Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows11 Seo Shell-Benachrichtigungssymbol kann nicht entfernt werden (https://www.trojaner-board.de/212860-windows11-seo-shell-benachrichtigungssymbol-entfernt.html)

boobie 25.10.2024 00:23
Windows11 Seo Shell-Benachrichtigungssymbol kann nicht entfernt werden
 
Hallo miteinander,

soeben habe ich versucht eine Software über Chip herunter zu laden, jedoch kamen unerwünschte pop-ups und werbung auf meinem Desktop auf was mich dazu veranlasst hat alles, was bei mir in downloads bei "zuletzt heruntergeladen" war, zu löschen. Danach habe ich meinen Anti-viren-Programm laufen lassen (Bitdefender) und habe danach meinen PC neustarten lassen. Seitdem tritt jedes mal die Meldung "Seo Shell-Benachrichtigungssymbol kann nicht entfernt werden" auf. Ich habe auch im Internet gelesen das ich "Malwarebytes Adwcleaner mal laufen lassen soll. 2 mal hab ich den laufen lassen, was mir 4 Log Dateien gegeben hat, mit denen ich nichts anfangen kann. Ich bin ziehmlich hilflos was das ganze Thema rund um pc´s angeht und bitte daher um Hilfe sodass ich auch verstehen kann was ich nun machen soll.

Grüße
boobie

deeprybka 25.10.2024 04:18
Hi,
herzlich Willkommen auf dem Trojaner-Board.
Ich werde Dir helfen Dein PC-Problem zu lösen.

Lies Dir bitte mal die folgenden Dinge durch und poste mir dann die FRST-Logs.
Punkt 2 und 3 bitte.

https://www.trojaner-board.de/69886-...-beachten.html

boobie 25.10.2024 06:04
Hallo,
vielen Dank für die Hilfe.

Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-25-2024
# Duration: 00:00:02
# OS:      Windows 11 (Build 26100.2033)
# Scanned:  32101
# Detected: 6


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.WebCompanion      C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic            HKCU\SOFTWARE\27ce9fa05c3947dc99ac7a6bd52f3e16
PUP.Adware.Heuristic            HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b
PUP.Optional.QuickDriverUpdater HKLM\Software\qdu-pr
PUP.Optional.WebCompanion      HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion      HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-25-2024
# Duration: 00:00:00
# OS:      Windows 11 (Build 26100.2033)
# Cleaned:  6
# Failed:  0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted      C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted      HKCU\SOFTWARE\27ce9fa05c3947dc99ac7a6bd52f3e16
Deleted      HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b
Deleted      HKCU\Software\Lavasoft\Web Companion
Deleted      HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted      HKLM\Software\qdu-pr

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1807 octets] - [25/10/2024 00:04:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-25-2024
# Duration: 00:00:02
# OS:      Windows 11 (Build 26100.2033)
# Scanned:  32108
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1807 octets] - [25/10/2024 00:04:41]
AdwCleaner[C00].txt - [1885 octets] - [25/10/2024 00:05:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-25-2024
# Duration: 00:00:00
# OS:      Windows 11 (Build 26100.2033)
# Cleaned:  0
# Failed:  0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1807 octets] - [25/10/2024 00:04:41]
AdwCleaner[C00].txt - [1885 octets] - [25/10/2024 00:05:00]
AdwCleaner[S01].txt - [1542 octets] - [25/10/2024 00:08:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Und das wären die FRST Logs (Addition.txt separater beitrag)

