PedroPony | 23.01.2025 00:32 | Plötzliche Performance-Einbrüche – Defekter Block + illegale Software + veraltete Firmware/Treiber/Software Hallo liebes Trojaner-Board-Team,
ich habe seit einiger Zeit das Gefühl, dass mein PC immer langsamer reagiert.
Beim Surfen und auch beim Arbeiten mit Office-Programmen kommt es zunehmend zu Rucklern und Verzögerungen.
Ein vollständiger Virenscan mit meinem Antivirenprogramm hat nichts Verdächtiges gefunden, trotzdem bin ich etwas misstrauisch,
ob vielleicht doch irgendeine unerwünschte Software im Hintergrund läuft.
Daher habe ich mit dem Farbar Recovery Scan Tool (FRST) zwei Logfiles erstellt (FRST.txt und Addition.txt),
die ich euch hier gerne zur Analyse bereitstelle.
Betriebssystem: Win11 64 bit
Hardware: ROG Crosshair VIII Hero, AMD Ryzen 9 3950x, 32gb Ram, RTX 4060Ti
Aktuelle Antivirensoftware: Bitdefender 27.0.46.231
Anbei die beiden Logfiles. Könnt ihr bitte mal drüberschauen und mir sagen, ob alles in Ordnung ist oder ob ich etwas unternehmen sollte?
Falls ihr noch zusätzliche Infos oder Scans benötigt, lasst es mich gerne wissen.
Vielen Dank schon mal für eure Hilfe und eure Zeit!
Viele Grüße,
Pedro
FRST.txt: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
durchgeführt von 20med (Administrator) auf HERO (ASUS System Product Name) (22-01-2025 23:39:59)
Gestartet von D:\Downloads\FRST64.exe
Geladene Profile: 20med
Plattform: Microsoft Windows 11 Pro Version 23H2 22631.4751 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Brave
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files (x86)\moomoo\moomoo.exe ->) (Moomoo Technologies Inc. -> Moomoo Technologies Inc) C:\Program Files (x86)\moomoo\FTBrowserProxy.exe
(C:\Program Files (x86)\moomoo\moomoo.exe ->) (Moomoo Technologies Inc. -> Moomoo Technologies Inc) C:\Program Files (x86)\moomoo\FTIMShell.exe
(C:\Program Files (x86)\moomoo\moomoo.exe ->) (Moomoo Technologies Inc. -> Moomoo Technologies Inc) C:\Program Files (x86)\moomoo\FTNNWeb.exe <4>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.290\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\DWAgent\native\dwagsvc.exe ->) (Python Software Foundation -> Python Software Foundation) C:\Program Files\DWAgent\runtime\dwagent.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.stopwatch.sdPlugin\com.barraider.stopwatch.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.cpu.sdPlugin\cpu.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\StreamDeck\crashpad_handler.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Elgato\StreamDeck\node\node20.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (The Qt Company Oy -> The Qt Company Ltd.) C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe <3>
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Voicemod Sociedad Limitada -> ) C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\net.voicemod.windowsdesktop.sdPlugin\voicemodplugin.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo.exe ->) () [Datei ist nicht signiert] C:\Users\20med\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo-plugin.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <45>
(explorer.exe ->) (BUREL VINCENT -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (Moomoo Technologies Inc. -> Moomoo Technologies Inc) C:\Program Files (x86)\moomoo\moomoo.exe
(explorer.exe ->) (Reolink Innovation Inc. -> Shenzhen Reolink Technology Co., Ltd.) C:\Users\20med\AppData\Local\Programs\Reolink\Reolink.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Begonia Holdings -> ) C:\Program Files\HopToDesk\HopToDesk.exe <5>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe
(services.exe ->) (DWSNET OÜ -> ) C:\Program Files\DWAgent\native\dwagsvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_3d88c2eb4775cc07\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_844e1459fc4a4c84\RtkAudUService64.exe <2>
(spacedeskService.exe ->) (Datronicsoft, Inc. -> datronicsoft) C:\Windows\System32\spacedeskServiceTray.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <7>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.220.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_844e1459fc4a4c84\RtkAudUService64.exe [1363544 2021-09-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088776 2024-12-17] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [DWAgentMon] => C:\Program Files\DWAgent\native\dwaglnc.exe [187384 2023-05-17] (DWSNET OÜ -> )
HKLM\...\Run: [Stream Deck] => C:\Program Files\Elgato\StreamDeck\StreamDeck.exe [22485416 2024-12-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ACHTUNG
