Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)
-   -   Plötzliche Performance-Einbrüche – Defekter Block + illegale Software + veraltete Firmware/Treiber/Software (https://www.trojaner-board.de/214533-ploetzliche-performance-einbrueche-defekter-block-illegale-software-veraltete-firmware-treiber-software.html)

PedroPony 23.01.2025 00:32
Plötzliche Performance-Einbrüche – Defekter Block + illegale Software + veraltete Firmware/Treiber/Software
 
Hallo liebes Trojaner-Board-Team,

ich habe seit einiger Zeit das Gefühl, dass mein PC immer langsamer reagiert.
Beim Surfen und auch beim Arbeiten mit Office-Programmen kommt es zunehmend zu Rucklern und Verzögerungen.
Ein vollständiger Virenscan mit meinem Antivirenprogramm hat nichts Verdächtiges gefunden, trotzdem bin ich etwas misstrauisch,
ob vielleicht doch irgendeine unerwünschte Software im Hintergrund läuft.

Daher habe ich mit dem Farbar Recovery Scan Tool (FRST) zwei Logfiles erstellt (FRST.txt und Addition.txt),
die ich euch hier gerne zur Analyse bereitstelle.

Betriebssystem: Win11 64 bit
Hardware: ROG Crosshair VIII Hero, AMD Ryzen 9 3950x, 32gb Ram, RTX 4060Ti
Aktuelle Antivirensoftware: Bitdefender 27.0.46.231

Anbei die beiden Logfiles. Könnt ihr bitte mal drüberschauen und mir sagen, ob alles in Ordnung ist oder ob ich etwas unternehmen sollte?
Falls ihr noch zusätzliche Infos oder Scans benötigt, lasst es mich gerne wissen.

Vielen Dank schon mal für eure Hilfe und eure Zeit!

Viele Grüße,
Pedro

FRST.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
durchgeführt von 20med (Administrator) auf HERO (ASUS System Product Name) (22-01-2025 23:39:59)
Gestartet von D:\Downloads\FRST64.exe
Geladene Profile: 20med
Plattform: Microsoft Windows 11 Pro Version 23H2 22631.4751 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Brave
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files (x86)\moomoo\moomoo.exe ->) (Moomoo Technologies Inc. -> Moomoo Technologies Inc) C:\Program Files (x86)\moomoo\FTBrowserProxy.exe
(C:\Program Files (x86)\moomoo\moomoo.exe ->) (Moomoo Technologies Inc. -> Moomoo Technologies Inc) C:\Program Files (x86)\moomoo\FTIMShell.exe
(C:\Program Files (x86)\moomoo\moomoo.exe ->) (Moomoo Technologies Inc. -> Moomoo Technologies Inc) C:\Program Files (x86)\moomoo\FTNNWeb.exe <4>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.290\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\DWAgent\native\dwagsvc.exe ->) (Python Software Foundation -> Python Software Foundation) C:\Program Files\DWAgent\runtime\dwagent.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.stopwatch.sdPlugin\com.barraider.stopwatch.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.cpu.sdPlugin\cpu.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\StreamDeck\crashpad_handler.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Elgato\StreamDeck\node\node20.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (The Qt Company Oy -> The Qt Company Ltd.) C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe <3>
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Voicemod Sociedad Limitada -> ) C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\net.voicemod.windowsdesktop.sdPlugin\voicemodplugin.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo.exe ->) () [Datei ist nicht signiert] C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo-plugin.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <45>
(explorer.exe ->) (BUREL VINCENT -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (Moomoo Technologies Inc. -> Moomoo Technologies Inc) C:\Program Files (x86)\moomoo\moomoo.exe
(explorer.exe ->) (Reolink Innovation Inc. -> Shenzhen Reolink Technology Co., Ltd.) C:\Users\20med\AppData\Local\Programs\Reolink\Reolink.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Begonia Holdings -> ) C:\Program Files\HopToDesk\HopToDesk.exe <5>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe
(services.exe ->) (DWSNET OÜ -> ) C:\Program Files\DWAgent\native\dwagsvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_3d88c2eb4775cc07\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_844e1459fc4a4c84\RtkAudUService64.exe <2>
(spacedeskService.exe ->) (Datronicsoft, Inc. -> datronicsoft) C:\Windows\System32\spacedeskServiceTray.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <7>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.220.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_844e1459fc4a4c84\RtkAudUService64.exe [1363544 2021-09-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088776 2024-12-17] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [DWAgentMon] => C:\Program Files\DWAgent\native\dwaglnc.exe [187384 2023-05-17] (DWSNET OÜ -> )
HKLM\...\Run: [Stream Deck] => C:\Program Files\Elgato\StreamDeck\StreamDeck.exe [22485416 2024-12-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ACHTUNG
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [MicrosoftEdgeAutoLaunch_A1BFE52831D1831DDB08D01903C65CE8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [22373784 2024-12-14] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [Discord] => C:\Users\20med\AppData\Local\Discord\Update.exe [1525016 2023-02-13] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [moomoo] => C:\Program Files (x86)\moomoo\moomoo.exe [4092008 2025-01-03] (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4412512 2024-11-12] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37426152 2024-03-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [Opera Stable] => C:\Users\20med\AppData\Local\Programs\Opera\opera.exe [1573272 2024-12-30] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [com.reolink.app] => C:\Users\20med\AppData\Local\Programs\Reolink\Reolink.exe [152142696 2024-01-10] (Reolink Innovation Inc. -> Shenzhen Reolink Technology Co., Ltd.)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [GoogleChromeAutoLaunch_7A8D307BFD9826111064367C3DA8A49E] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [2955280 2025-01-15] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [Volume Controller SD plugin] => C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe [108072 2023-09-18] (Corsair Memory, Inc. -> )
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\MountPoints2: {c28fd161-d098-11ed-b1ad-001a7dda7114} - "G:\setup.exe"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.265\Installer\chrmstp.exe [2025-01-09] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\132.1.74.48\Installer\chrmstp.exe [2025-01-15] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CMSClient.exe - Verknüpfung.lnk [2023-05-06]
ShortcutTarget: CMSClient.exe - Verknüpfung.lnk -> C:\Program Files (x86)\CMSClient\CMSClient.exe (Keine Datei)
Startup: C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2023-04-01]
ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe (BUREL VINCENT -> VB-AUDIO Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HopToDesk Tray.lnk [2023-06-02]
ShortcutTarget: HopToDesk Tray.lnk -> C:\Program Files\HopToDesk\HopToDesk.exe (Begonia Holdings -> )

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {DFFECC1E-4263-48E1-A5E1-E02B7DA38DFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {924EF948-7034-4D81-9237-11CEC7589332} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AC5F9A1A-926F-4AAC-9B8E-05217F527117} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe  (Keine Datei)
Task: {F4A5F8C2-0FE1-4AA9-BD9E-51BC4C97D3FF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [398176 2024-10-30] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0E6443DE-B219-4482-85E0-28E03DD71BF1} - System32\Tasks\ASUS\Armoury Crate Service Task_CountDown => C:\ProgramData\ASUS\FestsEffect\data\CountDown\CountDown.exe [108504 2023-10-31] (ASUSTeK COMPUTER INC. -> )
Task: {942BC44A-E8F0-43B4-81DB-9FA6740A9BCC} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1779544 2024-10-30] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {4B9E690D-C33C-44E8-B3B9-A45C93B55EB5} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d9831e47094639 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {800BB86F-A10A-4CE0-9479-0A9D30DB8D5A} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {B817509C-4DB6-4304-B3F8-A562B9681546} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [152109928 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {ECF80CC8-BD48-4468-A0F1-805D3E74D650} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2024-04-09] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {BD93F214-F3BA-4EB6-B19D-740062F0952D} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (Keine Datei)
Task: {D484392F-AFC9-4C94-88E2-90EBB6B09B94} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.290\WatchDog.exe [1156904 2024-11-20] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.0.1.290\repair
Task: {269CAD81-0B3E-43D0-8E43-CB8C44F20773} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{AA503E32-B730-4DA0-9098-E3CFFC6F956F} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {771C806A-7DE7-445B-85C3-E3A23F69118B} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{5E24015E-2AB9-4EED-B44E-2C82368CB34A} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {454CB513-8FEC-4FF7-BAE5-5D334602AA48} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6944.0{54177025-481F-4716-B2C9-884014BF6CA8} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6944.0\updater.exe [5660768 2025-01-08] (Google LLC -> Google LLC)
Task: {E30CF2B3-FDF3-4CBC-BC9D-E9C50FA7DD67} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [5967976 2015-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {87A2C86C-3E0F-444B-A21A-6E79E8A6597E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [5967976 2015-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC72CF80-9972-4D6A-8B8D-EC46099426B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [315056 2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F90879F-5912-4643-8D60-2C49E452037F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [315056 2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {585AB7F8-69C5-4F3F-BA88-995D3CF11E82} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3195794931-441281619-763393423-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {7B7E3D71-A85F-4CFE-B26D-5039AC3051C3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {36ED9C91-9F08-4F41-A62C-FA6CF083E954} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8820DE51-C292-4F94-9FB0-AB2136F4EC61} - System32\Tasks\Opera scheduled Autoupdate 1709671543 => C:\Users\20med\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5596568 2024-12-23] (Opera Norway AS -> Opera Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2449aa3c-7d6e-4358-8db6-4171878cbb8c}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2449aa3c-7d6e-4358-8db6-4171878cbb8c}: [DhcpDomain] speedport.ip