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
durchgeführt von alexf (Administrator) auf BEBALEIN-GAMING (Micro-Star International Co., Ltd. MS-7D98) (25-10-2024 06:58:43)
Gestartet von C:\Users\alexf\OneDrive\Desktop\FRST64.exe
Geladene Profile: alexf
Plattform: Microsoft Windows 11 Home Version 24H2 26100.2033 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: "C:\Program Files\WindowsApps\Mozilla.Firefox_131.0.3.0_x64__n80bbvh6b1yt2\VFS\ProgramFiles\Firefox Package Root\firefox.exe" -osint -url "%1"
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(082E9164-EE6C-4EC8-B62C-441FAE7BEFA1 -> Mozilla Corporation) C:\Program Files\WindowsApps\Mozilla.Firefox_131.0.3.0_x64__n80bbvh6b1yt2\VFS\ProgramFiles\Firefox Package Root\firefox.exe <18>
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.286\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <4>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Google\Play Games Services\Current\Service Host\GooglePlayGamesServicesHost.exe ->) (Google LLC -> Google) C:\Program Files\Google\Play Games Services\Current\Service\GooglePlayGamesServices.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.24900.130.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe <7>
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [Datei ist nicht signiert] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(explorer.exe ->) (Rainmeter Team -> Rainmeter) [Datei ist nicht signiert] C:\Users\alexf\Downloads\Rainmeter.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Google LLC -> ) C:\Program Files\Google\Play Games Services\Current\Service Host\GooglePlayGamesServicesHost.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_98f357adcde2292d\logi_lamparray_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\NVDisplay.Container.exe <2>
(sihost.exe ->) (04797BBC-C7BB-462F-9B66-331C81E27C0E -> TranslucentTB Open-Source-Entwickler) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2024.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\ShellHost.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (BUSINESS CONVERS TRACK S.R.L. -> Business Convers Track S.R.L.) C:\Users\alexf\AppData\Roaming\SEO\SEO.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_22409.1401.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\alexf\AppData\Local\Microsoft\OneDrive\24.186.0915.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088224 2024-10-21] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4131552 2024-09-24] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [500912 2024-10-04] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752216 2024-09-30] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36764120 2024-10-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Run: [MicrosoftEdgeAutoLaunch_9492D799C07693992FE914071B5FB0C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3865656 2024-10-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Run: [Badlion Client] => C:\Program Files\Badlion Client\Badlion Client.exe [177088560 2024-08-22] (ESL Gaming Online, Inc. -> Badlion)
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1842952 2024-10-08] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3386464 2024-10-11] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Run: [Opera Browser Assistant] => C:\Users\alexf\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4146080 2024-09-25] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46525336 2024-10-16] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [73893688 2024-10-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-4165446667-139938376-1288695477-1002\...\Run: [MicrosoftEdgeAutoLaunch_25322A03CF19B18265EE97739B301555] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3865656 2024-10-17] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Virtual Port Monitor: C:\WINDOWS\system32\VirtualMon.dll [225280 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9F02E2F5-5A41-4D1A-B473-4617E84BC957}] -> C:\WINDOWS\system32\WindowsProtectedPrintConfiguration.dll [2024-10-20] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2024-09-16]
ShortcutTarget: Rainmeter.lnk -> C:\Users\alexf\Downloads\Rainmeter.exe (Rainmeter Team -> Rainmeter) [Datei ist nicht signiert] <==== ACHTUNG
Startup: C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SearchEngineOptimizer.lnk [2024-10-24] <==== ACHTUNG
ShortcutTarget: SearchEngineOptimizer.lnk -> C:\Users\alexf\AppData\Roaming\SEO\SEO.exe (BUSINESS CONVERS TRACK S.R.L. -> Business Convers Track S.R.L.) <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {91486210-94C1-46F4-8250-90A7AA25834F} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [371048 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {295D41AF-D0B7-4591-AACA-5B10DB40D1B8} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1771368 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {227645A7-592D-46DB-A543-160BF05AA064} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (Keine Datei)
Task: {A11F2587-029A-4147-8152-D419E55AC5E3} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.286\WatchDog.exe [1155888 2024-08-23] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.0.1.286\repair
Task: {BF4A4EE6-9778-49CC-8A69-D973407D9C03} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [374368 2024-10-16] (Google LLC -> Google LLC)
Task: {4100E053-4D85-4BA3-A839-2DF7365CAABB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{FC15D47C-33F6-4404-A094-606135EDD07C} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {D1211565-C8D3-4652-94F0-E7177DB88C70} - System32\Tasks\Microsoft\Windows\Diagnosis\UnexpectedCodepath => C:\WINDOWS\system32\UCConfigTask.exe [77824 2024-10-20] (Microsoft Windows -> )
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (Keine Datei)
Task: {EC4E1419-ADE4-4C7B-B3E1-C4DE54F3DBA8} - System32\Tasks\Microsoft\Windows\PerformanceTrace\RequestTrace => {9EFEB182-2EE3-4AF9-AFFA-521410D110D1} C:\WINDOWS\system32\PerformanceTraceHandler.dll [114688 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {FD953D65-B217-4C79-946C-40F34EA51665} - System32\Tasks\Microsoft\Windows\ReFsDedupSvc\Initialization => {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} C:\WINDOWS\System32\ReFsDedupSvc.exe [2195456 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {4F717F03-44C5-4378-9D4E-3C1AF09307A7} - System32\Tasks\Microsoft\Windows\Servicing\OOBEFodSetup => C:\WINDOWS\system32\OOBEFodSetup.exe [40960 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {6E9522D4-5ECB-478B-90ED-91561B8D4524} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => {7750564D-D61C-4557-8A9D-7DF56BDCFF96} C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [270336 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {6B549F30-9F73-486A-9FFB-D9A4B9B0B516} - System32\Tasks\Microsoft\Windows\Sustainability\PowerGridForecastTask => {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} C:\WINDOWS\system32\PowerGridForecastTask.dll [331776 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {508EB8D1-F073-4C6A-AD9A-925F5E3ADA0B} - System32\Tasks\Microsoft\Windows\Sustainability\SustainabilityTelemetry => {6EE41D75-D091-4FB7-9AD5-018760DD25D4} C:\WINDOWS\system32\EcoScoreTask.dll [90112 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {AE889AF2-B6E2-4941-8C89-FCD4EB658F9B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UUS Failover Task => C:\WINDOWS\System32\MLEngineStub.exe [86016 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {E7C4C340-9597-4B86-998D-D2D8E6CE7CA4} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3824168 2024-08-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1227A51-213E-44C6-8D25-B8F5C81AB0BA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7C7349F-58C6-4451-9277-6638B5085DCF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E7B5207A-74C6-4E4C-98AC-0633B4B4D3B0} - System32\Tasks\Opera scheduled assistant Autoupdate 1725620447 => C:\Users\alexf\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-10-15] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\alexf\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {4FDA04E2-2AF0-4574-BF7E-83B4CE6E8EBA} - System32\Tasks\Opera scheduled Autoupdate 1725620446 => C:\Users\alexf\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-10-15] (Opera Norway AS -> Opera Software)
Task: {F645B20A-9103-4B74-928D-708F61013DDC} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2388736 2024-10-08] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {59C6A978-B081-4601-80B2-E3326D00DB1F} - System32\Tasks\SEO => C:\Users\alexf\AppData\Roaming\SEO\SEO.exe [11406432 2024-10-24] (BUSINESS CONVERS TRACK S.R.L. -> Business Convers Track S.R.L.) <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{75351a66-de1e-4f20-9416-76f81fa35b9b}: [NameServer] 198.51.100.1
Tcpip\..\Interfaces\{cb138c0e-59ce-4f7f-955c-00cff7116df5}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{cb138c0e-59ce-4f7f-955c-00cff7116df5}: [DhcpDomain] speedport.ip

