> Unified Intents AB) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [Spotify] => C:\Users\MarianII\AppData\Roaming\Spotify\Spotify.exe [2292608 2026-03-17] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [Discord] => C:\Users\MarianII\AppData\Local\Discord\Update.exe [1516408 2025-04-28] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41728984 2026-03-08] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [318288 2025-09-10] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-18\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [318288 2025-09-10] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) HKU\S-1-5-18\...\RunOnce: [StartRSX] => C:\Program Files\AMD\CNext\CNext\LauncherRSXRuntime.exe [73488 2026-02-18] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) HKLM\...\Windows x64\Print Processors\Canon MG5200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAE.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5200 series: C:\WINDOWS\system32\CNMLMAE.DLL [361472 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\Windows\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2020-03-15] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com)) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2019-04-18] (pdfforge GmbH) [Datei ist nicht signiert] HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> "C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe" --first-run HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\146.1.88.132\Installer\chrmstp.exe [2026-03-14] (Brave Software, Inc. -> Brave Software, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\Users\MarianII\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2024-10-23] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {245A0E10-870E-49A0-96A1-0632488DAB38} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.) Task: {23489934-E600-4428-BA62-941D44FF14F0} - System32\Tasks\AMD Install Manager - Check For Updates => C:\Program Files\AMD\AMDInstallManager\AMDInstallManager.exe [61153544 2026-01-08] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) -> C:\Program Files\AMD\AMDInstallManager\\-CheckForUpdates Task: {9CB2A0F0-2269-4606-8F03-06805C69C38C} - System32\Tasks\AMD Install Manager - Install Updates => C:\Program Files\AMD\AMDInstallManager\AMDInstallManager.exe [61153544 2026-01-08] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) -> C:\Program Files\AMD\AMDInstallManager\\-InstallUpdates -Auto Task: {BEA1888D-CEFC-4C9E-AE1A-CF1E4A0CA40F} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1039120 2026-02-18] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) Task: {FB3A8A0E-A5D9-47CA-90CE-0BDC76118C86} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [191248 2026-02-18] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) Task: {A2BD58CB-9084-4867-A723-AB6A103E8524} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-02-27] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {A28B0514-88EF-4193-97FE-0449F961711F} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-02-27] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {A30D752E-E754-4C99-B903-3507CE16A01E} - System32\Tasks\IEPackages => C:\WINDOWS\system32\wscript.exe [200704 2026-03-10] (Microsoft Windows -> Microsoft Corporation) -> "%PROGRAMDATA%\WinPackages\update.vbs" <==== ACHTUNG Task: {9899F449-7423-4701-9445-A91A71EBE59D} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [11377968 2026-03-16] (Microsoft Corporation -> Microsoft Corporation) Task: {D6003235-1EA4-406F-BF03-AAA4CFF20FF3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28604736 2026-03-07] (Microsoft Corporation -> Microsoft Corporation) Task: {FA3220F7-E02B-4A6E-B7DF-224A5B464AD3} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\opushutil.exe [62808 2026-03-16] (Microsoft Corporation -> Microsoft Corporation) Task: {DAE54301-4FC7-4D76-894F-C75E344F85AA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28604736 2026-03-07] (Microsoft Corporation -> Microsoft Corporation) Task: {E6C7D5B3-508F-4245-9C63-B0A74876031C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [309536 2026-03-16] (Microsoft Corporation -> Microsoft Corporation) Task: {2DB9509D-2FB7-4285-B243-B527EA2A561F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [309536 2026-03-16] (Microsoft Corporation -> Microsoft Corporation) Task: {071FCE39-625B-4996-8740-9280AAE6D922} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4448800 2026-03-07] (Microsoft Corporation -> Microsoft Corporation) Task: {79B006E1-9217-44DB-A045-31C9AF68200F} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [11377968 2026-03-16] (Microsoft Corporation -> Microsoft Corporation) Task: {9B0FBBC3-4DF3-435C-ABF9-0B9C06473FEC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [70992 2026-03-16] (Microsoft Corporation -> Microsoft Corporation) Task: {D3000098-6A71-405A-A8CA-FC542F55A6DD} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [191416 2026-03-12] (Microsoft Corporation -> Microsoft) Task: {BF184D81-FD44-4327-986A-562B1736ED34} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (Keine Datei) Task: {F10ED9B2-39E2-4A21-8F0F-68E6FDDACD26} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [569344 2026-03-10] (Microsoft Windows -> Microsoft Corporation) Task: {76A1C57D-866B-491A-87BB-FD363FE44C60} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [569344 2026-03-10] (Microsoft Windows -> Microsoft Corporation) Task: {21F7211A-E3D7-4767-A6D3-EE4B062BC7F7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [569344 2026-03-10] (Microsoft Windows -> Microsoft Corporation) Task: {A7E1A93E-9456-488E-BFBB-A87A49651E3D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [569344 2026-03-10] (Microsoft Windows -> Microsoft Corporation) Task: {8A71E337-DA9D-43D9-8E08-C280BC073342} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [569344 2026-03-10] (Microsoft Windows -> Microsoft Corporation) Task: {7AB0901D-DE1F-4F55-8F8C-0BF5E4759162} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [589824 2026-03-10] (Microsoft Windows -> Microsoft Corporation) Task: {7A8B665B-AE37-4AD8-98DC-CB3C83E3F9EB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [589824 2026-03-10] (Microsoft Windows -> Microsoft Corporation) Task: {4FAF7AFC-C57C-4569-AAC5-67380B2B8360} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [569344 2026-03-10] (Microsoft Windows -> Microsoft Corporation) Task: {2F7B8599-BD2D-4314-9E7E-9B63D4F0EC1E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF\Wsc Startup event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [569344 2026-03-10] (Microsoft Windows -> Microsoft Corporation) Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Keine Datei) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei) Task: {9978444A-037A-4DEA-B948-70DA82B1CB94} - System32\Tasks\Microsoft\Windows\Setup\SnapshotCleanupTask => C:\Windows\System32\OOBE\SetupPlatform\SetupPlatform.exe -removesnapshot (Keine Datei) Task: {4C5B5587-EE76-450A-B51D-179445CFCAEA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Keine Datei) Task: {4BD3B50B-C4ED-43F3-834A-2369837AE50C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (Keine Datei) Task: {03BC7700-C4B1-41C4-85C5-11B35A7A835F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe ReadyToReboot (Keine Datei) Task: {9CA495F9-07F7-4C1B-8DAC-CEB3691B21B8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (Keine Datei) Task: {3920A0B3-0069-4423-B2A5-2A04AA54281D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Keine Datei) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei) Task: {BE7D71A9-FC27-45C4-B03D-2A3705498779} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1039120 2026-02-18] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) Task: {3C300BD1-60A2-407D-BFF8-BE8EB6F95FBD} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4120191725-2713990712-3395116113-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [707200 2026-03-17] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen). Task: {00F11C1E-6D20-4672-A281-56BAFB2FCA4A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33920 2026-03-17] (Mozilla Corporation -> Mozilla Foundation) Task: {730D9675-003D-4AEE-8961-851ED2CE5617} - System32\Tasks\Opera scheduled assistant Autoupdate 1582735905 => C:\Users\MarianII\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\MarianII\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {F9B048AF-40E3-4737-86CD-5AE86B253865} - System32\Tasks\Opera scheduled Autoupdate 1557071351 => C:\Users\MarianII\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask $(Arg0) (Keine Datei) Task: {EB90177C-454F-4A9C-BCD0-BAEC906296FA} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2025-02-17] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule Task: {18C47335-11F0-4F76-BCFF-DA6C833AD8DC} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [834320 2026-02-18] (Advanced Micro Devices -> AMD) Task: {231AF57E-2048-4AD3-BAC0-69F41F6C47C3} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [143624 2026-02-18] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) Task: {DC902FF1-58C6-4231-BACE-081D77AC00BC} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [143624 2026-02-18] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) Task: {88D15813-40C1-4C28-8407-BAC50EB17FC9} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [310024 2026-02-18] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5 06 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 06 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{991556f0-101f-4b52-a997-4310ee8b74e6}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{991556f0-101f-4b52-a997-4310ee8b74e6}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{db2b2c0f-c4eb-4523-a970-abcecf920629}: [DhcpNameServer] 8.8.8.8 FireFox: ======== FF TaskBarID: 308046B0AF4A39CB -> C:\Program Files\Mozilla Firefox FF DefaultProfile: xmpg23hm.default-1746380681350 -> 308046B0AF4A39CB FF ProfilePath: C:\Users\MarianII\AppData\Roaming\Mozilla\Firefox\Profiles\xmpg23hm.default-1746380681350 [2026-03-17] FF Homepage: Mozilla\Firefox\Profiles\xmpg23hm.default-1746380681350 -> twitter.com FF Extension: (Honey) - C:\Users\MarianII\AppData\Roaming\Mozilla\Firefox\Profiles\xmpg23hm.default-1746380681350\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2025-05-04] FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\MarianII\AppData\Roaming\Mozilla\Firefox\Profiles\xmpg23hm.default-1746380681350\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2025-05-07] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (Fügt einen Kontextmenüeintrag hinzu, um die Route zur ausgewählten Adresse mit Google Maps anzuzeigen.) - C:\Users\MarianII\AppData\Roaming\Mozilla\Firefox\Profiles\xmpg23hm.default-1746380681350\Extensions\route-with-google-maps-addon@daniel-wiedner.de.xpi [2025-05-04] FF Extension: (uBlock Origin) - C:\Users\MarianII\AppData\Roaming\Mozilla\Firefox\Profiles\xmpg23hm.default-1746380681350\Extensions\uBlock0@raymondhill.net.xpi [2026-03-17] FF Extension: (Watch2Gether) - C:\Users\MarianII\AppData\Roaming\Mozilla\Firefox\Profiles\xmpg23hm.default-1746380681350\Extensions\{6ea0a676-b3ef-48aa-b23d-24c8876945fb}.xpi [2025-05-25] FF Extension: (Logitech SetPoint) - C:\Users\MarianII\AppData\Roaming\Mozilla\Firefox\Profiles\xmpg23hm.default-1746380681350\Extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi [2025-05-04] FF Extension: (Citavi Picker) - C:\Users\MarianII\AppData\Roaming\Mozilla\Firefox\Profiles\xmpg23hm.default-1746380681350\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2025-05-04] FF Extension: (Data Leak Blocker) - C:\Users\MarianII\AppData\Roaming\Mozilla\Firefox\Profiles\xmpg23hm.default-1746380681350\features\{cfc80b21-d451-46b2-b321-a3712d0f9212}\data-leak-blocker@mozilla.com.xpi [2026-03-10] FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-22] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-22] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> D:\Programme\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Programme\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> D:\Programme\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> D:\Programme\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> D:\Programme\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\Programme\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7 -> D:\Programme\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> D:\Programme\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\Programme\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.9.2 -> D:\Programme\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-03-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-19] (Microsoft Corporation -> Microsoft Corporation) Edge: ======= Edge Profile: C:\Users\MarianII\AppData\Local\Microsoft\Edge\User Data\Default [2026-03-17] Edge Extension: (Google Docs Offline) - C:\Users\MarianII\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-16] Edge Extension: (Edge relevant text changes) - C:\Users\MarianII\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Edge HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Chrome: ======= CHR Profile: C:\Users\MarianII\AppData\Local\Google\Chrome\User Data\Default [2025-10-01] CHR Extension: (Online Security) - C:\Users\MarianII\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2025-10-01] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\MarianII\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16] CHR Extension: (PDF Viewer) - C:\ProgramData\Features\psmizwhldwkokywwvmrbcdcdmeuzvmx [2026-02-01] [UpdateUrl:hxxps://feraco.info/extensionInstaller/updateChromeExtension] <==== ACHTUNG CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] CHR HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] Opera: ======= OPR DefaultProfile: Default Brave: ======= BRA DefaultProfile: Default BRA Profile: C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2026-03-17] BRA Notifications: Default -> hxxps://captcharesolver.com; hxxps://roms-download.com; hxxps://www.chess.com; hxxps://www.lieferando.de; hxxps://www.netflix.com; hxxps://www.op.gg; hxxps://www.reddit.com; hxxps://www.youtube.com BRA DefaultSearchKeyword: Default -> :g BRA Extension: (Google Übersetzer) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-09] BRA Extension: (BetterTTV) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2026-02-09] BRA Extension: (7TV) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2025-11-20] BRA Extension: (uBlock Origin) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2026-03-12] BRA Extension: (Netflix Ad Skipper) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\djahebbpojgikgpeelcnbibhnmechnhn [2024-12-09] BRA Extension: (Streamreiniger) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lehcglgkjkamolcflammloedahjocbbg [2026-03-11] BRA Extension: (SponsorBlock für YouTube – Überspringe gesponserte Videosegmente) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mnjggcdmjocbbbhaepdhchncahnbgone [2025-12-19] BRA Extension: (YouTube Anti Translate) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ndpmhjnlfkgfalaieeneneenijondgag [2025-11-03] BRA Extension: (Bypass Glassdoor Wall) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ohaiaoliglhljiamagbagenmmcdfgkfe [2023-12-10] BRA Extension: (Netflix Party is now Teleparty) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2026-03-17] BRA Extension: (Brave Ad Block Updater (Brave First Party Adblock Filters (plaintext))) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2026-03-06] BRA Extension: (Brave Local Data Files Updater) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2026-03-17] BRA Extension: (Brave NTP background images) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2026-01-03] BRA Extension: (Brave Ads Resources) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\bbefpembgddgdihpkcidgdgiojjlchji [2022-03-29] BRA Extension: (Brave Ad Block Updater (uBlock Annoyances List (used with Fanboy Annoyances List))) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfoofkaohomljmodljoameijbaichadj [2022-12-02] BRA Extension: (Brave Ad Block Updater (Mobile app promo blocker (plaintext))) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2026-03-16] BRA Extension: (Wallet Data Files Updater) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-23] BRA Extension: (Brave Ad Block Updater (Cookie notice blocker (plaintext))) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2026-03-17] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-02] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2024-07-04] BRA Extension: (Brave Ads Resources) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\dgkplhfdbkdogfblcghcfcgfalanhomi [2021-05-25] BRA Extension: (Brave Ads Resources) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\eclclcmhpefndfimkgjknaenojpdffjp [2021-05-25] BRA Extension: (Brave Ad Block Updater (EasyList Germany)) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\faknfgalcghekhfggcdikddilkpjbonh [2022-12-02] BRA Extension: (Brave NTP sponsored images) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2022-10-22] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2026-02-15] BRA Extension: (Brave Ads Resources) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\iblokdlgekdjophgeonmanpnjihcjkjj [2022-10-21] BRA Extension: (Brave Ad Block Updater (Brave Default Adblock Filters (plaintext))) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2026-03-17] BRA Extension: (Brave Ads Resources) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2026-02-21] BRA Extension: (Brave SpeedReader Updater) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10] BRA Extension: (Brave Ad Block Updater (Brave Default Privacy Filters (plaintext))) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\kihnoaefogbkmblfimmibknnmkllbhlf [2026-03-17] BRA Extension: (Brave Ad Block Updater (Easylist-Cookie List - Filter Obtrusive Cookie Notices)) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfgnenkkneohplacnfabidofpgcdpofm [2022-12-02] BRA Extension: (Brave Ad Block Updater (German website ad blocker (plaintext))) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2026-03-17] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2026-03-11] BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-19] BRA Extension: (Brave User Agent) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\nlpaeekllejnmhoonlpcefpfnpbajbpe [2026-03-17] BRA Extension: (Brave NTP sponsored images) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2026-03-17] BRA Extension: (Brave Ads Resources) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\ocilmpijebaopmdifcomolmpigakocmo [2023-07-12] BRA Extension: (Crypto Wallets) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2021-10-21] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-25] BRA Extension: (P3A Configuration) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\P3AConfig [2025-09-27] BRA Extension: (Brave Ad Block Updater (uBlock Annoyances (used with Fanboy's Annoyances) (plaintext))) - C:\Users\MarianII\AppData\Local\BraveSoftware\Brave-Browser\User Data\pnoagbonokhdnppohfeemefhjbbofplk [2024-05-16] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.) S2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [553744 0] (Advanced Micro Devices -> AMD) R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation) S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2025-11-16] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8628224 2020-06-12] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-02-27] (Brave Software, Inc. -> BraveSoftware Inc.) S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\146.1.88.132\elevation_service.exe [4444240 2026-03-14] (Brave Software, Inc. -> Brave Software, Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-02-27] (Brave Software, Inc. -> BraveSoftware Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13270336 2026-03-07] (Microsoft Corporation -> Microsoft Corporation) S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19205792 2025-09-27] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2024-01-17] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [960752 2025-10-30] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [302504 2026-02-11] (Microsoft Corporation -> Windows (R) Win 7 DDK provider) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-16] (HP Inc. -> HP Inc.) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [20112536 2026-01-30] (Logitech Inc -> Logitech, Inc.) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.) R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_e7cd8faef8863187\logi_lamparray_service.exe [11524960 2025-12-02] (Logitech Inc -> Logitech, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11357440 2026-03-17] (Malwarebytes Inc -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2026-03-17] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe [2067464 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 MEmuSVC; G:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> ) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [624680 2026-02-13] (Microsoft Corporation -> Microsoft Corporation) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [11910760 2021-12-19] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2025-02-17] (Overwolf Ltd -> Overwolf LTD) R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2021\RpcAgentSrv.exe [142352 2022-01-29] (SiSoftware SPC -> SiSoftware) [Datei ist nicht signiert] S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [690216 2026-02-13] (Microsoft Corporation -> Microsoft Corporation) R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [284752 2026-02-13] (Microsoft Corporation -> Microsoft Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22388024 2024-06-13] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55806032 2026-02-12] (Riot Games, Inc. -> Riot Games, Inc.) S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [52136 2026-03-12] (Microsoft Corporation -> Microsoft) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe [4435096 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe [290744 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WindscribeService; C:\Program Files\Windscribe\WindscribeService.exe [1054568 2024-02-17] (Windscribe Limited -> Windscribe Limited) S3 xldr_ChronoOdyssey_KR; C:\Program Files\Common Files\Wellbia.com\xldr_ChronoOdyssey_KR.exe [5174048 2025-06-20] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_2a2d80570dc9cadf\amdfendrmgr.sys [37272 2025-12-15] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) R3 amdgpio3; C:\WINDOWS\System32\DriverStore\FileRepository\amdgpio3.inf_amd64_893f7355b0a16289\amdgpio3.sys [33664 2025-12-03] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc) R2 AMDRyzenMasterDriverV31; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [61832 2025-11-28] (Advanced Micro Devices -> Advanced Micro Devices) R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_d4de13a10f2586d0\amdsafd.sys [112952 2024-06-15] (AMD Test Build -> Advanced Micro Devices) R3 amduw23g-198633-9d64603a; C:\WINDOWS\System32\DriverStore\FileRepository\u0198633.inf_amd64_f6ca42135bb94c90\B025777\amdkmdag.sys [102153864 2026-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [63872 2025-09-30] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [175824 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2026-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation) S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-10-05] (Logitech Inc -> Logitech Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-06-03] (Logitech Inc -> Logitech) S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-06-03] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-06-03] (Logitech Inc -> Logitech) R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_e7cd8faef8863187\logi_lamparray.sys [89440 2025-12-02] (Logitech Inc -> Logitech, Inc.) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234600 2026-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2026-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [214632 2026-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80984 2026-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245864 2026-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2026-03-17] (Malwarebytes Inc -> Malwarebytes) S3 MEmuDrv; G:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) S4 RsFx0600; C:\WINDOWS\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation) R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_75af912c76141870\rt68cx21x64.sys [666576 2022-11-07] (Realtek Semiconductor Corp. -> Realtek) S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2021\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware Ltd -> SiSoftware) S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12464 2024-12-30] (Macrovision Europe Ltd) [Datei ist nicht signiert] S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174264 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tap0901cn; C:\WINDOWS\System32\drivers\tap0901cn.sys [45576 2018-10-17] (Connectify (Connectify, Inc.) -> The OpenVPN Project) S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 tapsurfshark; C:\WINDOWS\System32\drivers\tapsurfshark.sys [38728 2022-02-01] (WDKTestCert Lenovo,131775874531219913 -> The OpenVPN Project) R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [29720 2021-11-20] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2019-09-28] (Vincent Burel -> Windows (R) Win 7 DDK provider) S3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2021-07-27] (Vincent Burel -> Windows (R) Win 7 DDK provider) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [43580536 2026-02-12] (Riot Games, Inc. -> Riot Games, Inc.) R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [635272 2026-02-10] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102832 2026-02-10] (Microsoft Windows -> Microsoft Corporation) S3 WindscribeSplitTunnel; C:\WINDOWS\system32\DRIVERS\WindscribeSplitTunnel.sys [38152 2024-02-17] (Windscribe Limited -> ) R3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-17] (Microsoft Windows -> Microsoft Corporation) R3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_a6dc64e436f22951\WSDScan.sys [61440 2025-09-10] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [194448 2025-06-20] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [244264 2023-04-19] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2026-03-17 21:59 - 2026-03-17 21:59 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2026-03-17 21:59 - 2026-03-17 21:59 - 000000000 ____D C:\Users\MarianII\AppData\LocalLow\IGDump 2026-03-17 21:58 - 2026-03-17 21:58 - 000000000 ____D C:\WINDOWS\CbsTemp 2026-03-17 20:23 - 2026-03-17 20:23 - 000748488 _____ C:\WINDOWS\system32\perfh007.dat 2026-03-17 20:23 - 2026-03-17 20:23 - 000160270 _____ C:\WINDOWS\system32\perfc007.dat 2026-03-17 20:17 - 2026-03-17 22:01 - 000051545 _____ C:\Users\MarianII\Desktop\FRST.txt 2026-03-17 20:16 - 2026-03-17 20:16 - 000000008 _____ C:\ProgramData\ntuser.pol 2026-03-17 19:25 - 2026-03-17 22:01 - 000000000 ____D C:\FRST 2026-03-17 19:24 - 2026-03-17 19:25 - 002445312 _____ (Farbar) C:\Users\MarianII\Desktop\FRST64.exe 2026-03-17 19:18 - 2026-03-17 19:21 - 000000000 ___HD C:\$SysReset 2026-03-17 19:00 - 2026-03-17 18:59 - 000392320 _____ (Mozilla Foundation) C:\Users\MarianII\Desktop\Firefox.exe 2026-03-17 18:41 - 2026-03-17 21:53 - 000000000 ____D C:\Users\MarianII\AppData\Local\Malwarebytes 2026-03-17 18:41 - 2026-03-17 18:41 - 000002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2026-03-17 18:41 - 2026-03-17 18:41 - 000002088 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2026-03-17 18:40 - 2026-03-17 18:40 - 000000000 ____D C:\ProgramData\Malwarebytes 2026-03-17 18:40 - 2026-03-17 18:40 - 000000000 ____D C:\Program Files\Malwarebytes 2026-03-12 20:08 - 2026-03-12 20:14 - 000000000 ___HD C:\$WinREAgent 2026-03-10 19:54 - 2026-03-10 19:54 - 000083946 _____ C:\WINDOWS\SysWOW64\ctac.json 2026-03-10 19:54 - 2026-03-10 19:54 - 000083946 _____ C:\WINDOWS\system32\ctac.json 2026-03-10 19:54 - 2026-03-10 19:54 - 000036382 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2026-03-10 19:54 - 2026-03-10 19:54 - 000036382 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2026-03-05 18:54 - 2026-03-05 18:54 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\SlayTheSpire2 2026-03-05 18:53 - 2026-03-05 18:53 - 000000213 _____ C:\Users\MarianII\Desktop\Slay the Spire 2.url 2026-03-05 17:51 - 2026-03-05 17:51 - 000000000 ____D C:\Program Files\Microsoft GameInput 2026-03-05 17:51 - 2026-03-05 17:49 - 000452984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_d.dll.0 2026-03-04 18:41 - 2026-03-04 18:41 - 000000213 _____ C:\Users\MarianII\Desktop\Counter-Strike Global Offensive.url 2026-03-02 19:02 - 2026-03-17 18:46 - 000003900 _____ C:\WINDOWS\system32\Tasks\AMD Install Manager - Install Updates 2026-02-28 10:46 - 2026-02-28 10:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMDInstallManager 2026-02-27 16:58 - 2026-03-10 19:26 - 000000000 ____D C:\Users\MarianII\AppData\LocalLow\AMD 2026-02-27 16:56 - 2026-03-17 21:59 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2026-02-27 16:56 - 2026-02-27 16:56 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate 2026-02-27 16:56 - 2026-02-27 16:56 - 000003302 _____ C:\WINDOWS\system32\Tasks\StartCNBM 2026-02-27 16:56 - 2026-02-27 16:56 - 000003198 _____ C:\WINDOWS\system32\Tasks\StartAUEP 2026-02-27 16:56 - 2026-02-27 16:56 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN 2026-02-27 16:56 - 2026-02-27 16:56 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR 2026-02-27 16:56 - 2026-02-27 16:56 - 000002622 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask 2026-02-27 16:56 - 2026-02-27 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition 2026-02-27 16:56 - 2026-02-27 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool 2026-02-27 16:51 - 2026-02-25 20:43 - 002423432 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2026-02-27 16:51 - 2026-02-25 20:43 - 002423432 _____ C:\WINDOWS\system32\vulkaninfo.exe 2026-02-27 16:51 - 2026-02-25 20:43 - 001928840 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2026-02-27 16:51 - 2026-02-25 20:43 - 001928840 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2026-02-27 16:51 - 2026-02-25 20:42 - 000641152 _____ C:\WINDOWS\system32\GameManager64.dll 2026-02-27 16:51 - 2026-02-25 20:42 - 000536192 _____ C:\WINDOWS\system32\EEURestart.exe 2026-02-27 16:51 - 2026-02-25 20:42 - 000489096 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2026-02-27 16:51 - 2026-02-25 20:42 - 000200840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 005231752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 005018248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 002204808 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 001842312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 001842312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 001339016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 001194120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 001079424 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2026-02-27 16:50 - 2026-02-25 20:42 - 001008264 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000811656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000797824 _____ C:\WINDOWS\system32\hiprt0200064.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000688768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000667392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.etz 2026-02-27 16:50 - 2026-02-25 20:42 - 000602248 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000569472 _____ C:\WINDOWS\system32\atieah64.exe 2026-02-27 16:50 - 2026-02-25 20:42 - 000559240 _____ C:\WINDOWS\system32\dgtrayicon.exe 2026-02-27 16:50 - 2026-02-25 20:42 - 000553088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000483456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000481408 _____ C:\WINDOWS\system32\amdlogum.exe 2026-02-27 16:50 - 2026-02-25 20:42 - 000459904 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000432264 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2026-02-27 16:50 - 2026-02-25 20:42 - 000406272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendr.stz 2026-02-27 16:50 - 2026-02-25 20:42 - 000357000 _____ C:\WINDOWS\system32\clinfo.exe 2026-02-27 16:50 - 2026-02-25 20:42 - 000257160 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000210560 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000160392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000157312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000132224 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000066816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrmgr.stz 2026-02-27 16:50 - 2026-02-25 20:42 - 000061568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll 2026-02-27 16:50 - 2026-02-25 20:42 - 000058496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 121681024 _____ C:\WINDOWS\system32\amd_comgr_2.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 103836800 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 001749376 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 001424024 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000621568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000555728 _____ C:\WINDOWS\system32\amdmiracast.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000222336 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000187008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000180664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000170200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000170200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000155784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000155728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000153792 _____ C:\WINDOWS\system32\amdxc64.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000142200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000142200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2026-02-27 16:50 - 2026-02-25 20:41 - 000129592 _____ C:\WINDOWS\SysWOW64\amdxc32.dll 2026-02-27 16:50 - 2026-02-25 20:05 - 125848512 _____ C:\WINDOWS\system32\amdxc64.so 2026-02-27 16:49 - 2026-02-27 16:49 - 000000000 ____D C:\AWSToolkit 2026-02-25 19:43 - 2026-02-25 19:43 - 000000000 ____D C:\Users\MarianII\AppData\Local\DinoBlade 2026-02-18 12:56 - 2026-02-18 12:56 - 000011300 _____ C:\WINDOWS\Info.xml ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2026-03-17 22:02 - 2025-05-04 18:49 - 000000000 ____D C:\Users\MarianII\AppData\Local\Discord 2026-03-17 22:02 - 2025-01-08 19:20 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\discord 2026-03-17 22:02 - 2020-09-06 19:29 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\Spotify 2026-03-17 22:02 - 2020-09-06 19:29 - 000000000 ____D C:\Users\MarianII\AppData\Local\Spotify 2026-03-17 22:01 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2026-03-17 22:01 - 2020-04-18 01:44 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2026-03-17 21:59 - 2024-12-17 22:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2026-03-17 21:59 - 2024-12-17 22:40 - 000071102 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 2026-03-17 21:59 - 2024-06-27 19:56 - 000000000 ____D C:\Program Files\TeamViewer 2026-03-17 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2026-03-17 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2026-03-17 21:59 - 2021-04-11 08:42 - 000012288 ___SH C:\DumpStack.log.tmp 2026-03-17 21:58 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2026-03-17 21:41 - 2019-04-23 02:44 - 000000000 ____D C:\Users\MarianII\AppData\Local\D3DSCache 2026-03-17 21:12 - 2021-02-06 21:15 - 000000000 ____D C:\AMD 2026-03-17 20:23 - 2024-12-18 16:52 - 001944248 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2026-03-17 20:23 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF 2026-03-17 20:19 - 2019-04-18 21:41 - 000002310 _____ C:\Users\MarianII\Desktop\Discord.lnk 2026-03-17 20:14 - 2019-04-21 18:56 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\Microsoft\MMC 2026-03-17 20:14 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2026-03-17 19:45 - 2020-05-09 11:09 - 000000151 _____ C:\Users\MarianII\Desktop\PW Smartbroker.txt 2026-03-17 19:08 - 2025-05-04 18:44 - 000000000 ____D C:\Program Files\Mozilla Firefox 2026-03-17 19:08 - 2025-05-04 18:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2026-03-17 19:06 - 2019-04-17 18:32 - 000000000 ____D C:\Users\MarianII\AppData\Local\ConnectedDevicesPlatform 2026-03-17 19:01 - 2022-02-22 19:35 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2026-03-17 19:00 - 2025-05-04 18:44 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2026-03-17 18:55 - 2024-06-03 19:55 - 000000000 ____D C:\ProgramData\Unified Remote 2026-03-17 18:40 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2026-03-17 18:40 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps 2026-03-17 18:40 - 2019-04-17 18:32 - 000000000 ____D C:\Users\MarianII\AppData\Local\Packages 2026-03-17 18:40 - 2018-12-13 10:12 - 000000000 ____D C:\ProgramData\Packages 2026-03-17 18:39 - 2020-01-14 15:10 - 000000000 ____D C:\Users\Public\Logi 2026-03-17 18:39 - 2019-04-18 15:06 - 000000000 ____D C:\ProgramData\Riot Games 2026-03-16 21:24 - 2025-01-04 13:14 - 000000000 ____D C:\SteamLibrary 2026-03-16 21:24 - 2024-12-17 22:37 - 000000000 ____D C:\Users\MarianII 2026-03-16 19:39 - 2019-04-17 20:07 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2026-03-16 18:51 - 2019-03-27 16:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2026-03-15 10:24 - 2024-09-13 17:06 - 134222904 _____ C:\WINDOWS\392667600.dat 2026-03-15 10:18 - 2023-01-21 19:32 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2026-03-15 10:18 - 2020-06-20 10:54 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2026-03-14 20:34 - 2019-04-18 15:20 - 000000000 ____D C:\Users\MarianII\AppData\LocalLow\Ninja Kiwi 2026-03-14 19:01 - 2021-02-27 18:26 - 000002363 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2026-03-14 19:01 - 2021-02-27 18:26 - 000002322 _____ C:\Users\Public\Desktop\Brave.lnk 2026-03-14 16:14 - 2021-02-06 21:15 - 000000000 ____D C:\Users\MarianII\AppData\Local\AMD_Common 2026-03-14 09:05 - 2024-12-17 22:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2026-03-12 20:45 - 2024-12-17 22:35 - 000573384 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2026-03-12 20:43 - 2024-12-17 22:27 - 000000000 ____D C:\WINDOWS\InboxApps 2026-03-12 20:43 - 2024-12-17 22:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB 2026-03-12 20:43 - 2024-04-01 17:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr 2026-03-12 20:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\appcompat 2026-03-12 20:43 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing 2026-03-12 20:40 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2026-03-12 20:40 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2026-03-12 20:38 - 2019-06-23 21:23 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\Microsoft\PowerPoint 2026-03-12 20:38 - 2019-04-17 19:09 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\Microsoft\Office 2026-03-12 20:06 - 2021-04-06 12:29 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2026-03-12 20:06 - 2021-04-06 12:27 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2026-03-12 20:03 - 2025-07-10 18:43 - 000001730 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk 2026-03-12 20:03 - 2021-02-06 21:50 - 000001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2026-03-12 20:03 - 2021-02-06 21:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2026-03-10 19:53 - 2024-12-17 22:37 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2026-03-10 19:33 - 2024-10-25 11:13 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2026-03-10 19:33 - 2024-10-25 11:13 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2026-03-10 19:22 - 2026-01-22 18:59 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\Riot Client 2026-03-10 19:22 - 2024-02-22 17:05 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\riot-client-ux 2026-03-08 08:15 - 2024-12-17 22:44 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2026-03-08 08:15 - 2024-12-17 22:44 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2026-03-05 18:54 - 2022-01-07 14:54 - 000000000 ____D C:\Users\MarianII\AppData\Local\Sentry 2026-03-05 17:49 - 2022-10-26 17:01 - 000153968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe 2026-03-05 17:49 - 2022-10-26 17:01 - 000084344 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe 2026-03-05 17:49 - 2022-01-05 00:46 - 004589944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2026-03-05 17:49 - 2022-01-05 00:46 - 000911736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2026-03-05 17:49 - 2022-01-05 00:46 - 000289144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2026-03-05 17:49 - 2022-01-05 00:46 - 000260472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2026-03-05 17:49 - 2022-01-05 00:46 - 000166264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2026-03-03 20:08 - 2026-02-01 10:55 - 000000000 ____D C:\ProgramData\UpdatesWin 2026-02-28 17:25 - 2023-01-02 14:20 - 000002334 _____ C:\Users\MarianII\Desktop\MetaTFT.lnk 2026-02-28 17:25 - 2019-05-26 11:20 - 000000000 ____D C:\Users\MarianII\AppData\Local\Overwolf 2026-02-28 10:46 - 2025-05-15 19:13 - 000004054 _____ C:\WINDOWS\system32\Tasks\AMD Install Manager - Check For Updates 2026-02-27 17:07 - 2021-02-06 21:25 - 000000000 ____D C:\Users\MarianII\AppData\Local\AMD 2026-02-27 16:56 - 2021-08-15 22:03 - 000000000 ____D C:\Program Files\AMD 2026-02-27 09:48 - 2019-04-19 11:28 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\.minecraft 2026-02-25 19:43 - 2019-10-18 18:21 - 000000000 ____D C:\Users\MarianII\AppData\Local\UnrealEngine 2026-02-25 19:04 - 2026-02-02 18:42 - 000000925 _____ C:\Users\MarianII\powershell.dat 2026-02-25 19:04 - 2026-02-02 18:42 - 000000000 ____D C:\Users\MarianII\.infatica_noise_cache 2026-02-22 10:12 - 2022-01-22 22:38 - 000000000 ____D C:\Program Files\Riot Vanguard 2026-02-21 17:21 - 2020-06-11 23:19 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\RenPy 2026-02-21 09:14 - 2024-12-17 22:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2026-02-19 16:08 - 2023-05-16 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monero GUI Wallet 2026-02-18 23:33 - 2021-08-15 22:04 - 003078512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe 2026-02-17 22:25 - 2019-10-02 15:51 - 000000000 ____D C:\Users\MarianII\AppData\Local\CrashDumps 2026-02-17 17:44 - 2025-10-12 11:44 - 000000000 ____D C:\Users\MarianII\AppData\Roaming\kleopatra 2026-02-17 17:38 - 2025-10-12 11:44 - 000000000 ____D C:\Users\MarianII\AppData\Local\gnupg 2026-02-16 08:04 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2026-02-02 18:42 - 2026-02-25 19:04 - 000000925 _____ () C:\Users\MarianII\powershell.dat 2024-11-13 22:14 - 2024-11-13 22:49 - 201709192 _____ () C:\Users\MarianII\AppData\Roaming\metatft_log.txt 2021-07-27 13:28 - 2021-07-27 13:28 - 000006116 _____ () C:\Users\MarianII\AppData\Roaming\VoiceMeeterDefault.xml 2023-01-18 19:03 - 2023-01-18 19:03 - 000004606 _____ () C:\Users\MarianII\AppData\Local\1223220869 2022-10-21 16:59 - 2022-11-17 10:07 - 000003950 _____ () C:\Users\MarianII\AppData\Local\1413663067 2022-09-21 18:48 - 2022-09-21 18:48 - 000006822 _____ () C:\Users\MarianII\AppData\Local\2476191251 2022-11-18 08:13 - 2022-11-23 12:40 - 000003998 _____ () C:\Users\MarianII\AppData\Local\2830118318 2023-03-23 19:52 - 2023-03-23 19:52 - 000005894 _____ () C:\Users\MarianII\AppData\Local\3963120367 2022-05-05 10:31 - 2022-07-02 12:46 - 000003406 _____ () C:\Users\MarianII\AppData\Local\444903052 2023-09-29 17:40 - 2023-09-29 17:40 - 000005534 _____ () C:\Users\MarianII\AppData\Local\9101122080 2025-05-15 19:16 - 2025-05-16 18:54 - 000005279 _____ () C:\Users\MarianII\AppData\Local\91128626013 2024-02-17 12:38 - 2024-02-17 12:38 - 000006366 _____ () C:\Users\MarianII\AppData\Local\91477623837 2023-10-26 15:46 - 2023-10-26 15:46 - 000004398 _____ () C:\Users\MarianII\AppData\Local\91503071769 2023-02-21 14:47 - 2023-02-21 14:47 - 000006598 _____ () C:\Users\MarianII\AppData\Local\92580481036 2023-05-03 18:16 - 2023-05-03 18:16 - 000005966 _____ () C:\Users\MarianII\AppData\Local\92642719525 2025-05-23 18:46 - 2025-05-23 18:46 - 000005279 _____ () C:\Users\MarianII\AppData\Local\93308978272 2025-03-29 12:09 - 2025-03-29 12:09 - 000003718 _____ () C:\Users\MarianII\AppData\Local\93768145176 2023-11-17 09:51 - 2023-11-17 09:51 - 000003998 _____ () C:\Users\MarianII\AppData\Local\9630024665 2023-04-12 18:01 - 2023-04-12 18:01 - 000005662 _____ () C:\Users\MarianII\AppData\Local\967015202 2022-08-17 06:37 - 2022-08-17 06:37 - 000004358 _____ () C:\Users\MarianII\AppData\Local\recently-used.xbel 2021-02-23 19:16 - 2024-04-28 18:57 - 000007652 _____ () C:\Users\MarianII\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2026 durchgeführt von MarianII (17-03-2026 22:03:05) Gestartet von C:\Users\MarianII\Desktop Microsoft Windows 11 Home Version 25H2 26200.8037 (X64) (2024-12-18 15:45:44) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-4120191725-2713990712-3395116113-500 - Administrators - Disabled) DefaultAccount (S-1-5-21-4120191725-2713990712-3395116113-503 - Limited - Disabled) Gast (S-1-5-21-4120191725-2713990712-3395116113-501 - Limited - Disabled) MarianII (S-1-5-21-4120191725-2713990712-3395116113-1001 - Administrators - Enabled) => C:\Users\MarianII WDAGUtilityAccount (S-1-5-21-4120191725-2713990712-3395116113-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Malwarebytes (Enabled - Up to date) {A537353A-1D6A-F6B5-9153-CE1CF80FBE66} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Total Security (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 2XKO (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Riot Game lion.live) (Version: - Riot Games, Inc) 7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.21288 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601149}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 8.01.20.513 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.136 - Advanced Micro Devices, Inc.) Hidden AMD Install Manager (HKLM\...\{569DDC87-94F9-4D4E-BC04-270227EC8828}) (Version: 25.30.26008.1803 - Advanced Micro Devices, Inc.) AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.40.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 26.2.2 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{4a6efd8a-0992-4ff0-99cc-0db5ae116b5b}) (Version: 8.01.20.513 - Advanced Micro Devices, Inc.) Hidden Angeln 2009 (HKLM-x32\...\Angeln 2009_is1) (Version: - astragon Software GmbH) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) AusweisApp2 (HKLM\...\{A866485F-4F26-4BA6-9CED-6B78AC398CED}) (Version: 1.26.5 - Governikus GmbH & Co. KG) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitLord 2.4 (HKLM-x32\...\BitLord) (Version: 2.4.6-359 - House of Life) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 146.1.88.132 - Die Brave-Autoren) Browser für SQL Server 2019 (HKLM-x32\...\{613930F2-FFD4-485B-A211-E7092D14A90E}) (Version: 15.0.2000.5 - Microsoft Corporation) Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - ) Cisco Packet Tracer 8.2.1 64Bit (HKLM\...\Cisco Packet Tracer 8.2.1 64Bit_is1) (Version: 8.2.1.118 - Cisco Systems, Inc.) Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Discord) (Version: 1.0.9229 - Discord Inc.) DriverFix 4.2021.8.30 (HKLM\...\DriverFix_is1) (Version: - DriverFix, Inc) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.560.0.6073 - Electronic Arts) Hidden EA app (HKLM-x32\...\{0771286d-2006-4fb7-8a62-dbaefc1e55e7}) (Version: 13.560.0.6073 - Electronic Arts) FL Studio 21 (HKLM-x32\...\FL Studio 21) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) GameRanger (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\GameRanger) (Version: - GameRanger Technologies) GDR 2080 für SQL Server 2019 (KB4583458) (64-bit) (HKLM\...\KB4583458) (Version: 15.0.2080.9 - Microsoft Corporation) GDR 2095 für SQL Server 2019 (KB5014356) (64-bit) (HKLM\...\KB5014356) (Version: 15.0.2095.3 - Microsoft Corporation) GDR 2101 für SQL Server 2019 (KB5021125) (64-bit) (HKLM\...\KB5021125) (Version: 15.0.2101.7 - Microsoft Corporation) GDR 2104 für SQL Server 2019 (KB5029377) (64-bit) (HKLM\...\KB5029377) (Version: 15.0.2104.1 - Microsoft Corporation) GDR 2110 für SQL Server 2019 (KB5035434) (64-bit) (HKLM\...\KB5035434) (Version: 15.0.2110.4 - Microsoft Corporation) GDR 2116 für SQL Server 2019 (KB5040986) (64-bit) (HKLM\...\KB5040986) (Version: 15.0.2116.2 - Microsoft Corporation) GDR 2120 für SQL Server 2019 (KB5042214) (64-bit) (HKLM\...\KB5042214) (Version: 15.0.2120.1 - Microsoft Corporation) GDR 2125 für SQL Server 2019 (KB5046056) (64-bit) (HKLM\...\KB5046056) (Version: 15.0.2125.1 - Microsoft Corporation) GDR 2130 für SQL Server 2019 (KB5046859) (64-bit) (HKLM\...\KB5046859) (Version: 15.0.2130.3 - Microsoft Corporation) GDR 2135 für SQL Server 2019 (KB5058713) (64-bit) (HKLM\...\KB5058713) (Version: 15.0.2135.5 - Microsoft Corporation) GDR 2140 für SQL Server 2019 (KB5063758) (64-bit) (HKLM\...\KB5063758) (Version: 15.0.2140.1 - Microsoft Corporation) GDR 2145 für SQL Server 2019 (KB5065223) (64-bit) (HKLM\...