Edge:
=======
Edge Profile: C:\Users\20med\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-03]
Edge HomePage: Default -> hxxps://browser.services/?B=EH&id=19373
Edge Extension: (Google Docs Offline) - C:\Users\20med\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-16]
Edge Extension: (Edge relevant text changes) - C:\Users\20med\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-05]

FireFox:
========
FF DefaultProfile: gnh9uukh.default
FF ProfilePath: C:\Users\20med\AppData\Roaming\Mozilla\Firefox\Profiles\gnh9uukh.default [2024-06-17]
FF ProfilePath: C:\Users\20med\AppData\Roaming\Mozilla\Firefox\Profiles\0a31mnfr.default-release [2024-12-30]
FF Notifications: Mozilla\Firefox\Profiles\0a31mnfr.default-release -> hxxps://www.facebook.com
FF Extension: (NordVPN - a VPN proxy extension for Firefox) - C:\Users\20med\AppData\Roaming\Mozilla\Firefox\Profiles\0a31mnfr.default-release\Extensions\nordvpnproxy@nordvpn.com.xpi [2024-06-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2023-06-09] []
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2024-06-17] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2024-06-17] <==== ACHTUNG

Chrome:
=======
CHR Profile: C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default [2025-01-22]
CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://dlive.tv; hxxps://inspector.twitch.tv
CHR Extension: (Easy Auto Refresh) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2024-02-16]
CHR Extension: (BetterTTV) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-12-27]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-01-20]
CHR Extension: (FrankerFaceZ) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2024-12-14]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2025-01-22]
CHR Extension: (Google Docs Offline) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-18]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-01-22]
CHR Extension: (Shazam: Find song names from your browser) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-11-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28]

Opera:
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKU\S-1-5-21-3195794931-441281619-763393423-1001) OperaStable - "C:\Users\20med\AppData\Local\Programs\Opera\opera.exe"

Brave:
=======
BRA Profile: C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-01-22]
BRA DownloadDir: D:\Downloads
BRA Notifications: Default -> hxxps://de.tradingview.com; hxxps://dlive.tv; hxxps://mail.google.com; hxxps://webmail.all-inkl.com; hxxps://www.binance.com; hxxps://www.bitget.com; hxxps://www.tradingview.com
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Easy Auto Refresh) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2024-02-09]
BRA Extension: (Google Übersetzer) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-11]
BRA Extension: (Nova Click) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\agegahikpkeljmhlggpipmepoigaimdk [2025-01-22]
BRA Extension: (Phantom) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bfnaelmomeimhlpmgjnjophhpkkoljpa [2025-01-21]
BRA Extension: (Social Blade) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2023-07-18] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ACHTUNG
BRA Extension: (uBlock Origin) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-01-03]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-01-20]
BRA Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2025-01-22]
BRA Extension: (Keepa - Amazon Price Tracker) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2025-01-07]
BRA Extension: (Helium 10) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2025-01-22]
BRA Extension: (MetaMask) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2025-01-22]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-01-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-01-22]
BRA Extension: (Brave NTP background images) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-09-11]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-01-22]
BRA Extension: (Wallet Data Files Updater) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-22]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-01-22]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-01-04]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-01-22]
BRA Extension: (Brave Ads Resources) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2025-01-22]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2025-01-22]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-11-20]
BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-19]
BRA Extension: (Brave NTP sponsored images) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2025-01-22]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [401880 2024-12-21] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe [908648 2024-10-02] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [503144 2024-09-25] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe [1854312 2024-10-02] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678760 2023-05-10] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [845256 2025-01-21] (ASUSTeK Computer Inc. -> )
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851640 2024-12-17] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-17] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-17] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-31] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [852152 2024-12-17] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-11-24] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-01] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\132.1.74.48\elevation_service.exe [2766352 2025-01-15] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-01] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DWAgent; C:\Program Files\DWAgent\native\dwagsvc.exe [1136120 2023-05-17] (DWSNET OÜ -> )
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-09-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-05-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 HopToDesk; C:\Program Files\HopToDesk\HopToDesk.exe [13093328 2023-05-18] (Begonia Holdings -> )
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11744152 2024-12-14] (Logitech Inc -> Logitech, Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4955496 2024-08-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe [11177064 2024-10-29] (Logitech Inc -> Logitech, Inc.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1920152 2021-11-01] (A-Volute SAS -> Nahimic)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2023-05-24] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_3d88c2eb4775cc07\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [714200 2024-11-20] (Bitdefender SRL -> Bitdefender)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2125352 2024-11-22] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [1226656 2021-06-07] (Datronicsoft, Inc. -> )
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291224 2024-12-17] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ArmouryLiveUpdate; %SystemRoot%\System32\DriverStore\FileRepository\rogms.inf_amd64_9074891d243b506d\ArmouryLiveUpdate.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [58936 2024-09-24] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [7505856 2024-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R3 AVoluteSS3Vad; C:\WINDOWS\System32\drivers\AVoluteSS3Vad.sys [93672 2021-10-14] (A-Volute -> Windows (R) Win 7 DDK provider)
R2 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [969664 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2023-11-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [42432 2024-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [34920 2024-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1490896 2024-09-05] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [849968 2024-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54888 2024-07-01] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R3 logi_audio_surround; C:\WINDOWS\System32\DriverStore\FileRepository\logi_audio.inf_amd64_affafe6e263c4f51\logi_audio_surround.sys [44112 2024-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-10-05] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-10-05] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray.sys [89192 2024-10-29] (Logitech Inc -> Logitech, Inc.)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\Program Files\NordVPN\7.31.8.0\Drivers\NDivert.sys [131472 2024-10-31] (nordvpn s.a. -> Nordvpn S.A.)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [104600 2024-09-12] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
S3 spacedeskDriverBus; C:\WINDOWS\System32\drivers\spacedeskDriverBus.sys [102848 2021-06-07] (Datronicsoft, Inc. -> datronicsoft Inc.)
S3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [36800 2021-06-02] (Datronicsoft, Inc. -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-06-29] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [41120 2024-09-12] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [629184 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2021-08-23] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2021-08-23] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1403456 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S3 WinDivert1.1; C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys [35376 2013-12-03] (Nemea Mjukvaruutveckling AB -> Basil Projects)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 cpuz157; \??\C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [X] <==== ACHTUNG
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== ACHTUNG
S1 nordlwf; \SystemRoot\system32\DRIVERS\nordlwf.sys [X]
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]
S3 ROGKB; \SystemRoot\System32\DriverStore\FileRepository\rogkb.inf_amd64_d77507607440a92c\ROGKB.sys [X]
S3 ROGMS; \SystemRoot\System32\DriverStore\FileRepository\rogms.inf_amd64_9074891d243b506d\ROGMS.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-01-22 23:16 - 2025-01-22 23:40 - 000000000 ____D C:\FRST
2025-01-22 13:50 - 2025-01-22 13:50 - 000000000 ____D C:\Users\20med\AppData\Roaming\Microsoft\PowerPoint
2025-01-21 12:35 - 2025-01-21 12:35 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat
2025-01-21 12:35 - 2025-01-21 12:35 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat
2025-01-15 21:39 - 2025-01-16 04:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-13 15:37 - 2025-01-13 15:37 - 000000000 ____D C:\Program Files\Elgato
2025-01-13 11:10 - 2025-01-13 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\moomoo
2025-01-12 00:41 - 2025-01-12 00:41 - 000002895 _____ C:\Users\20med\Desktop\Snapchat.lnk
2025-01-12 00:41 - 2025-01-12 00:41 - 000000000 ____D C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave-Apps
2025-01-03 12:56 - 2025-01-12 18:01 - 000000000 ____D C:\Users\20med\AppData\Roaming\Amazon
2025-01-03 12:55 - 2025-01-09 12:44 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-01-03 12:55 - 2025-01-03 12:55 - 000001304 _____ C:\Users\20med\Desktop\Kindle Create.lnk
2025-01-03 12:55 - 2025-01-03 12:55 - 000000000 ____D C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2025-01-03 12:55 - 2025-01-03 12:55 - 000000000 ____D C:\Users\20med\.kindle
2025-01-03 12:54 - 2025-01-03 12:54 - 000000000 ____D C:\Users\20med\AppData\Local\Amazon
2024-12-29 16:50 - 2024-12-29 16:50 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2024-12-29 16:50 - 2024-12-29 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-12-29 16:50 - 2024-12-29 16:50 - 000000000 ____D C:\Program Files\LGHUB