Edge:
=======
Edge Profile: C:\Users\alexf\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-25]
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\alexf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2024-09-10]
Edge Extension: (Google Docs Offline) - C:\Users\alexf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-05]
Edge Extension: (Edge relevant text changes) - C:\Users\alexf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-09-05]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2024-08-29] [] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Plugin: @java.com/DTPlugin,version=11.431.2 -> C:\Program Files\Java\jre1.8.0_431\bin\dtplugin\npDeployJava1.dll [2024-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.431.2 -> C:\Program Files\Java\jre1.8.0_431\bin\plugin2\npjp2.dll [2024-09-30] (Oracle America, Inc. -> Oracle Corporation)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

Opera:
=======
OPR DefaultProfile: Default

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\UnifiedSDK.Service\UnifiedSDK.Service.exe [69128688 2024-06-14] (Get Aura Inc -> AnchorFree Inc.)
S3 ApxSvc; C:\WINDOWS\System32\ApxSvc.dll [73728 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2022-08-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [502632 2024-07-04] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851640 2024-10-21] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851640 2024-10-21] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851640 2024-10-21] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2966184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577192 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [851640 2024-10-21] (Bitdefender SRL -> Bitdefender)
S2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [514328 2024-10-04] (Bitdefender SRL -> Bitdefender)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [14037088 2024-10-11] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2024-09-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
R2 Google Play Games Services; C:\Program Files\Google\Play Games Services\Current\Service Host\GooglePlayGamesServicesHost.exe [3300456 2024-10-01] (Google LLC -> )
S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11335576 2024-10-16] (Logitech Inc -> Logitech, Inc.)
S3 LocalKdc; C:\WINDOWS\system32\localkdcsvc.dll [794624 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_98f357adcde2292d\logi_lamparray_service.exe [10150392 2024-10-16] (Logitech Inc -> Logitech, Inc.)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-09-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2388736 2024-10-08] (Overwolf Ltd -> Overwolf LTD)
S3 PrintDeviceConfigurationService; C:\WINDOWS\System32\PrintDeviceConfigurationService.dll [192512 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 PrintScanBrokerService; C:\WINDOWS\System32\PrintScanBrokerService.dll [180224 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [701808 2024-08-23] (Bitdefender SRL -> Bitdefender)
S3 refsdedupsvc; C:\WINDOWS\System32\ReFsDedupSvc.exe [2195456 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291224 2024-10-21] (Bitdefender SRL -> Bitdefender)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [13651112 2024-09-24] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851640 2024-10-21] (Bitdefender SRL -> Bitdefender)
S2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3580352 2024-09-16] (Skutta Software GmbH -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-09-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-09-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 acpipagr; C:\WINDOWS\System32\DriverStore\FileRepository\acpipagr.inf_amd64_d1093347a27ff89c\acpipagr.sys [49152 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 AcpiPmi; C:\WINDOWS\System32\DriverStore\FileRepository\acpipmi.inf_amd64_3ced06eb61dcc792\acpipmi.sys [53248 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R0 amdwps; C:\WINDOWS\System32\drivers\amdwps.sys [67144 2024-10-20] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [58928 2024-07-03] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [7505856 2024-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [933424 2024-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2024-10-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [49200 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [42432 2024-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 bdvpn_netfilter; C:\WINDOWS\System32\drivers\bdvpn_netfilter.sys [94600 2023-11-12] (Pango Inc. -> Pango Inc)