\KB5065223) (Version: 15.0.2145.1 - Microsoft Corporation) GDR 2155 für SQL Server 2019 (KB5068405) (64-bit) (HKLM\...\KB5068405) (Version: 15.0.2155.2 - Microsoft Corporation) GDR 2160 für SQL Server 2019 (KB5077470) (64-bit) (HKLM\...\KB5077470) (Version: 15.0.2160.4 - Microsoft Corporation) GIMP 2.10.32 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team) GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.4.8 - The GnuPG Project) GoldWave v6.65 (HKLM\...\GoldWave v6.65) (Version: 6.65 - GoldWave Inc.) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden Gpg4win (4.4.1) (HKLM-x32\...\Gpg4win) (Version: 4.4.1 - The Gpg4win Project) Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.1868.0 - Rockstar Games) Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.176 - Riot Games, Inc.) HitFilm (HKLM\...\{F3165E1A-01E6-440F-A7C0-7ABECC42BB5B}) (Version: 19.1.2.0 - FXhome) IKON (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Overwolf_kfaacjbnfoeombkalbeimokpocbjmcecoihoifeh) (Version: 0.9.9.3000 - Overwolf app) Integration Services (HKLM-x32\...\{5B7E8C87-4DF7-496E-9866-40B19BB39224}) (Version: 15.0.2000.130 - Microsoft Corporation) Hidden Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation) Java(TM) SE Development Kit 16.0.2 (64-bit) (HKLM\...\{84539E3B-68B6-54F1-9CA3-EA920673C714}) (Version: 16.0.2.0 - Oracle Corporation) Kingston SSD Manager version 1.1.2.0 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.2.0 - Kingston Digital, Inc) Knight Rider (HKLM-x32\...\Knight Rider) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) League of Legends (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) League of Legends PBE (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc) Legends of Runeterra (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Riot Game bacon.live) (Version: - Riot Games, Inc) Locad25 (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Locad25) (Version: - ) Locad25Demo (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Locad25Demo) (Version: - ) Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2026.1.828335 - Logitech) Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.) Malwarebytes version 5.5.1.240 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.5.1.240 - Malwarebytes) MEmu (HKLM-x32\...\MEmu) (Version: 8.1.3.0 - Microvirt Software Technology Co. Ltd.) MetaTFT (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Overwolf_aheglebeeekjdnkljmpngplhpedgejncjhojnndh) (Version: 0.2.665 - Overwolf app) Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.36 (x86) (HKLM-x32\...\{FBC9D6AE-6396-4FC7-BC18-00852836F16D}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host - 7.0.20 (x64) (HKLM\...\{EE5EB03B-D65C-4991-848E-2C6E024326DB}) (Version: 56.80.15184 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.36 (x86) (HKLM-x32\...\{6F73FE7B-B9C3-4A05-8138-0E44543D755F}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 7.0.20 (x64) (HKLM\...\{B0FC828F-678C-4868-9B5B-99639758E6F3}) (Version: 56.80.15184 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.36 (x86) (HKLM-x32\...\{89C09E22-01D0-41F6-BAD3-CA0A8B74AD22}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 7.0.20 (x64) (HKLM\...\{221BB52A-B763-4C9D-AA62-4B0B6C9AAD62}) (Version: 56.80.15184 - Microsoft Corporation) Hidden Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.19725.20170 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 146.0.3856.59 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 146.0.3856.62 - Microsoft Corporation) Hidden Microsoft GameInput (HKLM\...\{9F5D508B-EA43-4FA2-B0B6-8158A389442B}) (Version: 3.2.138.0 - Microsoft Corporation) Microsoft Help Viewer 2.3 (HKLM-x32\...\{BEFC10C1-7032-3C8E-80BC-621A77BFEABD}) (Version: 2.3.28107 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28107 - Microsoft Corporation) Microsoft Help Viewer 2.3 Sprachpaket – DEU (HKLM-x32\...\{65A18033-236B-3815-A905-D4F7FE7D1E75}) (Version: 2.3.27412 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.3 Sprachpaket – DEU (HKLM-x32\...\Microsoft Help Viewer 2.3 Sprachpaket – DEU) (Version: 2.3.27412 - Microsoft Corporation) Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{0E0F96AC-80DE-4400-A40C-429D63293651}) (Version: 17.10.6.1 - Microsoft Corporation) Microsoft Office Access MUI (German) 2010 (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (HKLM\...\{90140000-002A-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft OLE DB Driver for SQL Server (HKLM\...\{76EB75D2-CCF6-41A9-90B6-922DE9146276}) (Version: 18.7.4.0 - Microsoft Corporation) Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.19725.20170 - Microsoft Corporation) Microsoft Project - de-de (HKLM\...\ProjectPro2019Retail - de-de) (Version: 16.0.19725.20170 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{ADA823D7-2A3F-4FC6-96AC-C11656168D1E}) (Version: 11.4.7515.2 - Microsoft Corporation) Microsoft SQL Server 2019 (64-bit) (HKLM\...\Microsoft SQL Server SQL2019) (Version: - Microsoft Corporation) Microsoft SQL Server 2019 RsFx Driver (HKLM\...\{5825CDC4-4E99-4CF9-91FE-DB60C0E2F5EA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden Microsoft SQL Server 2019 Setup (English) (HKLM\...\{17DCED0E-5B27-453A-B2B4-E487B869B28A}) (Version: 15.0.4013.40 - Microsoft Corporation) Microsoft SQL Server 2019 T-SQL-Sprachdienst (HKLM\...\{411C14F4-C576-48CA-AF1C-FCA51BD331A2}) (Version: 15.0.2000.5 - Microsoft Corporation) Microsoft SQL Server Management Studio - 18.8 (HKLM-x32\...\{98b82cf5-6c35-47a0-aecd-742e90778aec}) (Version: 15.0.18369.0 - Microsoft Corporation) Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.28902 - Microsoft) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 4.4.38.63497 - Microsoft Corporation) Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{6AC5612A-D067-44B9-9C8E-2C1B3473B429}) (Version: 3.7.2182.35401 - Microsoft Corporation) Hidden Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{E281F6E2-136B-4AF0-895B-253279711697}) (Version: 3.7.2182.35401 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{81be98bb-b243-484d-abe4-273c74132aae}) (Version: 15.0.27520 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2017 x64 Hosting Support (HKLM\...\{AFFB9D8D-6E58-38A0-A7DD-F6F1F4247B36}) (Version: 15.0.27520 - Microsoft Corporation) Hidden Microsoft Visual Studio Tools for Applications 2017 x86 Hosting Support (HKLM-x32\...\{9594C97E-6A20-38B3-81BB-2778C4780BE1}) (Version: 15.0.27520 - Microsoft Corporation) Hidden Microsoft VSS Writer für SQL Server 2019 (HKLM\...\{80E61AFB-0357-4EA7-B2B9-662509EF918D}) (Version: 15.0.2000.5 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.36 (x86) (HKLM-x32\...\{9A00C541-6944-4969-9DFE-A7289215800D}) (Version: 48.144.23186 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.36 (x86) (HKLM-x32\...\{c37854d7-1852-4785-82ff-86ff988e4caf}) (Version: 6.0.36.34217 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 7.0.20 (x64) (HKLM\...\{72C29BED-666F-4E5E-BC49-DF44C890742E}) (Version: 56.80.15245 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 7.0.20 (x64) (HKLM-x32\...\{362ea044-f96f-45c7-b59f-0dbe5ca98ff4}) (Version: 7.0.20.33720 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.1.0 - Mojang) MKVToolNix 92.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 92.0.0 - Moritz Bunkus) MobaXterm (HKLM-x32\...\{D263B5FE-93E9-46AF-A5D1-D3E5085BCEDD}) (Version: 21.2.0.4642 - Mobatek) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox) (Version: 148.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 138.0.1 - Mozilla) MultiDoge 0.1.7 (HKLM-x32\...\MultiDoge 0.1.7) (Version: 0.1.7 - ) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.9.1 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.19725.20170 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.19725.20078 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.19328.20266 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.19725.20170 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.267.1.1 - Overwolf Ltd.) Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive) PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc) PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: 7.1.13.1755 - pdfforge GmbH) PDF Architect 7 Create Module (HKLM\...\{B600CC13-8F68-4D44-8867-93490894FAE5}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden PDF Architect 7 Edit Module (HKLM\...\{BA2C2671-B379-4101-A21C-4C549671FC8D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden PDF Architect 7 View Module (HKLM\...\{E947A304-6110-4CFE-98AD-E6909072E87D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0266FA7}) (Version: 4.1.2 - pdfforge GmbH) PDP Controller Driver x64 (HKLM-x32\...\{FBDE0A93-17B3-4548-A611-69633F3C0A6F}) (Version: 1.00.0003 - Performance Designed Products) Pegasus Mail (HKLM-x32\...\Pegasus Mail) (Version: - David Harris) Pegasus Mail HTML Renderer 2.4.10.3 (HKLM-x32\...\{A9F5E1E1-1281-4862-90B4-6CF8E6AF83CE}_is1) (Version: - Micha's Midnight Manufacture) Pegasus Mail v4.73 Release 1, Build 639 (Deutsche Komplettversi (HKLM-x32\...\Pegasus Mail, Deutsche Komplettversion_is1) (Version: - Sven Henze) ProjectHolidaysInstaller (HKLM-x32\...\{FE938C22-3FBD-4DAD-9F63-94369E2FF7E2}) (Version: 1.0.2 - Grobman & Schwarz GmbH) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.5.0 - Advanced Micro Devices, Inc.) Hidden Python 3.8.1 (64-bit) (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\{edfa99b7-1514-493a-aeaf-a37eeec724d2}) (Version: 3.8.1150.0 - Python Software Foundation) Python 3.8.1 Core Interpreter (64-bit) (HKLM\...\{F94E2016-28A6-4FCC-B5A1-D2D9757AF26A}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Development Libraries (64-bit) (HKLM\...\{913F572C-BF38-4E44-9065-7E1B024D43FB}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Documentation (64-bit) (HKLM\...\{3FE61A1E-16AE-4702-81A6-C9F6CE3586EB}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Executables (64-bit) (HKLM\...\{D6160A7A-D48F-48A6-8E5D-FECBE5901D82}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 pip Bootstrap (64-bit) (HKLM\...\{912206BD-EA52-4586-8A89-BD7716E5BD50}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Standard Library (64-bit) (HKLM\...\{7E83F4DD-B376-4158-90C3-4E9AE54D0AB3}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Tcl/Tk Support (64-bit) (HKLM\...\{96BBA29C-F949-4DF7-9221-EEE7F7D66377}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Test Suite (64-bit) (HKLM\...\{64A5FC80-95DB-4CA0-AA8A-C4D652BBC96E}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Utility Scripts (64-bit) (HKLM\...\{F0D5C7E7-4ECE-425F-BD33-8091DB57A31F}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{41A9BB87-60B8-47C3-BB79-6EC186827EC7}) (Version: 3.8.6925.0 - Python Software Foundation) qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.3 - The qBittorrent project) RAV Endpoint Protection (HKLM\...\ReasonLabs-EPP) (Version: 5.7.0 - Reason Cybersecurity Inc.) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8955.1 - Realtek Semiconductor Corp.) RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.17.199 - Rockstar Games) RStudio (HKLM-x32\...\RStudio) (Version: 1.4.1106 - RStudio) RyzenMasterSDK (HKLM\...\{EDBA75B1-1994-4A64-B0DE-00C620EEFF84}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.) Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{97099817-53F1-4CA1-ACEA-DA6D74371689}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{996096F8-956B-41C9-A7E3-9BA1E801014F}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{D505EC85-885F-4BE3-8A89-3EFE4F855692}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden SiSoftware Sandra Lite 2021 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2596}_is1) (Version: 31.73.2021.12 - SiSoftware) Spotify (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Spotify) (Version: 1.2.85.519.g549a528b - Spotify AB) SQL Server 2019 Batch Parser (HKLM\...\{D459615B-83B0-408F-8F39-6CC07C277BA6}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Common Files (HKLM\...\{0FB552DD-543E-48E7-A6F4-2F8D82723C6A}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Common Files (HKLM\...\{5A73C7AB-C567-43B7-B65A-DD030A550666}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Connection Info (HKLM\...\{69E0FF21-B2C5-447A-BC3D-7BD75289F167}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Connection Info (HKLM\...