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-01-22 23:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-22 22:55 - 2024-03-07 10:40 - 000000000 ____D C:\Users\20med\AppData\Roaming\reolink
2025-01-22 21:46 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-22 20:21 - 2023-04-01 15:59 - 000000000 ____D C:\Users\20med\AppData\Local\JDownloader 2.0
2025-01-22 19:55 - 2023-05-10 10:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2025-01-22 15:31 - 2023-05-10 10:03 - 000000000 ____D C:\Program Files\ASUS
2025-01-22 13:54 - 2023-04-01 11:39 - 000000000 ____D C:\Users\20med\AppData\Local\Packages
2025-01-22 13:17 - 2023-04-26 14:41 - 000000000 ____D C:\Users\20med\Desktop\Rendern
2025-01-22 12:07 - 2023-04-01 11:39 - 000000000 ____D C:\Users\20med\AppData\Local\D3DSCache
2025-01-22 07:18 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-22 07:18 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-21 12:44 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2025-01-21 12:35 - 2023-04-01 11:40 - 001754668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-21 12:35 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2025-01-21 12:33 - 2022-05-07 06:17 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2025-01-21 12:29 - 2023-07-05 07:25 - 000000000 ____D C:\Users\20med\AppData\Roaming\asus_framework
2025-01-21 12:29 - 2023-04-01 11:31 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-21 12:28 - 2024-06-17 20:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-21 12:28 - 2023-05-17 11:42 - 000000000 ____D C:\Program Files\DWAgent
2025-01-21 12:28 - 2023-04-01 11:30 - 000901328 _____ () C:\WINDOWS\system32\wpbbin.exe
2025-01-21 12:28 - 2023-04-01 11:30 - 000845256 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2025-01-21 12:28 - 2023-04-01 11:30 - 000303960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-01-21 12:28 - 2023-04-01 11:30 - 000012288 ___SH C:\DumpStack.log.tmp
2025-01-21 12:28 - 2023-04-01 11:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-21 12:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-21 12:27 - 2023-10-19 19:23 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-21 12:27 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-01-21 12:26 - 2023-04-01 16:59 - 000046356 _____ C:\Users\20med\AppData\Roaming\VoiceMeeterBananaDefault.xml
2025-01-21 12:26 - 2023-04-01 16:54 - 000000000 ____D C:\Users\20med\AppData\Local\CrashDumps
2025-01-21 12:26 - 2023-04-01 11:37 - 000000000 ____D C:\Users\20med
2025-01-19 17:56 - 2023-04-01 11:31 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-17 21:13 - 2023-04-01 13:47 - 000000000 ____D C:\Users\20med\AppData\Roaming\vlc
2025-01-16 23:38 - 2023-04-01 11:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-16 23:35 - 2023-04-01 11:45 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-16 23:35 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-16 04:39 - 2024-06-17 20:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-01-16 04:39 - 2024-06-17 20:37 - 000001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-15 22:09 - 2023-04-01 12:35 - 000002316 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-01-15 20:34 - 2023-09-01 05:43 - 000000000 ____D C:\Users\20med\AppData\Roaming\G HUB
2025-01-15 20:34 - 2023-04-01 14:08 - 000000000 ____D C:\Users\20med\AppData\Roaming\lghub
2025-01-15 20:33 - 2023-04-01 14:08 - 000000000 ____D C:\Users\20med\AppData\Local\LGHUB
2025-01-14 01:17 - 2023-04-01 11:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-13 23:36 - 2023-04-01 15:58 - 000000128 _____ C:\Users\20med\AppData\Roaming\winscp.rnd
2025-01-13 15:37 - 2023-10-27 05:26 - 000000000 ____D C:\ProgramData\obs-studio
2025-01-13 15:37 - 2023-05-10 10:21 - 000001105 _____ C:\Users\Public\Desktop\Stream Deck.lnk
2025-01-13 11:19 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-01-13 11:10 - 2023-04-15 07:56 - 000001062 _____ C:\Users\Public\Desktop\moomoo.lnk
2025-01-13 11:10 - 2023-04-01 12:46 - 000000000 ____D C:\Program Files (x86)\moomoo
2025-01-13 07:49 - 2023-04-16 11:39 - 000000000 ____D C:\Users\20med\AppData\Roaming\obs-studio
2025-01-09 23:47 - 2023-04-01 14:10 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-09 11:39 - 2024-06-17 20:37 - 000001013 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-01-07 11:39 - 2023-06-08 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2025-01-07 11:39 - 2023-06-08 09:04 - 000000000 ____D C:\Program Files\NordVPN
2025-01-02 13:02 - 2023-05-10 10:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2025-01-02 13:00 - 2023-04-01 14:07 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-02 12:50 - 2023-05-10 09:59 - 000000000 ____D C:\Program Files (x86)\ASUS
2024-12-30 12:33 - 2024-03-05 21:45 - 000004222 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1709671543
2024-12-30 12:33 - 2024-03-05 21:45 - 000001386 _____ C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2024-12-29 16:48 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-12-29 16:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-12-29 16:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-12-29 00:44 - 2023-06-09 22:23 - 000000000 ____D C:\Users\20med\AppData\Roaming\Ledger Live

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2023-05-26 21:20 - 2023-05-26 21:21 - 000621326 _____ () C:\Program Files (x86)\VMS Setup Log.txt
2024-03-10 20:29 - 2024-03-10 20:29 - 000278199 _____ () C:\Program Files (x86)\VMS Uninstall Log.txt
2024-03-07 10:40 - 2024-03-07 10:40 - 000000211 _____ () C:\Users\20med\AppData\Roaming\com.reolink.app.client
2023-04-01 16:59 - 2025-01-21 12:26 - 000046356 _____ () C:\Users\20med\AppData\Roaming\VoiceMeeterBananaDefault.xml
2023-04-01 15:58 - 2025-01-13 23:36 - 000000128 _____ () C:\Users\20med\AppData\Roaming\winscp.rnd
2023-04-08 12:48 - 2024-02-16 22:15 - 000001456 _____ () C:\Users\20med\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2023-04-02 16:46 - 2023-04-02 16:46 - 000000000 _____ () C:\Users\20med\AppData\Local\oobelibMkey.log
2023-04-27 21:50 - 2024-10-16 09:39 - 000000128 _____ () C:\Users\20med\AppData\Local\PUTTY.RND
2023-07-01 19:00 - 2024-09-20 14:07 - 000007625 _____ () C:\Users\20med\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