R3 CDD; C:\WINDOWS\System32\cdd.dll [331776 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [34920 2024-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 devmap; C:\WINDOWS\System32\DriverStore\FileRepository\devmap.inf_amd64_1993197f4612e967\devmap.sys [53248 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 DisplayMux; C:\WINDOWS\System32\DriverStore\FileRepository\displaymux.inf_amd64_da65a70f0c3ce0f3\DisplayMux.sys [57344 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1490896 2024-05-21] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 googlehaxm; C:\Windows\system32\drivers\GoogleHaxm.sys [246984 2024-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Google)
S3 I3CHost; C:\WINDOWS\System32\DriverStore\FileRepository\i3chost.inf_amd64_71fb35d9ebcbe45b\I3CHost.sys [296240 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3d\iaLPSS2_GPIO2_ADL.sys [140960 2022-06-23] (Intel Corporation -> Intel Corporation)
R2 Ignisv2; C:\WINDOWS\System32\DRIVERS\ignisv2.sys [849968 2024-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_6f93b7542fd3ead9\gna.sys [88656 2023-08-28] (Intel Corporation -> Intel Corporation)
S3 kdnic_legacy; C:\WINDOWS\System32\drivers\kdnic_legacy.sys [70976 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R3 logi_audio_surround; C:\WINDOWS\System32\DriverStore\FileRepository\logi_audio.inf_amd64_affafe6e263c4f51\logi_audio_surround.sys [44112 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-10-16] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2024-10-16] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-10-16] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_98f357adcde2292d\logi_lamparray.sys [89192 2024-10-16] (Logitech Inc -> Logitech, Inc.)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 MsQuicPrev; C:\WINDOWS\System32\drivers\msquicprev.sys [458032 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
S2 NetworkPrivacyPolicy; C:\WINDOWS\System32\DriverStore\FileRepository\networkprivacypolicy.inf_amd64_f3940973e0444eec\NetworkPrivacyPolicy.sys [102400 2024-10-20] (Microsoft Windows -> )
S3 PktMonApi; C:\WINDOWS\System32\drivers\PktMonApi.sys [61440 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 PlutonHeci; C:\WINDOWS\System32\DriverStore\FileRepository\pluton-heci.inf_amd64_9aaa7a8c15ac7e9a\pluton-heci.sys [58784 2024-10-20] (Microsoft Windows -> )
S3 PlutonHsp2; C:\WINDOWS\System32\DriverStore\FileRepository\plutonhsp2.inf_amd64_0b3fdc25d1dc1c6e\PlutonHsp2.sys [58672 2024-10-20] (Microsoft Windows -> )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [629184 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 uiomap; C:\WINDOWS\System32\DriverStore\FileRepository\uiomap.inf_amd64_11efbd9b4c5f482e\uiomap.sys [69632 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R3 UmPass; C:\WINDOWS\System32\DriverStore\FileRepository\umpass.inf_amd64_06e016c9ffecbf73\umpass.sys [53248 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R2 UnionFS; C:\WINDOWS\system32\drivers\UnionFS.sys [497072 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [28690232 2024-09-24] (Riot Games, Inc. -> Riot Games, Inc.)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1403448 2024-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 vwifibus; C:\WINDOWS\System32\DriverStore\FileRepository\netvwifibus.inf_amd64_ab4e111fe8221178\vwifibus.sys [65536 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R3 vwifimp; C:\WINDOWS\System32\DriverStore\FileRepository\netvwifimp.inf_amd64_16c785b9ba77e7b0\vwifimp.sys [86016 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-09-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602504 2024-09-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-05] (Microsoft Windows -> Microsoft Corporation)
S3 WinAccelCx0101; C:\WINDOWS\System32\drivers\WinAccelCx.sys [144704 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 WinI3C; C:\WINDOWS\System32\DriverStore\FileRepository\wini3c.inf_amd64_a7ed04bfcdb83650\WinI3C.sys [75208 2024-10-20] (Microsoft Windows -> Microsoft Corporation)
R2 WinRing0x64; C:\WINDOWS\System32\Drivers\WinRing0x64.sys [14544 2023-01-07] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R0 WinSetupMon; C:\WINDOWS\System32\DRIVERS\WinSetupMon.sys [169440 2024-10-04] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2024-09-10] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 ZTDNS; C:\WINDOWS\System32\drivers\ztdns.sys [107960 2024-10-20] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-10-25 06:58 - 2024-10-25 06:58 - 000032427 _____ C:\Users\alexf\OneDrive\Desktop\FRST.txt
2024-10-25 06:58 - 2024-10-25 06:58 - 000000000 ____D C:\FRST
2024-10-25 06:56 - 2024-10-25 06:56 - 002397696 _____ (Farbar) C:\Users\alexf\OneDrive\Desktop\FRST64.exe
2024-10-25 06:29 - 2024-10-25 06:29 - 000001542 _____ C:\Users\alexf\OneDrive\Desktop\AdwCleaner[S01].txt
2024-10-25 01:18 - 2024-10-25 01:18 - 000000000 ____D C:\Users\alexf\AppData\LocalLow\Temp