\{FD730873-33D1-4D1F-9AE0-E259586F8827}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Database Engine Services (HKLM\...\{46374AB9-6477-488C-8624-336AB3341F03}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Database Engine Services (HKLM\...\{A60B3D8E-5311-4BF1-AF7A-D1AC15F9152E}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Database Engine Shared (HKLM\...\{28F912AE-AB00-4E29-B694-8B78324C24C5}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Database Engine Shared (HKLM\...\{DE5B7937-D5B5-4157-BC30-BB87F021CFF0}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 DMF (HKLM\...\{814D5077-C93F-42E2-B875-717007C186B9}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 DMF (HKLM\...\{E254DB71-CDC2-47C2-B5BF-90FA2772DC4E}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Shared Management Objects (HKLM\...\{6213D6CB-D258-47A3-B1A0-EE1E5C080DCF}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Shared Management Objects (HKLM\...\{E4596849-ADD7-4290-9345-2CDEB932412F}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{8DDAEBCA-4267-4E16-9FE0-D87F21D36891}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{AC66E100-1579-459D-A96D-10AB540D9D41}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 SQL Diagnostics (HKLM\...\{28ED6838-D8E5-454C-A813-12C5EB447CAB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 XEvent (HKLM\...\{2129312E-5204-4F3A-9039-B6D34DBB00FB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server 2019 XEvent (HKLM\...\{F0768C8C-D5B9-4600-A9BD-5BE74B471095}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden SQL Server Management Studio for Reporting Services Localization (HKLM-x32\...\{5F729950-1A0B-470E-98A2-72E50B7DDF88}) (Version: 15.0.18369.0 - Microsoft Corporation) Hidden SSMS Post Install Tasks (HKLM\...\{25C1D6A4-FA0E-475A-92C1-9F5088FE8481}) (Version: 15.0.18369.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stronghold Crusader HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.40.100 - Firefly Studios) Structorizer (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\{0A9D4B3A-04B6-4DD0-814A-08450F3541CD}_is1) (Version: 3.30-10 - Bob Fisch) Surfshark TAP Driver Windows (HKLM-x32\...\{A270BA60-BE4B-44CE-A208-1028297B65C1}) (Version: 1.0.1 - Surfshark) Surfshark TUN Driver Windows (HKLM\...\{7413BE7E-B7F7-4797-B0BD-E4FE4E3FE384}) (Version: 1.0 - Surfshark) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.4.0.2781 - Microsoft Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH) TeamViewer (HKLM\...\TeamViewer) (Version: 15.55.3 - TeamViewer) TFTactics (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Overwolf_delfmdadipjjmpajblkalfkbebcbldbknecigjpc) (Version: 1.16.12 - Overwolf app) TreeSize Free V4.8 (HKLM\...\TreeSize Free_is1) (Version: 4.8 - JAM Software) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 139.2.10843 - Ubisoft) UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.13.0 - Unified Intents AB) Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation) Updater (HKLM-x32\...\Updater) (Version: 3.0.8.1 - Updater) <==== ACHTUNG VALORANT (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software) Visual Studio Community 2019 (HKLM-x32\...\04c54a99) (Version: 16.11.54 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN) vs_filehandler_amd64 (HKLM-x32\...\{102E83BD-B6A0-4C74-AD22-7D594A3435D3}) (Version: 16.11.31503 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{6CBDE7BE-E956-4E0E-81FB-2CB79190C924}) (Version: 16.11.31503 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{AB0010C0-CA62-40C7-BDED-DB2514BDCF19}) (Version: 16.11.34827 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{C1337DAC-D78B-4435-B795-29E8B7D5E75C}) (Version: 16.11.34902 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{8C5B1421-CACA-461B-A173-98B1C7864D06}) (Version: 16.10.31303 - Microsoft Corporation) Hidden Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation) Windows-Treiberpaket - Microsoft (xb1usb) XB1UsbClass (05/26/2014 6.2.11059.0) (HKLM\...\55C4E3678D9D65A8FE9ACBE6091488E6111A5192) (Version: 05/26/2014 6.2.11059.0 - Microsoft) Windows-Treiberpaket - PDP (xb1usb) XB1UsbClass (05/26/2014 6.2.11059.0) (HKLM\...\6E998C0FC2050FEB6758F876BFAA2253AF44A7FF) (Version: 05/26/2014 6.2.11059.0 - PDP) Windscribe (HKLM\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.8.6 - Windscribe Limited) Wondershare EdrawMax(Build 10.1.6.823) (HKLM-x32\...\{037BAB81-3DF7-4381-A72C-A26B57C03548}_is1) (Version: 10.1.6.823 - EdrawSoft Co.,Ltd.) Zoom (HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.) Packages: ========= @{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-14] () Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2026-03-10] () AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2026-02-27] (Advanced Micro Devices Inc.) Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.) DOOM: The Dark Ages -> C:\Program Files\WindowsApps\BethesdaSoftworks.ProjectTitan_1.3.28.0_x64_WW_3275kfvn8vcwc [2025-06-12] (Bethesda Softworks) DOOM: The Dark Ages Void DOOM Slayer Skin -> C:\Program Files\WindowsApps\BethesdaSoftworks.TitanPreorderContent_0.0.2.0_x64__3275kfvn8vcwc [2025-05-15] (Bethesda Softworks) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation) Golf With Your Friends Win 10 -> C:\Program Files\WindowsApps\Team17DigitalLimited.GolfWithYourFriendsWin10_1.0.244.0_x64__j5x4vj4y67jhc [2025-11-07] (Team17 Digital Limited) Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.1082.2350.0_x64__8wekyb3d8bbwe [2025-12-27] (Microsoft Corporation) Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.1082.2350.0_x86__8wekyb3d8bbwe [2025-12-27] (Microsoft Corporation) Ink.Handwriting.Main.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.de-DE.1.0_0.1082.2350.0_x64__8wekyb3d8bbwe [2026-02-26] (Microsoft Corporation) JAMSoftware.TreeSizeFreeContextMenu -> G:\Program Files\TreeSize Free [2025-10-14] (JAM Software) Local AI Manager for Microsoft 365 -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\AI [2026-03-16] () Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2026-03-17] () Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-19] (Microsoft Corporation) Microsoft 365 companion apps -> C:\Program Files\WindowsApps\Microsoft.M365Companions_2.2511.25000.0_x64__8wekyb3d8bbwe [2025-12-18] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-05] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-05] (Microsoft Corporation) [MS Ad] Microsoft.Office.ActionsServer -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\ActionsServer [2026-03-16] () Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_2.5.2.0_x64__8wekyb3d8bbwe [2025-12-11] (Microsoft Studios) Notepad++ -> C:\Program Files (x86)\Notepad++\contextMenu [2026-02-07] (Notepad++) OfficePushNotificationsUtility -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16 [2026-03-16] () PDP Control Hub -> C:\Program Files\WindowsApps\PerformanceDesignedProduc.PDPControlHub_1.4.3.0_x64__xgavg6chk0qcj [2025-09-19] (Performance Designed Products LLC) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2022-08-15] (Realtek Semiconductor Corp) Vampire Survivors -> C:\Program Files\WindowsApps\poncle.VampireSurvivors_1.14.112.0_x64__9pv5cyp4vwdsr [2026-02-11] (poncle) WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.770.947.0_x64__8wekyb3d8bbwe [2026-03-10] (Microsoft Corp.) WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8000.770.947.0_x64__8wekyb3d8bbwe [2026-03-10] (Microsoft Corp.) Xbox Zubehör -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2506.2505.28001.0_x64__8wekyb3d8bbwe [2025-06-20] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001_Classes\CLSID\{5F86DC52-D653-4CFF-BAC7-C3A406AF8946}\localserver32 -> C:\Users\MarianII\AppData\Roaming\Spotify\Spotify.exe (Spotify AB -> Spotify Ltd) CustomCLSID: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\MarianII\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\MarianII\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Keine Datei CustomCLSID: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => Keine Datei CustomCLSID: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> "C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe" -toastactivated => Keine Datei CustomCLSID: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\MarianII\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.25.28902\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programme\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-02-17] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2025-05-21] (g10 Code GmbH -> g10 Code GmbH) ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [Datei ist nicht signiert] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-03-17] (Malwarebytes Inc -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programme\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2025-05-21] (g10 Code GmbH -> g10 Code GmbH) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2026-02-18] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programme\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-03-17] (Malwarebytes Inc -> Malwarebytes) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [MidisrvTransferComplete] => 1 HKLM\...\Drivers32: [midi1] => C:\WINDOWS\system32\wdmaud2.drv [143360 2026-03-10] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [91648 2026-03-10] (Microsoft Windows -> Microsoft Corporation) ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2018-10-05 09:13 - 2018-10-05 09:13 - 000144896 _____ () [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\LAClient\libssh2.dll 2018-10-05 09:13 - 2018-10-05 09:13 - 000077824 _____ () [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\LAClient\zlib.dll 2019-04-18 10:57 - 2019-04-18 10:57 - 000116736 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll 2024-06-03 19:55 - 2016-10-09 22:27 - 000556544 _____ (Soft Service Company) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\wcl.dll 2018-10-05 09:13 - 2018-10-05 09:13 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\LAClient\LIBCURL.dll 2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files\PDF Architect 7\libcurl.dll 2024-06-03 19:55 - 2017-05-28 20:55 - 001846272 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\libcryptoMD.dll 2024-06-03 19:55 - 2017-05-28 20:55 - 000382976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\libsslMD.dll 2018-10-05 09:13 - 2018-10-05 09:13 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\LAClient\LIBEAY32.dll 2018-10-05 09:13 - 2018-10-05 09:13 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\LAClient\SSLEAY32.dll 2018-04-06 19:29 - 2018-04-06 19:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll 2018-04-06 19:29 - 2018-04-06 19:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\ssleay32.