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [MicrosoftEdgeAutoLaunch_A1BFE52831D1831DDB08D01903C65CE8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [22373784 2024-12-14] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [Discord] => C:\Users\20med\AppData\Local\Discord\Update.exe [1525016 2023-02-13] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [moomoo] => C:\Program Files (x86)\moomoo\moomoo.exe [4092008 2025-01-03] (Moomoo Technologies Inc. -> Moomoo Technologies Inc)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4412512 2024-11-12] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37426152 2024-03-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [Opera Stable] => C:\Users\20med\AppData\Local\Programs\Opera\opera.exe [1573272 2024-12-30] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [com.reolink.app] => C:\Users\20med\AppData\Local\Programs\Reolink\Reolink.exe [152142696 2024-01-10] (Reolink Innovation Inc. -> Shenzhen Reolink Technology Co., Ltd.)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [GoogleChromeAutoLaunch_7A8D307BFD9826111064367C3DA8A49E] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [2955280 2025-01-15] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\Run: [Volume Controller SD plugin] => C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe [108072 2023-09-18] (Corsair Memory, Inc. -> )
HKU\S-1-5-21-3195794931-441281619-763393423-1001\...\MountPoints2: {c28fd161-d098-11ed-b1ad-001a7dda7114} - "G:\setup.exe"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.265\Installer\chrmstp.exe [2025-01-09] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\132.1.74.48\Installer\chrmstp.exe [2025-01-15] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CMSClient.exe - Verknüpfung.lnk [2023-05-06]
ShortcutTarget: CMSClient.exe - Verknüpfung.lnk -> C:\Program Files (x86)\CMSClient\CMSClient.exe (Keine Datei)
Startup: C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2023-04-01]
ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe (BUREL VINCENT -> VB-AUDIO Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HopToDesk Tray.lnk [2023-06-02]
ShortcutTarget: HopToDesk Tray.lnk -> C:\Program Files\HopToDesk\HopToDesk.exe (Begonia Holdings -> )
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {DFFECC1E-4263-48E1-A5E1-E02B7DA38DFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {924EF948-7034-4D81-9237-11CEC7589332} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AC5F9A1A-926F-4AAC-9B8E-05217F527117} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Keine Datei)
Task: {F4A5F8C2-0FE1-4AA9-BD9E-51BC4C97D3FF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [398176 2024-10-30] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0E6443DE-B219-4482-85E0-28E03DD71BF1} - System32\Tasks\ASUS\Armoury Crate Service Task_CountDown => C:\ProgramData\ASUS\FestsEffect\data\CountDown\CountDown.exe [108504 2023-10-31] (ASUSTeK COMPUTER INC. -> )
Task: {942BC44A-E8F0-43B4-81DB-9FA6740A9BCC} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1779544 2024-10-30] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {4B9E690D-C33C-44E8-B3B9-A45C93B55EB5} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d9831e47094639 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {800BB86F-A10A-4CE0-9479-0A9D30DB8D5A} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {B817509C-4DB6-4304-B3F8-A562B9681546} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [152109928 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {ECF80CC8-BD48-4468-A0F1-805D3E74D650} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2024-04-09] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {BD93F214-F3BA-4EB6-B19D-740062F0952D} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {D484392F-AFC9-4C94-88E2-90EBB6B09B94} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.290\WatchDog.exe [1156904 2024-11-20] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.0.1.290\repair
Task: {269CAD81-0B3E-43D0-8E43-CB8C44F20773} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{AA503E32-B730-4DA0-9098-E3CFFC6F956F} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {771C806A-7DE7-445B-85C3-E3A23F69118B} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{5E24015E-2AB9-4EED-B44E-2C82368CB34A} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {454CB513-8FEC-4FF7-BAE5-5D334602AA48} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6944.0{54177025-481F-4716-B2C9-884014BF6CA8} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6944.0\updater.exe [5660768 2025-01-08] (Google LLC -> Google LLC)