2024-10-25 00:13 - 2024-10-25 00:13 - 000707760 _____ C:\WINDOWS\system32\perfh007.dat
2024-10-25 00:13 - 2024-10-25 00:13 - 000150734 _____ C:\WINDOWS\system32\perfc007.dat
2024-10-25 00:04 - 2024-10-25 00:04 - 008790880 _____ (Malwarebytes) C:\Users\alexf\Downloads\adwcleaner.exe
2024-10-25 00:04 - 2024-10-25 00:04 - 000000000 ____D C:\AdwCleaner
2024-10-24 22:43 - 2024-10-24 22:43 - 000003542 _____ C:\WINDOWS\system32\Tasks\SEO
2024-10-24 22:40 - 2024-10-24 22:40 - 000000000 ____D C:\ProgramData\MSI
2024-10-24 22:39 - 2024-10-24 22:40 - 643603988 _____ C:\Users\alexf\Downloads\MSI-Center.zip
2024-10-24 22:35 - 2024-10-24 22:35 - 000000000 ____D C:\Program Files\PD
2024-10-24 22:35 - 2024-10-24 22:35 - 000000000 ____D C:\Program Files\Patriot
2024-10-24 22:35 - 2024-10-24 22:35 - 000000000 ____D C:\Program Files\ENE
2024-10-24 22:32 - 2024-10-24 22:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-10-24 22:32 - 2024-10-24 22:32 - 000000000 ____D C:\Users\alexf\AppData\Local\AcSdkInsLog
2024-10-24 22:31 - 2024-10-24 22:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2024-10-24 22:31 - 2024-10-24 22:41 - 000000000 ____D C:\Program Files\ASUS
2024-10-24 22:31 - 2024-10-24 22:31 - 000000000 ____D C:\Users\alexf\AppData\Local\ASUS
2024-10-24 22:31 - 2024-07-04 09:34 - 000524648 _____ (Asustek Computer Inc.) C:\WINDOWS\system32\AsIO3.dll
2024-10-24 22:31 - 2024-07-04 09:34 - 000430440 _____ (Asustek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO3.dll
2024-10-24 22:31 - 2024-07-03 19:08 - 000058928 _____ (Asustek Computer Inc.) C:\WINDOWS\system32\Drivers\AsIO3.sys
2024-10-24 22:31 - 2024-05-14 09:55 - 000054888 ____N (ASUSTeK Computer Inc.) C:\WINDOWS\system32\Drivers\IOMap64.sys
2024-10-24 22:28 - 2024-10-24 22:41 - 000000000 ____D C:\ProgramData\ASUS
2024-10-24 22:28 - 2024-10-24 22:41 - 000000000 ____D C:\Program Files (x86)\ASUS
2024-10-24 22:26 - 2024-10-24 22:32 - 000000000 ____D C:\Users\alexf\OneDrive\Dokumente\OpenRGB_0.9_Windows_32_b5f46e3
2024-10-24 22:20 - 2023-01-07 07:25 - 000014544 _____ (OpenLibSys.org) C:\WINDOWS\system32\Drivers\WinRing0x64.sys
2024-10-24 22:18 - 2024-10-24 22:42 - 000000000 ____D C:\Users\alexf\AppData\Roaming\SEO
2024-10-24 22:18 - 2024-10-24 22:31 - 000000000 ____D C:\Users\alexf\OneDrive\Dokumente\OpenRGB_0.9_Windows_64_b5f46e3
2024-10-24 22:18 - 2024-10-24 22:18 - 000000000 ____D C:\Users\alexf\AppData\Roaming\OpenRGB
2024-10-22 15:25 - 2024-10-22 15:25 - 000233948 _____ C:\ProgramData\vpn.1729603503.bdinstall.v2.bin
2024-10-22 15:25 - 2024-10-22 15:25 - 000100944 _____ C:\ProgramData\vpn.uninstall.1729603521.bdinstall.v2.bin
2024-10-22 15:25 - 2024-10-22 15:25 - 000000000 ____D C:\ProgramData\UnifiedSDK.Service
2024-10-22 15:25 - 2024-10-22 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2024-10-22 07:32 - 2024-10-22 07:32 - 000000000 ____D C:\Users\alexf\OneDrive\Dokumente\League of Legends
2024-10-22 07:12 - 2024-10-25 00:09 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-10-22 07:12 - 2024-10-22 07:34 - 041943896 _____ C:\WINDOWS\392667600.dat
2024-10-22 06:57 - 2024-10-22 06:57 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-10-22 06:50 - 2024-10-22 07:36 - 000000000 ____D C:\Users\alexf\AppData\Roaming\riot-client-ux
2024-10-22 06:49 - 2024-10-22 07:36 - 000000000 ____D C:\ProgramData\Riot Games
2024-10-22 06:49 - 2024-10-22 07:32 - 000000000 ____D C:\Users\alexf\AppData\Local\Riot Games
2024-10-22 06:49 - 2024-10-22 06:57 - 000000000 ____D C:\Riot Games
2024-10-22 06:49 - 2024-10-22 06:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-10-22 06:49 - 2024-10-22 06:49 - 074083584 _____ (Riot Games, Inc.) C:\Users\alexf\Downloads\Install League of Legends euw.exe
2024-10-22 06:49 - 2024-10-22 06:49 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-10-22 00:28 - 2024-10-22 00:28 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Sun
2024-10-22 00:28 - 2024-10-22 00:28 - 000000000 ____D C:\Users\alexf\AppData\LocalLow\Oracle
2024-10-22 00:28 - 2024-10-22 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-10-22 00:28 - 2024-10-22 00:28 - 000000000 ____D C:\Program Files\Java
2024-10-22 00:28 - 2024-09-30 08:34 - 000213120 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2024-10-21 00:31 - 2024-10-21 00:31 - 000460020 _____ (Fabric Team) C:\Users\alexf\Downloads\fabric-installer-1.0.1(1).exe
2024-10-20 23:42 - 2024-10-25 00:13 - 001637744 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-10-20 23:39 - 2024-10-20 23:39 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-10-20 23:38 - 2024-10-20 23:38 - 000000020 ___SH C:\Users\alexf\ntuser.ini
2024-10-20 21:08 - 2024-10-25 00:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-20 21:08 - 2024-10-20 23:42 - 000004248 _____ C:\WINDOWS\system32\Tasks\Google Play Games Notifier