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [6874] AlternateDataStreams: C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc:169D67954B [6874] AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [7738] AlternateDataStreams: C:\ProgramData\xvc_installer.log:8A963300F2 [6874] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [7738] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk:73D08CB982 [7738] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [7738] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [7738] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [7738] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:BE800952D3 [7738] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [7738] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster.lnk:7E6B700A8C [7738] AlternateDataStreams: C:\Users\MarianII\Anwendungsdaten:dfc60eccd110e2e3e8f63f01b8c84f49 [394] AlternateDataStreams: C:\Users\MarianII\Desktop\FRST64.exe:MBAM.Zone.Identifier [138] AlternateDataStreams: C:\Users\MarianII\AppData\Roaming:dfc60eccd110e2e3e8f63f01b8c84f49 [394] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ============= HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D041819-N0690A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016 HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE SearchScopes: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001 -> DefaultScope {F8FDFBF7-2B1A-436D-9838-F3D0F8929A98} URL = SearchScopes: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001 -> {F8FDFBF7-2B1A-436D-9838-F3D0F8929A98} URL = BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2026-03-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:/Program Files (x86)/Internet Explorer/Citavi Picker/x64/SwissAcademic.Citavi.IEPicker.DLL => Keine Datei BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2022-07-22] (Oracle America, Inc. -> Oracle Corporation) BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Keine Datei BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-22] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2026-03-16] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH) Toolbar: HKLM-x32 - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH) Toolbar: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001 -> Kein Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} - Keine Datei Toolbar: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001 -> Kein Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - Keine Datei Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-16] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\sharepoint.com -> hxxps://hsweserbergland-files.sharepoint.com IE trusted site: HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2018-09-15 08:31 - 2022-03-01 21:08 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Network =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) DNS Servers: 8.8.8.8 - 8.8.4.4 ist aktiviert. Network Binding: ============= Ethernet 4: TAP-Windows Adapter V9 -> tap0901.sys Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys Ethernet 5: TAP-Surfshark Windows Adapter V9 -> tapsurfshark.sys ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files (x86)\dotnet\;C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files\dotnet\;C:\Program Files (x86)\Gpg4win\..\GnuPG\bin HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\csl.jpg HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 0) (TamperProtectionSource: 3) HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\Run: => "Speedify" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "ConnectionCenter" HKLM\...\StartupApproved\Run32: => "Redirector" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKLM\...\StartupApproved\Run32: => "InstallHelper" HKLM\...\StartupApproved\Run32: => "AnalyticsSrv" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "Web Companion" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "Innkeeper" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "NordVPN" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "Surfshark" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "electron.app.Mobalytics Desktop" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "MobalyticsHQ.DesktopApp" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "DriverFix" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_77DE200E98D1063098FA7E2E691B720E" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "Windscribe" HKU\S-1-5-21-4120191725-2713990712-3395116113-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [TCP Query User{1BCD25DD-5E9A-4647-BC8A-35300A96A7C9}D:\programme\steam\steam.exe] => (Allow) D:\programme\steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [UDP Query User{362410F9-F6EC-42BA-B282-E4BE3CA08BF0}D:\programme\steam\steam.exe] => (Allow) D:\programme\steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{2C436D93-4367-45AB-9CDB-6A833D0F1A79}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei FirewallRules: [{DF857A29-5A3E-415A-91C4-A0A2725C0F38}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei FirewallRules: [{0D41FC3E-D4D4-471A-A1DB-17478C67A06C}] => (Allow) C:\Eigene Dateien\Downloads\Creative_Cloud_Set-Up.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{51C0A6A0-CC44-4DCE-B75D-CFA124F81249}] => (Allow) C:\Eigene Dateien\Downloads\Creative_Cloud_Set-Up.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{40273BBF-6212-4F6B-9562-541FB9F89A80}] => (Allow) G:\SteamLibrary\steamapps\common\Gnorp\(the) Gnorp Apologue.exe () [Datei ist nicht signiert] FirewallRules: [{25B555EC-42C1-4F8B-8207-3D9D180314D6}] => (Allow) G:\SteamLibrary\steamapps\common\Gnorp\(the) Gnorp Apologue.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{22E23F36-9B26-46C3-9DF4-DB9F8E46ADFF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{E519A190-E6E6-448A-9632-76C54A8430E5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [TCP Query User{6574869B-DD8B-4EEE-B254-BF67A862F369}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Allow) C:\program files (x86)\unified remote 3\remoteserverwin.exe (Unified Intents AB -> Unified Intents AB) FirewallRules: [UDP Query User{069A8C1A-B037-4119-9C55-934AAE1CB053}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Allow) C:\program files (x86)\unified remote 3\remoteserverwin.exe (Unified Intents AB -> Unified Intents AB) FirewallRules: [TCP Query User{6153C0C8-9143-4AEC-947E-8628D9591B97}C:\users\marianii\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marianii\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{23238F69-75F9-4635-9852-DE52321A8CAE}C:\users\marianii\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marianii\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{42ABE72A-5AB1-4A39-BD57-6014E8650F62}G:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) G:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{7EFC047C-3354-483F-A52A-AC767EE38799}G:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) G:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{E269258C-B978-4BFE-898B-7E7055FB25A0}G:\wpsystem\s-1-5-21-4120191725-2713990712-3395116113-1001\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Allow) G:\wpsystem\s-1-5-21-4120191725-2713990712-3395116113-1001\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe FirewallRules: [UDP Query User{59ED2353-56E4-49AE-8AE2-FB5746D1120B}G:\wpsystem\s-1-5-21-4120191725-2713990712-3395116113-1001\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Allow) G:\wpsystem\s-1-5-21-4120191725-2713990712-3395116113-1001\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe FirewallRules: [TCP Query User{D58EA04B-ADCA-449C-844F-BBDDD312E3E3}C:\users\marianii\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marianii\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{4FEB24A9-8692-4241-99C6-6368DD6DC13B}C:\users\marianii\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marianii\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9F65169C-ABAE-4D44-8289-B8DFCDF41BA8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8D44F384-7242-4FC8-99DE-9A6FE3036BCA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{C9447BC4-AFD3-42C1-A40D-4A26978052BE}C:\program files (x86)\bitlord\bitlord.exe] => (Allow) C:\program files (x86)\bitlord\bitlord.exe (House of Life) [Datei ist nicht signiert] FirewallRules: [UDP Query User{04FF064E-9E6D-4E6C-BA5A-F49180C4E11E}C:\program files (x86)\bitlord\bitlord.exe] => (Allow) C:\program files (x86)\bitlord\bitlord.exe (House of Life) [Datei ist nicht signiert] FirewallRules: [{DAF52723-29C6-4923-BED3-C8D65F88B058}] => (Allow) G:\SteamLibrary\steamapps\common\Crypt of the NecroDancer\Necrodancer64\Necrodancer.exe () [Datei ist nicht signiert] FirewallRules: [{53295B9F-2998-460F-B56C-C3640A77C6A8}] => (Allow) G:\SteamLibrary\steamapps\common\Crypt of the NecroDancer\Necrodancer64\Necrodancer.exe () [Datei ist nicht signiert] FirewallRules: [{95EC4CF3-1563-4C82-9224-9336AC8BB918}] => (Allow) G:\SteamLibrary\steamapps\common\Stronghold Crusader Definitive Edition\Stronghold Crusader Definitive Edition.exe () [Datei ist nicht signiert] FirewallRules: [{9E35D1E8-0DE8-4AE4-BB07-03962D730AB0}] => (Allow) G:\SteamLibrary\steamapps\common\Stronghold Crusader Definitive Edition\Stronghold Crusader Definitive Edition.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{BC3E19D2-5C76-4EE6-808B-F0C66BB64756}G:\battlenet\diablo iv\diablo iv.exe] => (Allow) G:\battlenet\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{890BF351-B7F4-4773-A899-0AF2184E143D}G:\battlenet\diablo iv\diablo iv.exe] => (Allow) G:\battlenet\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{0840EAE3-9DD4-4B31-A415-2515B4E43359}] => (Allow) C:\Program Files (x86)\Overwolf\0.280.2.1\OverwolfBrowser.exe => Keine Datei FirewallRules: [{38B68D43-0223-4470-B4B0-20B06EDF68E9}] => (Allow) C:\Program Files (x86)\Overwolf\0.280.2.1\OverwolfBrowser.exe => Keine Datei FirewallRules: [{9AA796ED-0A89-41DD-856C-B7DF36BBD572}] => (Block) C:\Program Files (x86)\Overwolf\0.280.2.1\OverwolfBrowser.exe => Keine Datei FirewallRules: [{3B1EB299-5A88-48EA-B1E6-9772679FB19B}] => (Block) C:\Program Files (x86)\Overwolf\0.280.2.1\OverwolfBrowser.exe => Keine Datei FirewallRules: [{B30A6141-9F86-4A07-B7A2-A34A5BE46D06}] => (Block) C:\Program Files (x86)\Overwolf\0.267.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{79E4B95C-F216-4280-A11A-C5AE3217C17E}] => (Block) C:\Program Files (x86)\Overwolf\0.267.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{72EFBD59-0B2C-4B97-9B52-C4637469862D}] => (Allow) C:\Program Files (x86)\Overwolf\0.267.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{DD5D1AB2-5871-46F6-B1D8-4DC0B1D9C574}] => (Allow) C:\Program Files (x86)\Overwolf\0.267.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{61AF7FFD-384F-4F43-99AF-5B5A300F101F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F5244DA2-CF7B-4798-A088-71DBBC25E1FA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CA423F80-0A4C-43E0-9341-1227134BE910}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{4BBDB3A7-A9FD-42EA-AE6A-63F502B4C839}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{11121810-C1A5-4420-97E1-2057E9B0B2EF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{8D6F717E-160C-44E9-AF22-ECB8BAFC5A9C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{2A6C7BDD-2291-4928-9216-B548CAB0BD6C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{02A12DF2-FCDD-4E8D-BC52-ADB14019941D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{68C0B69C-10D3-4034-9D06-9E49D1328545}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{AD5AB608-4286-44B5-86F1-3C6901FD462F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{4A23D289-15F9-465B-BFB3-D046C6AC850A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{BD563027-61EB-4E16-98C2-DA610867D820}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{7D7C03D4-67A7-4EF1-8937-5ACD22657E47}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{28D93BF7-1D19-4EE9-A79B-9B55EEABD668}C:\users\marianii\curseforge\minecraft\install\minecraft.exe] => (Allow) C:\users\marianii\curseforge\minecraft\install\minecraft.exe (Microsoft Corporation -> Mojang) FirewallRules: [UDP Query User{EC25F240-24C9-4614-8FEE-A57C1F0BF756}C:\users\marianii\curseforge\minecraft\install\minecraft.exe] => (Allow) C:\users\marianii\curseforge\minecraft\install\minecraft.exe (Microsoft Corporation -> Mojang) FirewallRules: [TCP Query User{67DF6518-B436-4CC4-9544-CDE39BA3C0EA}C:\users\marianii\curseforge\minecraft\install\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Allow) C:\users\marianii\curseforge\minecraft\install\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe FirewallRules: [UDP Query User{9A13C7B4-305C-42E3-B2AF-FD393C5579F5}C:\users\marianii\curseforge\minecraft\install\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Allow) C:\users\marianii\curseforge\minecraft\install\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe FirewallRules: [{13103360-0667-4CB5-8DCA-151B55BB302F}] => (Allow) C:\Users\MarianII\AppData\Local\Programs\Opera\opera.exe => Keine Datei FirewallRules: [TCP Query User{D16C2C97-AB7D-48A1-A334-3180B41A6AEB}G:\riot games\2xko\live\lion\binaries\win64\lion-win64-shipping.exe] => (Allow) G:\riot games\2xko\live\lion\binaries\win64\lion-win64-shipping.exe (Riot Games, Inc. -> Riot) FirewallRules: [UDP Query User{5E17E017-CEA7-43C3-B83D-BA27445DB93A}G:\riot games\2xko\live\lion\binaries\win64\lion-win64-shipping.exe] => (Allow) G:\riot games\2xko\live\lion\binaries\win64\lion-win64-shipping.exe (Riot Games, Inc. -> Riot) FirewallRules: [TCP Query User{4E830F09-C6EB-4893-8E09-2A64E739C112}D:\programme\monero gui wallet\monero-wallet-gui.exe] => (Allow) D:\programme\monero gui wallet\monero-wallet-gui.exe => Keine Datei FirewallRules: [UDP Query User{02BBBEE4-DF22-4CDF-BAC2-2CBACE45181C}D:\programme\monero gui wallet\monero-wallet-gui.exe] => (Allow) D:\programme\monero gui wallet\monero-wallet-gui.exe => Keine Datei FirewallRules: [TCP Query