Task: {E30CF2B3-FDF3-4CBC-BC9D-E9C50FA7DD67} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [5967976 2015-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {87A2C86C-3E0F-444B-A21A-6E79E8A6597E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [5967976 2015-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC72CF80-9972-4D6A-8B8D-EC46099426B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [315056 2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F90879F-5912-4643-8D60-2C49E452037F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [315056 2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {585AB7F8-69C5-4F3F-BA88-995D3CF11E82} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3195794931-441281619-763393423-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {7B7E3D71-A85F-4CFE-B26D-5039AC3051C3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {36ED9C91-9F08-4F41-A62C-FA6CF083E954} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8820DE51-C292-4F94-9FB0-AB2136F4EC61} - System32\Tasks\Opera scheduled Autoupdate 1709671543 => C:\Users\20med\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5596568 2024-12-23] (Opera Norway AS -> Opera Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2449aa3c-7d6e-4358-8db6-4171878cbb8c}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2449aa3c-7d6e-4358-8db6-4171878cbb8c}: [DhcpDomain] speedport.ip
Edge:
=======
Edge Profile: C:\Users\20med\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-03]
Edge HomePage: Default -> hxxps://browser.services/?B=EH&id=19373
Edge Extension: (Google Docs Offline) - C:\Users\20med\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-16]
Edge Extension: (Edge relevant text changes) - C:\Users\20med\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-05]
FireFox:
========
FF DefaultProfile: gnh9uukh.default
FF ProfilePath: C:\Users\20med\AppData\Roaming\Mozilla\Firefox\Profiles\gnh9uukh.default [2024-06-17]
FF ProfilePath: C:\Users\20med\AppData\Roaming\Mozilla\Firefox\Profiles\0a31mnfr.default-release [2024-12-30]
FF Notifications: Mozilla\Firefox\Profiles\0a31mnfr.default-release -> hxxps://www.facebook.com
FF Extension: (NordVPN - a VPN proxy extension for Firefox) - C:\Users\20med\AppData\Roaming\Mozilla\Firefox\Profiles\0a31mnfr.default-release\Extensions\nordvpnproxy@nordvpn.com.xpi [2024-06-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2023-06-09] []
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2024-06-17] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2024-06-17] <==== ACHTUNG
Chrome:
=======
CHR Profile: C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default [2025-01-22]
CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://dlive.tv; hxxps://inspector.twitch.tv
CHR Extension: (Easy Auto Refresh) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2024-02-16]
CHR Extension: (BetterTTV) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-12-27]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-01-20]
CHR Extension: (FrankerFaceZ) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2024-12-14]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2025-01-22]
CHR Extension: (Google Docs Offline) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-18]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-01-22]
CHR Extension: (Shazam: Find song names from your browser) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-11-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\20med\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28]
Opera:
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKU\S-1-5-21-3195794931-441281619-763393423-1001) OperaStable - "C:\Users\20med\AppData\Local\Programs\Opera\opera.exe"
Brave:
=======
BRA Profile: C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-01-22]
BRA DownloadDir: D:\Downloads
BRA Notifications: Default -> hxxps://de.tradingview.com; hxxps://dlive.tv; hxxps://mail.google.com; hxxps://webmail.all-inkl.com; hxxps://www.binance.com; hxxps://www.bitget.com; hxxps://www.tradingview.com
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Easy Auto Refresh) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2024-02-09]
BRA Extension: (Google Übersetzer) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-11]
BRA Extension: (Nova Click) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\agegahikpkeljmhlggpipmepoigaimdk [2025-01-22]
BRA Extension: (Phantom) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bfnaelmomeimhlpmgjnjophhpkkoljpa [2025-01-21]
BRA Extension: (Social Blade) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2023-07-18] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ACHTUNG
BRA Extension: (uBlock Origin) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-01-03]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-01-20]
BRA Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2025-01-22]
BRA Extension: (Keepa - Amazon Price Tracker) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2025-01-07]
BRA Extension: (Helium 10) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2025-01-22]
BRA Extension: (MetaMask) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2025-01-22]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-01-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-01-22]
BRA Extension: (Brave NTP background images) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-09-11]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-01-22]