2024-10-20 21:08 - 2024-10-20 23:40 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2024-10-20 21:08 - 2024-10-20 21:08 - 000003854 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1725620447
2024-10-20 21:08 - 2024-10-20 21:08 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-20 21:08 - 2024-10-20 21:08 - 000003594 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1725620446
2024-10-20 21:08 - 2024-10-20 21:08 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-20 21:08 - 2024-10-20 21:08 - 000003270 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2024-10-20 21:08 - 2024-10-20 21:08 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4165446667-139938376-1288695477-1002
2024-10-20 21:08 - 2024-10-20 21:08 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4165446667-139938376-1288695477-1001
2024-10-20 21:08 - 2024-10-20 21:08 - 000003010 _____ C:\WINDOWS\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 21:08 - 2024-10-20 21:08 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 21:08 - 2024-10-20 21:08 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4165446667-139938376-1288695477-1002
2024-10-20 21:08 - 2024-10-20 21:08 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4165446667-139938376-1288695477-1001
2024-10-20 21:08 - 2024-10-20 21:08 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 21:08 - 2024-10-20 21:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-10-20 21:06 - 2024-10-20 21:06 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2024-10-20 21:05 - 2024-10-25 00:07 - 000001752 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2024-10-20 21:05 - 2024-10-24 23:57 - 000297040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-10-20 21:05 - 2024-10-24 22:46 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-10-20 21:05 - 2024-10-24 20:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-20 21:05 - 2024-10-20 23:38 - 000000000 ____D C:\Windows.old
2024-10-20 20:30 - 2024-10-20 21:05 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Crypto
2024-10-20 20:30 - 2024-10-20 20:30 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\SystemCertificates
2024-10-20 20:30 - 2024-10-20 20:30 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Network
2024-10-20 20:29 - 2024-10-20 21:05 - 000000000 ____D C:\Users\enaun\AppData\Roaming\Microsoft\Crypto
2024-10-20 20:29 - 2024-10-20 20:29 - 000000000 ____D C:\Users\enaun\AppData\Roaming\Microsoft\SystemCertificates
2024-10-20 20:29 - 2024-10-20 20:29 - 000000000 ____D C:\Users\enaun\AppData\Roaming\Microsoft\Network
2024-10-20 20:26 - 2024-10-20 21:05 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2024-10-20 20:25 - 2024-10-25 00:07 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Windows
2024-10-20 20:25 - 2024-10-24 23:28 - 000000000 ____D C:\Users\alexf
2024-10-20 20:25 - 2024-10-20 21:06 - 000000000 ____D C:\Users\enaun\AppData\Roaming\Microsoft\Windows
2024-10-20 20:25 - 2024-10-20 21:05 - 000000000 ____D C:\Users\enaun\AppData\Roaming\Microsoft\Spelling
2024-10-20 20:25 - 2024-10-20 21:05 - 000000000 ____D C:\Users\enaun
2024-10-20 20:25 - 2024-10-20 21:05 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Spelling
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\enaun\Vorlagen
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\enaun\Startmenü
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\enaun\Netzwerkumgebung
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\enaun\Lokale Einstellungen
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\enaun\Eigene Dateien
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\enaun\Druckumgebung
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\enaun\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\enaun\AppData\Local\Verlauf
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\enaun\AppData\Local\Anwendungsdaten
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\enaun\Anwendungsdaten
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\alexf\Vorlagen
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\alexf\Startmenü
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\alexf\Netzwerkumgebung
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\alexf\Lokale Einstellungen
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\alexf\Eigene Dateien
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\alexf\Druckumgebung
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\alexf\AppData\Local\Verlauf
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\alexf\AppData\Local\Anwendungsdaten
2024-10-20 20:25 - 2024-10-20 20:25 - 000000000 _SHDL C:\Users\alexf\Anwendungsdaten
2024-10-20 20:23 - 2024-10-20 20:26 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-10-20 20:22 - 2024-10-20 20:22 - 000000000 ____D C:\WINDOWS\InboxApps