PedroPony 23.01.2025 01:25
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-01-2025
durchgeführt von 20med (22-01-2025 23:41:23)
Gestartet von D:\Downloads
Microsoft Windows 11 Pro Version 23H2 22631.4751 (X64) (2023-04-01 10:33:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

20med (S-1-5-21-3195794931-441281619-763393423-1001 - Administrator - Enabled) => C:\Users\20med
Administrator (S-1-5-21-3195794931-441281619-763393423-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3195794931-441281619-763393423-503 - Limited - Disabled)
Gast (S-1-5-21-3195794931-441281619-763393423-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3195794931-441281619-763393423-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Bitdefender Virenschutz (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.20 - Adobe Systems)
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1) (Version: 16.1 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.5.1.3 - Adobe Inc.)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_0_1) (Version: 23.0.1.68 - Adobe Inc.)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
advanced-scene-switcher version 1.21.1 (HKLM-x32\...\{A4ADDF26-4426-4D2E-B26A-C7C878DA8FC9}_is1) (Version: 1.21.1 - WarmUpTill)
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.9.13 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.4.2.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{59c5b996-8848-433c-9791-34e150600a9c}) (Version: 1.4.2.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{127BAA1F-BF99-457D-92AD-DCCD7698B294}) (Version: 4.2.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{984fc5fa-e6ab-4cfa-880b-81b5db4f8b4b}) (Version: 4.2.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{359B9A9D-A289-4962-BCE2-13EBFD50D532}) (Version: 1.5.0.2 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{00aac91e-7198-484b-b29d-1c9990d843ae}) (Version: 1.5.0.2 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.46 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.2.0.4 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.04.03 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.129 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{B6B3BA9B-2FA3-4B3A-9C3A-0945B89E725C}) (Version: 1.1.27 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{9983b059-3dd9-449a-80e6-bcb45c840bdf}) (Version: 1.1.27 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.54 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{5a78a7d3-44e9-4462-8796-3746f1c62cb8}) (Version: 3.07.54 - ASUSTeK Computer Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.290 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\Bitdefender) (Version: 26.0.34.145 - Bitdefender)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 132.1.74.48 - Die Brave-Autoren)
CPUID ROG CPU-Z 2.09 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 2.09 - CPUID, Inc.)
Discord (HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Discord) (Version: 1.0.9011 - Discord Inc.)
DWAgent (HKLM\...\DWAgent) (Version:  - )
Elgato Stream Deck (HKLM\...\{0975AC2E-A7D9-4A0F-84E4-6D6C2F896B3F}) (Version: 6.8.1.21263 - Corsair Memory, Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.53.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{34c42fa7-d8b5-4396-b5d0-5e377ca5c3ad}) (Version: 1.1.53.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0d380ad9-daa5-4680-ada2-dc3ed9207e16}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{74229F03-A24F-408B-AA3B-C4B8ECF102BA}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Go Programming Language amd64 go1.22.3 (HKLM\...\{3F816537-9FDB-4FE7-86E3-BBEEDFD4038E}) (Version: 1.22.3 - hxxps://go.dev)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.265 - Google LLC)
HopToDesk (HKLM-x32\...\HopToDesk_is1) (Version:  - HopToDesk)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
JDownloader 2 (HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kindle Create (HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Kindle Create) (Version: 1.96.0.0 - Amazon)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{afab10dc-c1d5-45c1-ad91-fe33af8ac488}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ledger Live 2.92.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.92.1 - Ledger Live Team)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.9.649333 - Logitech)
MediaInfo 23.10 (HKLM\...\MediaInfo) (Version: 23.10 - MediaArea.net)
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Ltd.)
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 132.0.2957.115 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.146 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.4266.1003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
moomoo (HKLM-x32\...\moomoo) (Version:  - moomoo inc)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 134.0.1 (x64 de)) (Version: 134.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 127.0 - Mozilla)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.4.821 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.31.8.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NVIDIA FrameView SDK 1.4.10624.35034762 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.10624.35034762 - NVIDIA Corporation)
NVIDIA Grafiktreiber 566.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.14 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
NVIDIA-App 11.0.1.163 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.1.163 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.2.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Opera Stable 115.0.5322.119 (HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Opera 115.0.5322.119) (Version: 115.0.5322.119 - Opera Software)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{55993b50-5bec-47c8-8b2b-1aecad927e48}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PuTTY release 0.78 (64-bit) (HKLM\...\{4EEF2644-700F-46F8-9655-915145248986}) (Version: 0.78.0.0 - Simon Tatham)
Reolink 8.15.6 (HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\3e633401-0468-5835-935c-33d2b4b2a764) (Version: 8.15.6 - Shenzhen Reolink Technology Co., Ltd.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.4.26.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Snapchat (HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\167f64c15f8719317b5d6d9267adc609) (Version: 1.0 - BraveSoftware\Brave-Browser)
Snaz Version 1.12.7.0 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.12.7.0 - JimsApps)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements SE.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 23.11.15.85 - StreamElements)
Streamlabs Desktop 1.12.5 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.12.5 - General Workings, Inc.)
TagScanner (64bit) (HKLM\...\TagScanner_is1) (Version: 6.1.17 - Sergey Serkov)
Trader Workstation (HKLM\...\5889-6375-8446-2021) (Version: latest (10.30.1h) 20240718 15:44:20 - Interactive Brokers LLC)
tuna version 1.9.9 (HKLM-x32\...\{44b785ed-eef5-4b73-bef0-42ee3493c021}_is1) (Version: 1.9.9 - univrsal)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.7 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{9a732423-e2f4-47d0-87ab-ef745c7dba69}) (Version: 1.0.0.7 - PD) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
Vertical Canvas version 1.2.2 (HKLM-x32\...\{9072EA15-785B-4BD9-8310-68CEECDA2117}}_is1) (Version: 1.2.2 - Exeldro)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.19 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WinSCP 5.21.7 (HKLM-x32\...\winscp3_is1) (Version: 5.21.7 - Martin Prikryl)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.5) (Version: 1.3.5 - Xvid Team)

Packages:
=========
Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2024-10-02] (Sparse Package)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.9.13.0_x64__qmba6cd70vzyy [2024-12-21] (ASUSTeK COMPUTER INC.)
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2025-01-21] (Bitdefender)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2025-01-12] (Canon Inc.)
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-02-20] (Microsoft Corporation)
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2024-02-20] (Microsoft Corporation)
Ink.Handwriting.Main.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.de-DE.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-02-20] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-26] (NVIDIA Corp.)
Python 3.12 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.12_3.12.2288.0_x64__qbz5n2kfra8p0 [2024-12-07] (Python Software Foundation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2024-01-14] (Realtek Semiconductor Corp)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0 [2025-01-21] (Spotify AB) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.311.2039.0_x64__8wekyb3d8bbwe [2024-11-14] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-11-19] (Microsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3195794931-441281619-763393423-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> nordvpn S.A.)
CustomCLSID: HKU\S-1-5-21-3195794931-441281619-763393423-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [  AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_3d88c2eb4775cc07\nvshext.dll [2024-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [251392 2017-12-08] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [196608 2022-05-07] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\20med\Desktop\Snapchat.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) ->  --profile-directory=Default --app-id=abdndmcckigaeepaljhpcngbfdkbiggb
ShortcutWithArgument: C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Web Applications\_crx_abdndmcckigaeepaljhpcngbfdkbiggb\Snapchat.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) ->  --profile-directory=Default --app-id=abdndmcckigaeepaljhpcngbfdkbiggb
ShortcutWithArgument: C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave-Apps\Snapchat.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) ->  --profile-directory=Default --app-id=abdndmcckigaeepaljhpcngbfdkbiggb