BRA Extension: (Wallet Data Files Updater) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-22]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-01-22]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-01-04]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-01-22]
BRA Extension: (Brave Ads Resources) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2025-01-22]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2025-01-22]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-11-20]
BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-19]
BRA Extension: (Brave NTP sponsored images) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2025-01-22]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\20med\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-25]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [401880 2024-12-21] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe [908648 2024-10-02] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [503144 2024-09-25] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe [1854312 2024-10-02] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678760 2023-05-10] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [845256 2025-01-21] (ASUSTeK Computer Inc. -> )
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851640 2024-12-17] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-17] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-17] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-31] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [852152 2024-12-17] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-11-24] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-01] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\132.1.74.48\elevation_service.exe [2766352 2025-01-15] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-01] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DWAgent; C:\Program Files\DWAgent\native\dwagsvc.exe [1136120 2023-05-17] (DWSNET OÜ -> )
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-09-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-05-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 HopToDesk; C:\Program Files\HopToDesk\HopToDesk.exe [13093328 2023-05-18] (Begonia Holdings -> )
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11744152 2024-12-14] (Logitech Inc -> Logitech, Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4955496 2024-08-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe [11177064 2024-10-29] (Logitech Inc -> Logitech, Inc.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1920152 2021-11-01] (A-Volute SAS -> Nahimic)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2023-05-24] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_3d88c2eb4775cc07\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [714200 2024-11-20] (Bitdefender SRL -> Bitdefender)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2125352 2024-11-22] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [1226656 2021-06-07] (Datronicsoft, Inc. -> )
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291224 2024-12-17] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ArmouryLiveUpdate; %SystemRoot%\System32\DriverStore\FileRepository\rogms.inf_amd64_9074891d243b506d\ArmouryLiveUpdate.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [58936 2024-09-24] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [7505856 2024-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R3 AVoluteSS3Vad; C:\WINDOWS\System32\drivers\AVoluteSS3Vad.sys [93672 2021-10-14] (A-Volute -> Windows (R) Win 7 DDK provider)
R2 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [969664 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2023-11-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [42432 2024-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [34920 2024-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1490896 2024-09-05] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [849968 2024-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54888 2024-07-01] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R3 logi_audio_surround; C:\WINDOWS\System32\DriverStore\FileRepository\logi_audio.inf_amd64_affafe6e263c4f51\logi_audio_surround.sys [44112 2024-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-10-05] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-10-05] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray.sys [89192 2024-10-29] (Logitech Inc -> Logitech, Inc.)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\Program Files\NordVPN\7.31.8.0\Drivers\NDivert.sys [131472 2024-10-31] (nordvpn s.a. -> Nordvpn S.A.)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [104600 2024-09-12] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
S3 spacedeskDriverBus; C:\WINDOWS\System32\drivers\spacedeskDriverBus.sys [102848 2021-06-07] (Datronicsoft, Inc. -> datronicsoft Inc.)