2024-10-20 20:19 - 2024-10-20 20:19 - 000026169 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-10-20 20:19 - 2024-10-20 20:19 - 000026169 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-10-20 20:19 - 2024-10-20 20:19 - 000005264 _____ C:\WINDOWS\system32\ecoscore_config.json
2024-10-20 20:19 - 2024-10-20 20:19 - 000000773 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2024-10-20 20:05 - 2024-10-20 20:05 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-10-20 19:40 - 2024-10-21 06:21 - 000000000 ___DC C:\WINDOWS\Panther
2024-10-18 00:39 - 2024-10-18 00:39 - 000002264 _____ C:\Users\alexf\AppData\LocalLow\966f5b1e2cc5cacc3d00f9302170559cdd674ab7bc415c9e8623bb2ba4dca7f4
2024-10-17 00:04 - 2024-10-17 00:04 - 000000000 ____D C:\Users\alexf\OneDrive\Dokumente\Wastelands-Interactive
2024-10-17 00:04 - 2024-10-17 00:04 - 000000000 ____D C:\Users\alexf\AppData\LocalLow\Wastelands Interactive
2024-10-16 17:59 - 2024-10-22 07:11 - 000000000 ____D C:\Users\alexf\AppData\Local\LGHUB
2024-10-16 17:59 - 2024-10-20 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-10-16 17:59 - 2024-10-16 18:07 - 000000000 ____D C:\Users\alexf\AppData\Roaming\lghub
2024-10-16 17:59 - 2024-10-16 18:07 - 000000000 ____D C:\Users\alexf\AppData\Roaming\G HUB
2024-10-16 17:59 - 2024-10-16 17:59 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2024-10-16 17:59 - 2024-10-16 17:59 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2024-10-16 17:59 - 2024-10-16 17:59 - 000032080 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2024-10-16 17:59 - 2024-10-16 17:59 - 000000000 ____D C:\ProgramData\Logishrd
2024-10-16 17:59 - 2024-10-16 17:59 - 000000000 ____D C:\ProgramData\LGHUB
2024-10-16 17:59 - 2024-10-16 17:59 - 000000000 ____D C:\Program Files\Logitech
2024-10-16 17:59 - 2024-10-16 17:59 - 000000000 ____D C:\Program Files\Logi
2024-10-16 17:59 - 2024-10-16 17:59 - 000000000 ____D C:\Program Files\LGHUB
2024-10-16 17:58 - 2024-10-16 17:58 - 042227608 _____ (Logitech, Inc.) C:\Users\alexf\Downloads\lghub_installer.exe
2024-10-16 13:25 - 2024-10-20 21:05 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-10-16 13:25 - 2024-10-17 01:24 - 000000000 ____D C:\Users\alexf\AppData\Roaming\discord
2024-10-16 13:25 - 2024-10-17 00:57 - 000000000 ____D C:\Users\alexf\AppData\Local\Discord
2024-10-16 13:25 - 2024-10-16 13:25 - 119196032 _____ (Discord Inc.) C:\Users\alexf\Downloads\DiscordSetup.exe
2024-10-16 13:25 - 2024-10-16 13:25 - 000002249 _____ C:\Users\alexf\OneDrive\Desktop\Discord.lnk
2024-10-16 13:25 - 2024-10-16 13:25 - 000000000 ____D C:\Users\alexf\AppData\Local\SquirrelTemp
2024-10-14 21:44 - 2024-10-14 21:45 - 000000000 ____D C:\Users\alexf\AppData\LocalLow\Unity
2024-10-14 21:44 - 2024-10-14 21:44 - 000000000 ____D C:\Users\alexf\AppData\LocalLow\Habupain
2024-10-14 21:43 - 2024-10-14 21:43 - 000000223 _____ C:\Users\alexf\OneDrive\Desktop\Saiko no sutoka.url
2024-10-12 20:04 - 2024-10-12 20:04 - 000000000 ____D C:\Users\alexf\AppData\LocalLow\Chilla's Art, LLC
2024-10-12 20:00 - 2024-10-12 20:00 - 000000223 _____ C:\Users\alexf\OneDrive\Desktop\Shinkansen 0  新幹線 0号.url
2024-10-11 21:37 - 2024-10-11 21:37 - 000000000 ____D C:\Users\alexf\AppData\LocalLow\DarkStone Digital
2024-10-11 19:13 - 2024-09-03 13:20 - 000786880 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2024-10-11 19:13 - 2024-09-03 13:20 - 000671592 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2024-10-11 19:13 - 2024-09-03 13:19 - 000982208 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2024-10-11 19:13 - 2024-09-03 13:19 - 000740848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2024-10-11 19:13 - 2024-09-03 13:19 - 000624640 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2024-10-11 19:13 - 2024-09-03 13:19 - 000613672 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2024-10-11 19:13 - 2024-09-03 13:19 - 000483752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2024-10-11 19:13 - 2024-09-03 13:18 - 002041952 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2024-10-11 19:13 - 2024-09-03 13:18 - 000797656 _____ C:\WINDOWS\system32\ze_loader.dll
2024-10-11 19:13 - 2024-09-03 13:18 - 000563808 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2024-10-11 19:13 - 2024-09-03 13:18 - 000430152 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2024-10-11 19:13 - 2024-09-03 13:18 - 000339768 _____ C:\WINDOWS\system32\ControlLib.dll
2024-10-11 19:13 - 2024-09-03 13:18 - 000281536 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2024-10-11 19:13 - 2024-09-03 13:17 - 027986936 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2024-10-11 19:13 - 2024-09-03 13:17 - 020710984 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2024-10-08 01:28 - 2024-10-08 01:28 - 000000000 ____D C:\Users\alexf\AppData\Roaming\ToomkyGames.com