User{B733FE04-4FBC-41D8-873F-B85E796D4CC5}D:\programme\monero gui wallet\monerod.exe] => (Allow) D:\programme\monero gui wallet\monerod.exe => Keine Datei FirewallRules: [UDP Query User{FC3D1AB3-52D6-4982-A77E-94C6D2200149}D:\programme\monero gui wallet\monerod.exe] => (Allow) D:\programme\monero gui wallet\monerod.exe => Keine Datei FirewallRules: [{02C51C27-C4DB-4C78-B920-0B903A6FE369}] => (Allow) G:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc.) FirewallRules: [{35DBF5AD-D089-4BED-997D-5A06B4207DC1}] => (Allow) G:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc.) FirewallRules: [TCP Query User{F095489C-A011-43D1-B8A4-AD9497E18B4C}G:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) G:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [UDP Query User{663B741C-C9A7-4555-8E11-8536EA21AB3C}G:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) G:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [{202C3CD2-BD5F-48CD-9514-822E7A56989B}] => (Allow) G:\SteamLibrary\steamapps\common\Super Fantasy Kingdom\Super Fantasy Kingdom.exe () [Datei ist nicht signiert] FirewallRules: [{9393CDF3-5382-4267-9AC2-1C12ECA92A0C}] => (Allow) G:\SteamLibrary\steamapps\common\Super Fantasy Kingdom\Super Fantasy Kingdom.exe () [Datei ist nicht signiert] FirewallRules: [{37FF097F-3FA7-4C61-9209-16FD8C5115EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E2DB729B-6181-45FD-BFF9-08D5232ADCD1}] => (Allow) D:\Programme\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{0BBA6F26-6964-4E80-BD2A-AE27E600C42B}] => (Allow) D:\Programme\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{FF079A9E-4D5B-477A-BC45-3C6F60FC0818}] => (Allow) G:\SteamLibrary\steamapps\common\csgo legacy\csgo.exe (Valve Corp. -> ) FirewallRules: [{C71316D6-5E2E-485E-A9ED-784C3EEA92F8}] => (Allow) G:\SteamLibrary\steamapps\common\csgo legacy\csgo.exe (Valve Corp. -> ) FirewallRules: [{578A99E7-1437-4799-84AA-582A9C17A5F5}] => (Allow) G:\SteamLibrary\steamapps\common\Slay the Spire 2\SlayTheSpire2.exe () [Datei ist nicht signiert] FirewallRules: [{96765760-B969-4EC2-BFD1-9C3000AF4D0D}] => (Allow) G:\SteamLibrary\steamapps\common\Slay the Spire 2\SlayTheSpire2.exe () [Datei ist nicht signiert] FirewallRules: [{A6ECB4D7-1BD2-4D6D-88C7-25B0645D3D40}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{E8F91AF7-94FF-450D-B14F-4FBAAAC5D2FA}] => (Allow) G:\SteamLibrary\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [Datei ist nicht signiert] FirewallRules: [{8D38A6C8-59BB-4275-A927-9952AA458668}] => (Allow) G:\SteamLibrary\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [Datei ist nicht signiert] ==================== Wiederherstellungspunkte ========================= 16-03-2026 18:52:19 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 17-03-2026 21:15:51 Installed AMD_Chipset_Drivers. ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: AMD PSP Device Description: AMD PSP Device Class Guid: {d94ee5d8-d189-4994-83d2-f68d7d41b0e6} Manufacturer: Advanced Micro Devices Inc. Service: amdpsp Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (03/17/2026 10:00:07 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für TRINI09\CSL-MARIAN$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 17 Mar 2026 21:00:10 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 6f5a0727-d59d-4e33-aa3e-ba548d61220d Methode: GET(437ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (03/17/2026 10:00:07 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 17 Mar 2026 21:00:08 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: c8599a2c-b454-495b-b04a-92d8a8305ac1 Methode: GET(1375ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (03/17/2026 09:43:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte Defragmentierung auf \\?\Volume{a4afb44d-6135-11e9-875a-806e6f6e6963}\ nicht abschließen. Grund: Die Volumes können nicht optimiert werden, weil der Datei Systemtyp nicht unter stützt wird. (0x8900002F) Error: (03/17/2026 08:16:39 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für TRINI09\CSL-MARIAN$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 17 Mar 2026 19:16:41 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: fc9ef886-f294-4131-9014-7d641046a2b3 Methode: GET(469ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (03/17/2026 08:16:39 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 17 Mar 2026 19:16:39 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: a0fac3bf-5abd-4efc-992f-a7f9764a7b09 Methode: GET(2110ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (03/17/2026 08:14:53 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.. Error: (03/17/2026 08:14:53 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.] Error: (03/17/2026 07:09:05 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für TRINI09\CSL-MARIAN$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 17 Mar 2026 18:09:07 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 9393f048-b851-4343-a8ae-d74ab88a5e3e Methode: GET(1828ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Systemfehler: ============= Error: (03/17/2026 09:59:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (03/17/2026 09:59:35 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS Error: (03/17/2026 09:32:30 PM) (Source: DCOM) (EventID: 10010) (User: CSL-MARIAN) Description: Der Server "MicrosoftWindows.Client.CBS_1000.26100.300.0_x64__cw5n1h2txyewy!Global.DesktopSpotlight.AppXmakp9w4re9tj70pp8mcdrt273xajen0x.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (03/17/2026 09:31:33 PM) (Source: DCOM) (EventID: 10010) (User: CSL-MARIAN) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (03/17/2026 09:31:33 PM) (Source: DCOM) (EventID: 10010) (User: CSL-MARIAN) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (03/17/2026 09:31:33 PM) (Source: DCOM) (EventID: 10010) (User: CSL-MARIAN) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (03/17/2026 09:31:33 PM) (Source: DCOM) (EventID: 10010) (User: CSL-MARIAN) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (03/17/2026 09:31:33 PM) (Source: DCOM) (EventID: 10010) (User: CSL-MARIAN) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Windows Defender: ================ Date: 2026-03-17 19:18:01 Description: Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòʼn.%и %τŜсäи ĮÐ:%ь{2C0F4496-48CA-4D9A-9D12-55BF5A8D718C}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáʼn Рдґáměτéяѕ:%ьSchnellüberprüfung%ή %τЦѕеŗ:%ьCSL-MARIAN\MarianII%π %тŞτοφ Ŗēăşøŋ:%ьЏηκņóώη Date: 2026-02-21 09:05:36 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUAMiner:Win64/CoinMiner&threatid=311417&enterprise=1 Name: PUAMiner:Win64/CoinMiner Schweregrad: Schwerwiegend Kategorie: Potenziell unerwünschte Software Pfad: file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monero GUI Wallet\Utilities\Monero Daemon.lnk; file:_D:\Programme\Monero GUI Wallet\monerod.exe; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monero GUI Wallet\Utilities\Monero Daemon.lnk Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: CSL-MARIAN\MarianII Prozessname: C:\Windows\System32\taskhostw.exe Sicherheitsversion: AV: 1.445.156.0, AS: 1.445.156.0, NIS: 1.445.156.0 Modulversion: AM: 1.1.26010.1, NIS: 1.1.26010.1 Date: 2026-02-21 09:04:03 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUAMiner:Win64/CoinMiner&threatid=311417&enterprise=1 Name: PUAMiner:Win64/CoinMiner Schweregrad: Schwerwiegend Kategorie: Potenziell unerwünschte Software Pfad: file:_D:\Programme\Monero GUI Wallet\monerod.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: CSL-MARIAN\MarianII Prozessname: C:\Windows\System32\taskhostw.exe Sicherheitsversion: AV: 1.445.156.0, AS: 1.445.156.0, NIS: 1.445.156.0 Modulversion: AM: 1.1.26010.1, NIS: 1.1.26010.1 Date: 2026-02-19 16:08:51 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUAMiner:Win32/CoinMiner&threatid=311416&enterprise=1 Name: PUAMiner:Win32/CoinMiner Schweregrad: Schwerwiegend Kategorie: Potenziell unerwünschte Software Pfad: file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monero GUI Wallet\GUI Wallet.lnk; file:_D:\Programme\Monero GUI Wallet\monero-wallet-gui.exe; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Monero GUI Wallet_is1; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monero GUI Wallet\GUI Wallet.lnk; uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Monero GUI Wallet_is1 Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: CSL-MARIAN\MarianII Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.445.123.0, AS: 1.445.123.0, NIS: 1.445.123.0 Modulversion: AM: 1.1.26010.1, NIS: 1.1.26010.1 Date: 2026-02-19 16:08:05 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUAMiner:Win32/CoinMiner&threatid=311416&enterprise=1 Name: PUAMiner:Win32/CoinMiner Schweregrad: Schwerwiegend Kategorie: Potenziell unerwünschte Software Pfad: file:_D:\Programme\Monero GUI Wallet\monero-wallet-gui.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: CSL-MARIAN\MarianII Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.445.123.0, AS: 1.445.123.0, NIS: 1.445.123.0 Modulversion: AM: 1.1.26010.1, NIS: 1.1.26010.1 Event[0] Date: 2026-03-17 21:58:22 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren. Security Intelligence versucht: Aktuell Fehlercode: 0x80501102 Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". Security Intelligence-Version: 1.445.588.0;1.445.588.0 Modulversion: 1.1.26010.1 Date: 2026-03-17 18:51:49 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren. Security Intelligence versucht: Aktuell Fehlercode: 0x80501102 Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". Security Intelligence-Version: 1.445.572.0;1.445.572.0 Modulversion: 1.1.26010.1 Date: 2026-03-12 20:48:09 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren. Security Intelligence versucht: Aktuell Fehlercode: 0x80501102 Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". Security Intelligence-Version: 1.445.496.0;1.445.496.0 Modulversion: 1.1.26010.1 Date: 2026-02-11 21:06:58 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren. Security Intelligence versucht: Aktuell Fehlercode: 0x80501102 Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". Security Intelligence-Version: 1.443.1125.0;1.443.1125.0 Modulversion: 1.1.25110.1 Date: 2026-01-30 10:21:15 Description: Fehler des Microsoft Defender Antivirus-Echtzeitschutz-Features. Feature: Netzwerkinspektionssystem Fehlercode: 0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: Dem System fehlen erforderliche Updates zum Ausführen des Netzwerkinspektionssystems. Installieren Sie die erforderlichen Updates, und starten Sie das Gerät neu. CodeIntegrity: =============== Date: 2026-03-17 22:03:07 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Users\MarianII\AppData\Local\Discord\app-1.0.9229\Discord.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.267.1.1\OWClient.dll that did not meet the Microsoft signing level requirements. Date: 2026-03-17 22:03:07 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Users\MarianII\AppData\Local\Discord\app-1.0.9229\Discord.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.267.1.1\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements. Date: 2026-03-17 22:02:44 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 0409 08/24/2018 Hauptplatine: ASUSTeK COMPUTER INC. PRIME B450M-A Prozessor: AMD Ryzen 5 2600X Six-Core Processor Prozentuale Nutzung des RAM: 16% Installierter physikalischer RAM: 49081.16 MB Verfügbarer physikalischer RAM: 41075.18 MB Summe virtueller Speicher: 59321.16 MB Verfügbarer virtueller Speicher: 49341.21 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:222.03 GB) (Free:45.01 GB) (Model: KINGSTON SA400S37240G) NTFS Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:534.45 GB) (Model: TOSHIBA HDWD110) NTFS Drive g: (Volume) (Fixed) (Total:931.5 GB) (Free:122.08 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS Drive h: (Volume) (Fixed) (Total:931.51 GB) (Free:931.06 GB) (Model: Samsung SSD 860 QVO 1TB SATA Disk Device) NTFS \\?\Volume{db49e498-0f4b-44da-82d1-2d9f39b35391}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS \\?\Volume{3984e53a-a09a-4ffc-b304-2e2f89d32f30}\ () (Fixed) (Total:0.87 GB) (Free:0.06 GB) NTFS \\?\Volume{6a0c8389-ae0e-4460-a29f-c84d0a2aab01}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 3 (Size: 931.5 GB) (Disk ID: 3B994C9E) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt =======================