S3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [36800 2021-06-02] (Datronicsoft, Inc. -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-06-29] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [41120 2024-09-12] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [629184 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2021-08-23] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2021-08-23] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1403456 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S3 WinDivert1.1; C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys [35376 2013-12-03] (Nemea Mjukvaruutveckling AB -> Basil Projects)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 cpuz157; \??\C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [X] <==== ACHTUNG
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== ACHTUNG
S1 nordlwf; \SystemRoot\system32\DRIVERS\nordlwf.sys [X]
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]
S3 ROGKB; \SystemRoot\System32\DriverStore\FileRepository\rogkb.inf_amd64_d77507607440a92c\ROGKB.sys [X]
S3 ROGMS; \SystemRoot\System32\DriverStore\FileRepository\rogms.inf_amd64_9074891d243b506d\ROGMS.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-01-22 23:16 - 2025-01-22 23:40 - 000000000 ____D C:\FRST
2025-01-22 13:50 - 2025-01-22 13:50 - 000000000 ____D C:\Users\20med\AppData\Roaming\Microsoft\PowerPoint
2025-01-21 12:35 - 2025-01-21 12:35 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat
2025-01-21 12:35 - 2025-01-21 12:35 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat
2025-01-15 21:39 - 2025-01-16 04:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-13 15:37 - 2025-01-13 15:37 - 000000000 ____D C:\Program Files\Elgato
2025-01-13 11:10 - 2025-01-13 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\moomoo
2025-01-12 00:41 - 2025-01-12 00:41 - 000002895 _____ C:\Users\20med\Desktop\Snapchat.lnk
2025-01-12 00:41 - 2025-01-12 00:41 - 000000000 ____D C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave-Apps
2025-01-03 12:56 - 2025-01-12 18:01 - 000000000 ____D C:\Users\20med\AppData\Roaming\Amazon
2025-01-03 12:55 - 2025-01-09 12:44 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-01-03 12:55 - 2025-01-03 12:55 - 000001304 _____ C:\Users\20med\Desktop\Kindle Create.lnk
2025-01-03 12:55 - 2025-01-03 12:55 - 000000000 ____D C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2025-01-03 12:55 - 2025-01-03 12:55 - 000000000 ____D C:\Users\20med\.kindle
2025-01-03 12:54 - 2025-01-03 12:54 - 000000000 ____D C:\Users\20med\AppData\Local\Amazon
2024-12-29 16:50 - 2024-12-29 16:50 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2024-12-29 16:50 - 2024-12-29 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-12-29 16:50 - 2024-12-29 16:50 - 000000000 ____D C:\Program Files\LGHUB
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-01-22 23:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-22 22:55 - 2024-03-07 10:40 - 000000000 ____D C:\Users\20med\AppData\Roaming\reolink
2025-01-22 21:46 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-22 20:21 - 2023-04-01 15:59 - 000000000 ____D C:\Users\20med\AppData\Local\JDownloader 2.0
2025-01-22 19:55 - 2023-05-10 10:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2025-01-22 15:31 - 2023-05-10 10:03 - 000000000 ____D C:\Program Files\ASUS
2025-01-22 13:54 - 2023-04-01 11:39 - 000000000 ____D C:\Users\20med\AppData\Local\Packages
2025-01-22 13:17 - 2023-04-26 14:41 - 000000000 ____D C:\Users\20med\Desktop\Rendern
2025-01-22 12:07 - 2023-04-01 11:39 - 000000000 ____D C:\Users\20med\AppData\Local\D3DSCache
2025-01-22 07:18 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-22 07:18 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-21 12:44 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2025-01-21 12:35 - 2023-04-01 11:40 - 001754668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-21 12:35 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2025-01-21 12:33 - 2022-05-07 06:17 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2025-01-21 12:29 - 2023-07-05 07:25 - 000000000 ____D C:\Users\20med\AppData\Roaming\asus_framework
2025-01-21 12:29 - 2023-04-01 11:31 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-21 12:28 - 2024-06-17 20:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-21 12:28 - 2023-05-17 11:42 - 000000000 ____D C:\Program Files\DWAgent
2025-01-21 12:28 - 2023-04-01 11:30 - 000901328 _____ () C:\WINDOWS\system32\wpbbin.exe