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2024-10-02 23:05 - 2024-07-03 14:49 - 000346112 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\@img\sharp-win32-ia32\lib\sharp-win32-ia32.node
2023-07-04 12:35 - 2024-08-13 13:58 - 000449536 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2024-03-07 10:39 - 2024-01-10 04:37 - 000169984 _____ () [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\binding.node
2024-03-07 10:39 - 2024-01-10 04:37 - 000214016 _____ () [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\ffi_bindings.node
2024-03-07 10:40 - 2024-01-10 04:37 - 020367360 _____ () [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\node_modules\sharp\build\Release\libvips-42.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 000351744 _____ () [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\node_modules\sharp\build\Release\libvips-cpp.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 000365056 _____ () [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\node_modules\sharp\build\Release\sharp-win32-x64.node
2024-07-08 20:24 - 2024-07-08 20:24 - 000287232 ____N () [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.volume-controller.sdPlugin\bin\addons\winAudioDeviceService.node
2024-07-08 20:24 - 2024-07-08 20:24 - 019437056 ____N () [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.volume-controller.sdPlugin\bin\node_modules\@img\sharp-win32-x64\lib\libvips-42.dll
2024-07-08 20:24 - 2024-07-08 20:24 - 000369152 ____N () [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.volume-controller.sdPlugin\bin\node_modules\@img\sharp-win32-x64\lib\libvips-cpp.dll
2024-07-08 20:24 - 2024-07-08 20:24 - 000418304 ____N () [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.volume-controller.sdPlugin\bin\node_modules\@img\sharp-win32-x64\lib\sharp-win32-x64.node
2023-04-01 15:20 - 2023-04-01 15:20 - 000967168 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\VB\Voicemeeter\mp3lame\lame_enc.dll
2023-05-17 11:42 - 2023-05-17 11:42 - 000089088 _____ () [Datei ist nicht signiert] C:\Program Files\DWAgent\native\dwaglib.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 002787840 _____ () [Datei ist nicht signiert] C:\Users\20med\AppData\Local\Programs\Reolink\ffmpeg.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 000468992 _____ () [Datei ist nicht signiert] C:\Users\20med\AppData\Local\Programs\Reolink\libegl.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 007409664 _____ () [Datei ist nicht signiert] C:\Users\20med\AppData\Local\Programs\Reolink\libglesv2.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 004296192 _____ () [Datei ist nicht signiert] C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\libBCSDKWrapper.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 004873728 _____ () [Datei ist nicht signiert] C:\Users\20med\AppData\Local\Programs\Reolink\vk_swiftshader.dll
2012-09-23 19:43 - 2012-09-23 19:43 - 000010240 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2024-03-07 10:40 - 2024-01-10 04:37 - 011894272 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\avcodec-57.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 002008064 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\avformat-57.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 000480256 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\avutil-55.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 000095232 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\swresample-2.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 000852992 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\swscale-4.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 001573376 _____ (The GLib developer community) [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\node_modules\sharp\build\Release\libglib-2.0-0.dll
2024-03-07 10:40 - 2024-01-10 04:37 - 000288256 _____ (The GLib developer community) [Datei ist nicht signiert] \\?\C:\Users\20med\AppData\Local\Programs\Reolink\resources\app\node_modules\sharp\build\Release\libgobject-2.0-0.dll
2023-09-03 18:20 - 2023-09-01 08:48 - 003000832 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\net.voicemod.windowsdesktop.sdPlugin\libcrypto-1_1-x64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6788]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3195794931-441281619-763393423-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\PuTTY\;C:\Program Files\dotnet\;C:\Program Files\Go\bin;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-3195794931-441281619-763393423-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

Network Binding:
=============
NordLynx: NordLynx Tunnel -> wireguard.sys
LAN-Verbindung: TAP-NordVPN Windows Adapter V9 -> tapnordvpn.sys
OpenVPN Data Channel Offload for NordVPN: OpenVPN Data Channel Offload -> ovpn-dco.sys
Ethernet: Realtek PCIe 2.5GbE Family Controller -> rt640x64.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet 2: Intel(R) I211 Gigabit Network Connection -> e1i68x64.sys