2025-01-21 12:28 - 2023-04-01 11:30 - 000845256 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2025-01-21 12:28 - 2023-04-01 11:30 - 000303960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-01-21 12:28 - 2023-04-01 11:30 - 000012288 ___SH C:\DumpStack.log.tmp
2025-01-21 12:28 - 2023-04-01 11:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-21 12:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-21 12:27 - 2023-10-19 19:23 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2025-01-21 12:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-21 12:27 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-01-21 12:26 - 2023-04-01 16:59 - 000046356 _____ C:\Users\20med\AppData\Roaming\VoiceMeeterBananaDefault.xml
2025-01-21 12:26 - 2023-04-01 16:54 - 000000000 ____D C:\Users\20med\AppData\Local\CrashDumps
2025-01-21 12:26 - 2023-04-01 11:37 - 000000000 ____D C:\Users\20med
2025-01-19 17:56 - 2023-04-01 11:31 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-17 21:13 - 2023-04-01 13:47 - 000000000 ____D C:\Users\20med\AppData\Roaming\vlc
2025-01-16 23:38 - 2023-04-01 11:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-16 23:35 - 2023-04-01 11:45 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-16 23:35 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-16 04:39 - 2024-06-17 20:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-01-16 04:39 - 2024-06-17 20:37 - 000001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-15 22:09 - 2023-04-01 12:35 - 000002316 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-01-15 20:34 - 2023-09-01 05:43 - 000000000 ____D C:\Users\20med\AppData\Roaming\G HUB
2025-01-15 20:34 - 2023-04-01 14:08 - 000000000 ____D C:\Users\20med\AppData\Roaming\lghub
2025-01-15 20:33 - 2023-04-01 14:08 - 000000000 ____D C:\Users\20med\AppData\Local\LGHUB
2025-01-14 01:17 - 2023-04-01 11:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-13 23:36 - 2023-04-01 15:58 - 000000128 _____ C:\Users\20med\AppData\Roaming\winscp.rnd
2025-01-13 15:37 - 2023-10-27 05:26 - 000000000 ____D C:\ProgramData\obs-studio
2025-01-13 15:37 - 2023-05-10 10:21 - 000001105 _____ C:\Users\Public\Desktop\Stream Deck.lnk
2025-01-13 11:19 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-01-13 11:10 - 2023-04-15 07:56 - 000001062 _____ C:\Users\Public\Desktop\moomoo.lnk
2025-01-13 11:10 - 2023-04-01 12:46 - 000000000 ____D C:\Program Files (x86)\moomoo
2025-01-13 07:49 - 2023-04-16 11:39 - 000000000 ____D C:\Users\20med\AppData\Roaming\obs-studio
2025-01-09 23:47 - 2023-04-01 14:10 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-09 11:39 - 2024-06-17 20:37 - 000001013 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-01-07 11:39 - 2023-06-08 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2025-01-07 11:39 - 2023-06-08 09:04 - 000000000 ____D C:\Program Files\NordVPN
2025-01-02 13:02 - 2023-05-10 10:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2025-01-02 13:00 - 2023-04-01 14:07 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-02 12:50 - 2023-05-10 09:59 - 000000000 ____D C:\Program Files (x86)\ASUS
2024-12-30 12:33 - 2024-03-05 21:45 - 000004222 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1709671543
2024-12-30 12:33 - 2024-03-05 21:45 - 000001386 _____ C:\Users\20med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2024-12-29 16:48 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-12-29 16:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-12-29 16:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-12-29 00:44 - 2023-06-09 22:23 - 000000000 ____D C:\Users\20med\AppData\Roaming\Ledger Live
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-05-26 21:20 - 2023-05-26 21:21 - 000621326 _____ () C:\Program Files (x86)\VMS Setup Log.txt
2024-03-10 20:29 - 2024-03-10 20:29 - 000278199 _____ () C:\Program Files (x86)\VMS Uninstall Log.txt
2024-03-07 10:40 - 2024-03-07 10:40 - 000000211 _____ () C:\Users\20med\AppData\Roaming\com.reolink.app.client
2023-04-01 16:59 - 2025-01-21 12:26 - 000046356 _____ () C:\Users\20med\AppData\Roaming\VoiceMeeterBananaDefault.xml
2023-04-01 15:58 - 2025-01-13 23:36 - 000000128 _____ () C:\Users\20med\AppData\Roaming\winscp.rnd
2023-04-08 12:48 - 2024-02-16 22:15 - 000001456 _____ () C:\Users\20med\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2023-04-02 16:46 - 2023-04-02 16:46 - 000000000 _____ () C:\Users\20med\AppData\Local\oobelibMkey.log
2023-04-27 21:50 - 2024-10-16 09:39 - 000000128 _____ () C:\Users\20med\AppData\Local\PUTTY.RND
2023-07-01 19:00 - 2024-09-20 14:07 - 000007625 _____ () C:\Users\20med\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== |