NordLwf: NordVPN LightWeight Firewall

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "DWAgentMon"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "VMS"
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\StartupApproved\StartupFolder: => "CMSClient.exe - Verknüpfung.lnk"
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A1BFE52831D1831DDB08D01903C65CE8"
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\StartupApproved\Run: => "Security Eye"
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\StartupApproved\Run: => "Volume Controller SD plugin"
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\StartupApproved\Run: => "Agent Tray"
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4A696931-C1AE-4107-8F3F-F2A9ECD80898}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [{265DE1FB-C2C2-4D61-803A-B221571F6024}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23047.400.1873.7204_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CEA5611D-A1B0-4030-BFFF-64A8DF040813}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23047.400.1873.7204_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8F9F282-67DF-4DE2-9A86-222C79476369}] => (Allow) C:\Program Files (x86)\moomoo\moomoo.exe (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
FirewallRules: [{8AF096C6-B69B-4071-8CAB-BCEFD55E49A2}] => (Allow) C:\Program Files (x86)\moomoo\moomoo.exe (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
FirewallRules: [{0A77BAE8-3675-4850-ACFE-7AD020DC84DC}] => (Allow) C:\Program Files (x86)\moomoo\LiveUpdate.exe (Moomoo Technologies Inc. -> 富途网络)
FirewallRules: [{37102F24-A9D5-42B5-8475-BC32F92D17B3}] => (Allow) C:\Program Files (x86)\moomoo\LiveUpdate.exe (Moomoo Technologies Inc. -> 富途网络)
FirewallRules: [{A4DE3E25-BA72-4201-9AC0-85C746E9340A}] => (Allow) C:\Program Files (x86)\moomoo\FTIMShell.exe (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
FirewallRules: [{DC160A3F-F229-4844-A071-5202F3F4EB47}] => (Allow) C:\Program Files (x86)\moomoo\FTIMShell.exe (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
FirewallRules: [TCP Query User{6841D274-9DBC-42C0-8619-C3F9DE4F4E06}C:\program files (x86)\moomoo\ftnnweb.exe] => (Allow) C:\program files (x86)\moomoo\ftnnweb.exe (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
FirewallRules: [UDP Query User{A29444D4-0AA7-4575-AD3C-D0961740B491}C:\program files (x86)\moomoo\ftnnweb.exe] => (Allow) C:\program files (x86)\moomoo\ftnnweb.exe (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
FirewallRules: [TCP Query User{6B78D97F-F410-481D-9A8F-5D1242BD7178}C:\program files (x86)\cmsclient\cmsclient.exe] => (Allow) C:\program files (x86)\cmsclient\cmsclient.exe => Keine Datei
FirewallRules: [UDP Query User{6E42105A-984D-4B14-B8D5-9A92B4EED4EF}C:\program files (x86)\cmsclient\cmsclient.exe] => (Allow) C:\program files (x86)\cmsclient\cmsclient.exe => Keine Datei
FirewallRules: [{5C90FADA-A84E-4574-8A0B-DFB1A3BCBAF7}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe (MetaQuotes Ltd -> MetaQuotes Ltd.)
FirewallRules: [{3BFE9DE5-CFBC-4FD6-B86A-36AF4DE2BCCD}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat DC\Acrobat\AcroRd32.exe => Keine Datei
FirewallRules: [{FA4B9FBD-F5E6-44BD-8C66-7B5A687735D5}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe => Keine Datei
FirewallRules: [{7660D630-17A2-4155-8B3C-6BC31CD1078D}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe => Keine Datei
FirewallRules: [{8CF10CD1-F273-4A0B-A9E2-6882985ACBDF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34CB5E01-9F33-4177-A8A3-3271D33B71D2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BBEABDBD-38D1-43DC-8A44-9F828DC23623}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC9EBD7F-4795-4395-90C6-D10C9EED6F5C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93EFE192-CD7E-4A9A-AEAE-C89A9E75087F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7375ADC8-EFE1-4570-A82F-E8CE995FA813}] => (Allow) LPort=1688
FirewallRules: [{F57B0327-99BA-4065-B2AF-2F549F5E82AA}] => (Block) C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27365FCB-4FBA-4906-908C-E58323DC2051}] => (Block) C:\Program Files (x86)\Microsoft Office\root\Office16\WORDICON.EXE (Microsoft Corporation -> )
FirewallRules: [{F307ACA3-571E-4D03-BB58-67706F5D7E64}] => (Block) C:\Program Files (x86)\Microsoft Office\root\Office16\XLICONS.EXE (Microsoft Corporation -> )
FirewallRules: [{374AD3BC-2F76-4C55-B053-73235DB9276D}] => (Block) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8773DB0B-2401-4F80-87BC-1EA827352684}] => (Block) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC0C0345-AE58-4353-B596-F407B5F717EA}] => (Block) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F21CA004-364F-4688-99D5-A750BF32BBF3}] => (Block) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CB4BF3E3-D920-40EF-8BB4-0B8C1CFB5943}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2022\Photoshop.exe (Adobe Inc. -> Adobe) [Datei ist nicht signiert]
FirewallRules: [{84B69216-3404-45DB-BF59-678CDCB15F39}] => (Block) C:\Program Files\Adobe\Adobe After Effects CC 2019\Support Files\AfterFX.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{8B087CB3-91BE-44A1-B157-DB0565C6D60A}] => (Block) C:\Program Files\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [{81B4164C-587E-44A6-9C2C-7AFE60AC4D47}] => (Block) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{883CCFE2-0E86-4B04-AEEE-18C198BED5A9}] => (Block) C:\Program Files\Adobe\Adobe Illustrator CC 2019\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Incorporated -> Adobe Systems Inc.) [Datei ist nicht signiert]
FirewallRules: [{6C38991B-4940-4E42-80DD-23570C409A77}] => (Block) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated -> Adobe Inc.)
FirewallRules: [{1D6945D4-AB56-4555-B9C0-00C3DEF72232}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe => Keine Datei
FirewallRules: [{CF0FBE94-DB5B-4A05-A5B7-EF5D89BC74D0}] => (Block) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> )
FirewallRules: [{B51002BE-6B39-44EA-BB5C-F381599F5A26}] => (Block) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (Adobe Inc. -> )
FirewallRules: [{661885FA-8117-470D-AB84-DBE5ED65159B}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat DC\Acrobat\AcroRd32.exe => Keine Datei
FirewallRules: [{2C94CDA6-E864-4AB1-B8F1-95971AF1C3E8}] => (Allow) LPort=7777
FirewallRules: [{C16A3329-9B43-4FFE-92FB-34C102C69F44}] => (Allow) LPort=4455
FirewallRules: [{B2959A2D-53DC-444A-A4F7-7E907784A7C8}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS Project, LLC -> OBS)
FirewallRules: [{F217F5A8-5FE0-4EFB-AA9F-8FF932DE0C28}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS Project, LLC -> OBS)
FirewallRules: [{BEB073D7-0D51-4CB4-B505-50B02693E871}] => (Allow) LPort=7777
FirewallRules: [TCP Query User{0D19220D-A283-4266-BCD3-DF9B909289C9}C:\users\20med\appdata\local\programs\now-playing\now playing.exe] => (Allow) C:\users\20med\appdata\local\programs\now-playing\now playing.exe => Keine Datei
FirewallRules: [UDP Query User{5284BA03-7AF5-48FF-BD34-51415D92DD7C}C:\users\20med\appdata\local\programs\now-playing\now playing.exe] => (Allow) C:\users\20med\appdata\local\programs\now-playing\now playing.exe => Keine Datei
FirewallRules: [{84FE9669-E138-4D1E-90C7-4B2F6AF98B8C}] => (Allow) C:\Users\20med\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{C3EB1E78-BEE0-4A54-9EF6-FB7A3EE16BDE}C:\program files (x86)\vms\vms.exe] => (Allow) C:\program files (x86)\vms\vms.exe => Keine Datei
FirewallRules: [UDP Query User{EA013F27-56E2-40C1-90D1-B89C6B967DF6}C:\program files (x86)\vms\vms.exe] => (Allow) C:\program files (x86)\vms\vms.exe => Keine Datei
FirewallRules: [{C1FFB805-6146-48BC-8F4A-22649A0B89BF}] => (Allow) C:\Program Files (x86)\moomoo\moomoo.exe (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
FirewallRules: [{0A32C182-F21B-473E-9618-C861A33D5CD8}] => (Allow) C:\Program Files (x86)\moomoo\moomoo.exe (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
FirewallRules: [{752B8B89-0C44-4DAF-B231-9588A915C397}] => (Allow) C:\Program Files (x86)\moomoo\LiveUpdate.exe (Moomoo Technologies Inc. -> 富途网络)
FirewallRules: [{08527E64-38BA-4B7F-8D25-112AAEF95387}] => (Allow) C:\Program Files (x86)\moomoo\LiveUpdate.exe (Moomoo Technologies Inc. -> 富途网络)
FirewallRules: [{3500152E-61F4-422C-A2B4-24FC40316F8D}] => (Allow) C:\Program Files (x86)\moomoo\FTIMShell.exe (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
FirewallRules: [{1260C2B4-DC41-42AC-BBB7-05B37DA9D968}] => (Allow) C:\Program Files (x86)\moomoo\FTIMShell.exe (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
FirewallRules: [{C2EC0E1C-4F8D-4A43-85F5-99038A34E5D0}] => (Allow) C:\Program Files (x86)\HopToDesk\hoptodesk.exe (Begonia Holdings -> )
FirewallRules: [{169C3980-EFA7-42FC-B787-156923A17D47}] => (Allow) C:\Program Files\HopToDesk\HopToDesk.exe (Begonia Holdings -> )
FirewallRules: [{7DE15D21-7813-437D-8D96-95D4C54200EC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CA5F933F-0C54-4216-A12C-C56ADE52FE06}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{496F10DC-A4DF-4044-9857-084C34562A9F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2A2D3BEF-8687-4AEA-92AA-EDDAB2B3F84E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{00B6989A-E320-43F2-BDB6-24794EDCD3BF}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{913999EA-BEBD-457D-A7EF-DBE6EEC511B3}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{6D8E48AF-253B-4A8A-89C6-EA7135428323}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{EDCE1E24-9FAF-46E1-866F-E905869C330E}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{DE17CEB6-AF97-46EA-96BE-958FF974855E}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AcroRd32.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{2C863D15-9488-4DAF-AAD4-61C371DA8C55}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AcroRd32.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{4A2A7DA1-E2A3-409F-8768-AF80B76BD19A}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AcroRd32.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{06C2D32F-D541-49AE-B2C3-63498F78325A}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AcroRd32.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{3C6D8BA2-455D-4DCD-BC9C-87523F1E20C4}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FirewallRules: [{F25E595F-53AB-4665-9C98-616343D7108A}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FirewallRules: [{A12B3579-29F5-4DD1-8668-2A38D9FFC0B1}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FirewallRules: [{997B49CB-E940-4D65-8CD0-202D9EF7AC68}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FirewallRules: [{730824DD-5E6D-4DAE-BFE9-082F6A132060}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS Project, LLC -> OBS)
FirewallRules: [{4A9FC091-3749-4A70-833E-B079592EF2BB}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS Project, LLC -> OBS)
FirewallRules: [{190161E3-FEB4-40DF-A135-E4BFBD134A23}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS Project, LLC -> OBS)
FirewallRules: [{7F5FFD5E-B722-4144-9F9C-C33F0608EF92}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS Project, LLC -> OBS)
FirewallRules: [TCP Query User{21A85EFE-8C1E-4E78-828F-B161E643AAD0}D:\downloads\agent_setup_windows\setup.exe] => (Allow) D:\downloads\agent_setup_windows\setup.exe => Keine Datei
FirewallRules: [UDP Query User{E614BB67-ABFC-4A96-A2ED-2DFDD53A7744}D:\downloads\agent_setup_windows\setup.exe] => (Allow) D:\downloads\agent_setup_windows\setup.exe => Keine Datei
FirewallRules: [{B7574FB4-F3E8-4856-81CC-4F5052F0D76E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6EF60532-4D66-46FF-8C3F-D324733BF44F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3516CE66-8E1C-4FBD-9B6D-891C12396C77}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{49E14933-B6A2-486E-BA67-ED41471A86F8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B61FB9C5-A768-4492-8F86-78FAF8542CA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei
FirewallRules: [{A736538D-767C-4F4C-8C35-C2F755169943}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei
FirewallRules: [TCP Query User{0231FDDB-E5C5-4BCD-937B-466B81954727}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{EEFE779A-E680-4099-807E-4A4F5110411D}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BF4AF6ED-C468-411F-A570-D9E07FEEE0D9}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> nordvpn S.A.)
FirewallRules: [{8BE1F471-A4CB-42E0-A49C-DBCE53A770C5}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> nordvpn S.A.)
FirewallRules: [TCP Query User{25C3068C-C612-4798-9D42-BAD1DA286DCB}C:\program files\tiktok live studio\0.41.4\tiktok live studio.exe] => (Allow) C:\program files\tiktok live studio\0.41.4\tiktok live studio.exe => Keine Datei
FirewallRules: [UDP Query User{030346A9-8939-4C87-84D7-C269F2FAB5DA}C:\program files\tiktok live studio\0.41.4\tiktok live studio.exe] => (Allow) C:\program files\tiktok live studio\0.41.4\tiktok live studio.exe => Keine Datei
FirewallRules: [TCP Query User{148CEAB0-FF0F-40C0-8D78-10FB0116CFB8}C:\program files\tiktok live studio\0.42.4\tiktok live studio.exe] => (Allow) C:\program files\tiktok live studio\0.42.4\tiktok live studio.exe => Keine Datei
FirewallRules: [UDP Query User{A2F6F6B2-B765-4088-9650-EA0FC132F33D}C:\program files\tiktok live studio\0.42.4\tiktok live studio.exe] => (Allow) C:\program files\tiktok live studio\0.42.4\tiktok live studio.exe => Keine Datei
FirewallRules: [TCP Query User{EF7DB82D-63A1-41A3-91A9-B2AD911B13AC}C:\program files\tiktok live studio\0.42.6\tiktok live studio.exe] => (Allow) C:\program files\tiktok live studio\0.42.6\tiktok live studio.exe => Keine Datei
FirewallRules: [UDP Query User{672EA862-7ED1-441F-B76F-1E1B34849CE9}C:\program files\tiktok live studio\0.42.6\tiktok live studio.exe] => (Allow) C:\program files\tiktok live studio\0.42.6\tiktok live studio.exe => Keine Datei
FirewallRules: [TCP Query User{20252D0F-A002-482F-81D2-156AB0A8846E}C:\users\20med\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\20med\appdata\local\programs\microsoft vs code\code.exe => Keine Datei
FirewallRules: [UDP Query User{873ADC98-6EEE-4880-8BEC-170D0B502752}C:\users\20med\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\20med\appdata\local\programs\microsoft vs code\code.exe => Keine Datei
FirewallRules: [TCP Query User{AF975B31-DA83-4069-9C49-1E380D88B08E}C:\program files\streamlabs obs\resources\app.asar.unpacked\node_modules\obs-studio-node\obs64.exe] => (Allow) C:\program files\streamlabs obs\resources\app.asar.unpacked\node_modules\obs-studio-node\obs64.exe (Streamlabs (General Workings, Inc.) -> Streamlabs)
FirewallRules: [UDP Query User{02A7E9A0-5B96-46EB-AE78-50E69DCC7D9B}C:\program files\streamlabs obs\resources\app.asar.unpacked\node_modules\obs-studio-node\obs64.exe] => (Allow) C:\program files\streamlabs obs\resources\app.asar.unpacked\node_modules\obs-studio-node\obs64.exe (Streamlabs (General Workings, Inc.) -> Streamlabs)
FirewallRules: [{34B30127-C36A-4783-9088-66DF8F73C4A7}] => (Allow) LPort=8090
FirewallRules: [{8F862511-F99E-4CFE-8BEB-789708ACE295}] => (Allow) C:\Program Files\Agent\Agent.exe (DEVELOPER IN A BOX -> Developerinabox)
FirewallRules: [TCP Query User{3166656F-6020-4567-89FB-0D1A801D9B3D}C:\program files\agent\agenttray.exe] => (Allow) C:\program files\agent\agenttray.exe (DEVELOPER IN A BOX -> Developerinabox)
FirewallRules: [UDP Query User{401B9EBA-5133-40BD-A7BE-FD35BEA39BC3}C:\program files\agent\agenttray.exe] => (Allow) C:\program files\agent\agenttray.exe (DEVELOPER IN A BOX -> Developerinabox)
FirewallRules: [{7DAF6B65-99E6-4520-85C9-4D900F977E48}] => (Allow) LPort=5353
FirewallRules: [{2127cd32-5a14-4a72-b9ef-a7b26a52b6bd}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe => Keine Datei
FirewallRules: [{ec61e1ad-dd69-436a-829d-74e51f25cd4e}] => (Allow) C:\Program Files\ldplayer9box\VBoxNetNAT.exe => Keine Datei
FirewallRules: [{04765090-141b-4182-8152-9b6e9db9c5ba}] => (Allow) C:\LDPlayer\LDPlayer9\dnplayer.exe => Keine Datei
FirewallRules: [TCP Query User{2F1CD81C-5F48-4B16-8BB4-0FCA08C36730}C:\users\20med\appdata\local\programs\reolink\reolink.exe] => (Allow) C:\users\20med\appdata\local\programs\reolink\reolink.exe (Reolink Innovation Inc. -> Shenzhen Reolink Technology Co., Ltd.)
FirewallRules: [UDP Query User{85778FC1-7B2A-44DC-B7F8-B6420F85D834}C:\users\20med\appdata\local\programs\reolink\reolink.exe] => (Allow) C:\users\20med\appdata\local\programs\reolink\reolink.exe (Reolink Innovation Inc. -> Shenzhen Reolink Technology Co., Ltd.)
FirewallRules: [TCP Query User{3E93B6F2-B528-41DD-A7FF-27E67D992B1F}C:\users\20med\appdata\local\programs\reolink\reolink.exe] => (Allow) C:\users\20med\appdata\local\programs\reolink\reolink.exe (Reolink Innovation Inc. -> Shenzhen Reolink Technology Co., Ltd.)
FirewallRules: [UDP Query User{6EC5689F-0BA4-4F89-B248-184DED24B723}C:\users\20med\appdata\local\programs\reolink\reolink.exe] => (Allow) C:\users\20med\appdata\local\programs\reolink\reolink.exe (Reolink Innovation Inc. -> Shenzhen Reolink Technology Co., Ltd.)
FirewallRules: [TCP Query User{2AE973E5-CF92-4B7B-B0A3-F98086B448CB}D:\downloads\anydesk.exe] => (Allow) D:\downloads\anydesk.exe => Keine Datei
FirewallRules: [UDP Query User{43CFA2C2-1F06-4684-A86C-EF4566A902AF}D:\downloads\anydesk.exe] => (Allow) D:\downloads\anydesk.exe => Keine Datei
FirewallRules: [{A8FE621D-E693-4A77-B4D7-537A30A83F35}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B461E616-4E12-427A-925E-973A2F4D771B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AA5748E8-BD2F-4222-A04B-9BAA382A9147}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{832E1643-3530-49D6-8A6B-0DEAFAFC7999}] => (Allow) D:\program files\asus\aacambienthal\aacambientlighting.exe => Keine Datei
FirewallRules: [{C3F2ADB4-35DF-4774-803C-731C6C25308A}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{6B518724-3828-43AD-B9D1-FCEB3882A821}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{B538F6BF-6C34-4065-9D3F-DCD27CB99DC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{CED851FE-DFA4-43D0-A092-60A12E686FF3}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{2043CF3C-46C9-4FA3-8DDB-EB718F1BE6F7}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{5E56ACC2-41AC-4D38-AEC0-C9E22380C25E}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{620F85BA-6B85-469C-BA85-2C4EF5456E59}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{BE6F8018-4728-42B2-A02B-37D174E53D19}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{597E2F3C-8262-488F-A60A-A46044583229}] => (Allow) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServer.exe (Corsair Memory, Inc. -> )
FirewallRules: [{1C89505E-25E6-4046-A8DB-7245826B0ADE}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS Project, LLC -> OBS)
FirewallRules: [{66F439D4-26BE-4505-A335-6545BF89E319}] => (Allow) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
FirewallRules: [{B0A8254D-F6B0-4E68-9719-7D6C7F8675DF}] => (Allow) C:\Program Files\Elgato\StreamDeck\node\node20.exe (OpenJS Foundation -> Node.js)
FirewallRules: [{B87EC67F-77F8-40F7-A6F3-30B1F34C51C7}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{E18D53D6-F686-41C0-BB5A-620230D282E8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.146\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0001F59C-FAC7-40A1-8030-9F10A629D2A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BA7BAF46-8FA5-4C62-B9C0-31D0AF3025B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7896823C-EA92-4105-A56D-0DCBFD89036F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7C05EF99-61DC-4C64-924D-A85B85FE1F53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4A25CE53-0B92-4E06-9C70-B7DE249FBE24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3F22270E-FD78-44C5-8B8E-21AC3D8E53F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{48AA461A-50F3-4914-A947-63D6A6305A4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{490FB210-6C40-406A-A147-C997335BB0DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{10F7DE96-78C7-43BD-8842-E156E037829F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{735103E6-7DD6-4ABE-9C71-E2F8B9C6C6D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Wiederherstellungspunkte =========================

16-01-2025 23:23:38 Windows Update
21-01-2025 07:21:57 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Unbekanntes USB-Gerät (Fehler beim Zurücksetzen des Ports.)
Description: Unbekanntes USB-Gerät (Fehler beim Zurücksetzen des Ports.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (01/22/2025 10:55:14 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm moomoo.exe Version 15.0.16668.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (01/22/2025 10:55:07 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm JDownloader2.exe Version 2.0.0.2 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (01/21/2025 12:28:28 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\HERO$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(0ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (01/21/2025 12:28:28 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(172ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (01/21/2025 12:26:13 PM) (Source: Application Error) (EventID: 1000) (User: HERO)
Description: Name der fehlerhaften Anwendung: ArmourySocketServer.exe, Version: 0.1.20.18, Zeitstempel: 0x6721a440
Name des fehlerhaften Moduls: ArmourySocketServer.exe, Version: 0.1.20.18, Zeitstempel: 0x6721a440
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000001201d1
ID des fehlerhaften Prozesses: 0x0x3e30
Startzeit der fehlerhaften Anwendung: 0x0x1db65a32c03cbd9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
Berichtskennung: aff2d848-1929-4533-a812-d38ac75c017e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2025 02:35:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte Defragmentierung auf \\?\Volume{9714da20-f1b6-11ee-b20d-806e6f6e6963}\ nicht abschließen. Grund: Die Volumes können nicht optimiert werden, weil der Datei Systemtyp nicht unter stützt wird. (0x8900002F)

Error: (01/13/2025 12:55:10 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm Adobe Premiere Pro.exe Version 13.0.1.13 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (01/13/2025 11:08:42 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\HERO$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(0ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)


Systemfehler:
=============
Error: (01/22/2025 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Beim Update für den sicheren Start konnte eine Variable für den sicheren Start nicht aktualisiert werden. Fehler: (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.). Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931

Error: (01/22/2025 06:00:01 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Beim Update für den sicheren Start konnte eine Variable für den sicheren Start nicht aktualisiert werden. Fehler: (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.). Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931

Error: (01/21/2025 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Beim Update für den sicheren Start konnte eine Variable für den sicheren Start nicht aktualisiert werden. Fehler: (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.). Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931

Error: (01/21/2025 03:31:23 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/21/2025 03:31:19 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/21/2025 12:30:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/21/2025 12:30:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (01/21/2025 12:30:21 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Beim Update für den sicheren Start konnte eine Variable für den sicheren Start nicht aktualisiert werden. Fehler: (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.). Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931


Windows Defender:
================Event[0]

Date: 2023-04-25 18:50:41
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.387.2175.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.20200.4
Fehlercode: 0x80240438
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". 

CodeIntegrity:
===============
Date: 2024-11-29 19:15:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\20med\AppData\Local\Discord\app-1.0.9172\Discord.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-11-25 09:53:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\20med\AppData\Local\Discord\app-1.0.9171\Discord.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-10-09 15:23:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\20med\AppData\Local\Discord\app-1.0.9166\Discord.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-10-09 15:23:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\20med\AppData\Local\Discord\app-1.0.9166\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files\TikTok LIVE Studio\0.42.6\resources\app\electron\sdk\lib\GameDetour64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-10-01 08:57:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\20med\AppData\Local\Discord\app-1.0.9164\Discord.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-10-01 08:57:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\20med\AppData\Local\Discord\app-1.0.9164\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files\TikTok LIVE Studio\0.42.6\resources\app\electron\sdk\lib\GameDetour64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-10-01 08:55:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\20med\AppData\Local\Discord\app-1.0.9163\Discord.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-10-01 08:55:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\20med\AppData\Local\Discord\app-1.0.9163\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files\TikTok LIVE Studio\0.42.6\resources\app\electron\sdk\lib\GameDetour64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-09-06 09:45:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\20med\AppData\Local\Discord\app-1.0.9162\Discord.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-09-06 09:45:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\20med\AppData\Local\Discord\app-1.0.9162\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files\TikTok LIVE Studio\0.42.6\resources\app\electron\sdk\lib\GameDetour64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. 4402 02/03/2023
Hauptplatine: ASUSTeK COMPUTER INC. ROG CROSSHAIR VIII HERO
Prozessor: AMD Ryzen 9 3950X 16-Core Processor
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 32681.28 MB
Verfügbarer physikalischer RAM: 14023.64 MB
Summe virtueller Speicher: 59305.28 MB
Verfügbarer virtueller Speicher: 28458.84 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:476.2 GB) (Free:99.86 GB) (Model: INTEL SSDPEKKW512G7) NTFS
Drive d: () (Fixed) (Total:1862.89 GB) (Free:742.7 GB) (Model: ST2000DX001-1NS164) NTFS

\\?\Volume{bafeb394-6f58-4671-b97c-6ae2ca71869f}\ () (Fixed) (Total:0.62 GB) (Free:0.06 GB) NTFS
\\?\Volume{3a150684-8aa5-4ab6-ab16-62c23f6e1d58}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: AE8942D9)

Partition: GPT.

==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 874E8EFD)

Partition: GPT.

==================== Ende von Addition.txt =======================

M-K-D-B 23.01.2025 10:01
:hallo:



In den Logdateien sind Anzeichen zu erkennen, die auf einen Befall mit Malware hindeuten, vermutlich selbst herbeigeführt durch die Verwendung illegaler Software.


Es gibt hier mehrere Baustellen. Die wichtigsten:



1.
Ein Fehlerhafter Block wird in deinem Datenspeicher angezeigt:
Zitat:
Error: (01/21/2025 03:31:23 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/21/2025 03:31:19 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Das muss als Erstes abgeklärt werden.



2.
Es gibt keinen Support für Systeme mit illegaler Software.
In deinem Fall ist Office und ggf. auch Windows selbst illegal:
Zitat:
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.4266.1003 - Microsoft Corporation)

S3 WinDivert1.1; C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys [35376 2013-12-03] (Nemea Mjukvaruutveckling AB -> Basil Projects)


3.
Treiber und Firmware von ASUS sind nicht aktuell:
Zitat:
BIOS: American Megatrends Inc. 4402 02/03/2023
Hauptplatine: ASUSTeK COMPUTER INC. ROG CROSSHAIR VIII HERO


4.
TPM-Module ist deaktiviert / funktioniert nicht richtig / ist falsch konfiguriert:
Zitat:
Error: (01/22/2025 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Beim Update für den sicheren Start konnte eine Variable für den sicheren Start nicht aktualisiert werden. Fehler: (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.). Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931


5.
Ein ASUS Programm funktioniert nicht richtig und verursacht Probleme:
Zitat:
Error: (01/21/2025 12:26:13 PM) (Source: Application Error) (EventID: 1000) (User: HERO)
Description: Name der fehlerhaften Anwendung: ArmourySocketServer.exe, Version: 0.1.20.18, Zeitstempel: 0x6721a440
Name des fehlerhaften Moduls: ArmourySocketServer.exe, Version: 0.1.20.18, Zeitstempel: 0x6721a440
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000001201d1
ID des fehlerhaften Prozesses: 0x0x3e30
Startzeit der fehlerhaften Anwendung: 0x0x1db65a32c03cbd9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
Berichtskennung: aff2d848-1929-4533-a812-d38ac75c017e


Aufgrund der genannten Punkte verschiebe ich dein Thema in den Windowsbereich.


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:49 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131