2024-10-06 23:11 - 2024-10-06 23:11 - 000000000 ____D C:\Users\alexf\AppData\LocalLow\Bitbeast Games
2024-10-06 23:09 - 2024-10-06 23:09 - 000000223 _____ C:\Users\alexf\OneDrive\Desktop\Escape Room - Der kranke Kollege.url
2024-10-05 02:29 - 2024-10-05 02:29 - 000000000 ____D C:\Users\alexf\AppData\Roaming\gg.essential.mod
2024-10-05 02:11 - 2024-10-05 02:11 - 002283470 _____ C:\Users\alexf\Downloads\Anomaly-1.1.2 1.19.2.jar
2024-10-05 02:03 - 2024-10-05 02:03 - 006804058 _____ C:\Users\alexf\Downloads\forge-1.19-41.1.0-installer.jar
2024-10-01 13:51 - 2024-10-01 13:51 - 000000318 _____ C:\WINDOWS\system32\httpproxy.json
2024-09-30 22:01 - 2024-10-01 20:38 - 000000000 ____D C:\Minecraft welt backup
2024-09-30 22:00 - 2024-10-25 01:21 - 000000000 ____D C:\Users\alexf\OneDrive\Desktop\Neuer Ordner
2024-09-27 09:08 - 2024-09-27 09:08 - 000000000 ____D C:\Users\alexf\AppData\Local\EALaunchHelper
2024-09-25 22:27 - 2024-09-25 22:27 - 000000000 ____D C:\Users\alexf\AppData\Local\NEO
2024-09-25 22:26 - 2024-10-20 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-09-25 22:26 - 2024-08-25 01:26 - 003084328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-09-25 22:26 - 2024-08-25 01:26 - 002380840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-09-25 22:25 - 2024-08-25 01:08 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2024-09-25 21:56 - 2024-10-20 21:05 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2024-09-25 21:56 - 2024-09-25 21:56 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2024-09-25 21:56 - 2024-09-25 21:56 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2024-09-25 21:55 - 2024-10-20 21:05 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2024-09-25 21:54 - 2024-09-25 22:24 - 000000000 ____D C:\ProgramData\Norton
2024-09-25 21:54 - 2024-09-25 22:22 - 000001416 _____ C:\Users\alexf\OneDrive\Desktop\Norton Installation Files.lnk
2024-09-25 21:54 - 2024-09-25 21:57 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-09-25 21:54 - 2024-09-25 21:54 - 000000000 ____D C:\Users\Public\Downloads\Norton
2024-09-25 21:54 - 2024-09-25 21:54 - 000000000 ____D C:\ProgramData\NortonInstaller
2024-09-25 21:53 - 2024-09-25 21:54 - 058293122 _____ C:\Users\alexf\Downloads\MSIAfterburnerSetup.zip
2024-09-25 20:45 - 2024-09-25 20:45 - 000000000 ____D C:\Users\alexf\AppData\LocalLow\Noble Muffins
2024-09-25 18:32 - 2024-09-25 18:32 - 000000000 ____D C:\ProgramData\Electronic Arts
2024-09-25 18:31 - 2024-10-20 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2024-09-25 18:31 - 2024-09-25 18:32 - 000000000 ____D C:\Users\alexf\OneDrive\Dokumente\Electronic Arts
2024-09-25 18:31 - 2024-09-25 18:32 - 000000000 ____D C:\Users\alexf\AppData\Local\Origin
2024-09-25 18:31 - 2024-09-25 18:31 - 000000000 ____D C:\Users\alexf\AppData\Local\Link2EA
2024-09-25 18:31 - 2024-09-25 18:31 - 000000000 ____D C:\Users\alexf\AppData\Local\Electronic Arts
2024-09-25 18:31 - 2024-09-25 18:31 - 000000000 ____D C:\Users\alexf\AppData\Local\EADesktop
2024-09-25 18:31 - 2024-09-25 18:31 - 000000000 ____D C:\Users\alexf\AppData\Local\cache
2024-09-25 18:30 - 2024-10-12 16:09 - 000000000 ____D C:\ProgramData\EA Desktop
2024-09-25 18:30 - 2024-09-25 18:32 - 000000000 ____D C:\ProgramData\Origin
2024-09-25 18:30 - 2024-09-25 18:30 - 000000222 _____ C:\Users\alexf\OneDrive\Desktop\Thief Simulator.url
2024-09-25 18:30 - 2024-09-25 18:30 - 000000000 ____D C:\Program Files\Electronic Arts
2024-09-25 18:30 - 2024-09-25 18:30 - 000000000 ____D C:\Program Files\EA Games
2024-09-25 18:10 - 2024-09-25 18:17 - 000000000 ____D C:\Users\alexf\AppData\Roaming\We-Become-What-We-Behold
2024-09-25 18:09 - 2024-09-25 18:09 - 000000223 _____ C:\Users\alexf\OneDrive\Desktop\We Become What We Behold.url
2024-09-25 17:59 - 2024-09-25 17:59 - 000000223 _____ C:\Users\alexf\OneDrive\Desktop\The Sims™ 4.url
2024-09-25 16:50 - 2024-09-25 16:50 - 000000027 _____ C:\WINDOWS\system32\ctc.json

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-10-25 06:58 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-25 06:54 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-10-25 06:54 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-10-25 06:25 - 2024-09-05 18:59 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-25 01:25 - 2024-09-05 19:29 - 000000000 ____D C:\Program Files (x86)\Steam
2024-10-25 01:25 - 2024-09-05 18:06 - 000000000 ____D C:\ProgramData\NVIDIA
2024-10-25 00:19 - 2024-09-06 00:10 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-10-25 00:13 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2024-10-25 00:07 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-10-25 00:06 - 2024-04-01 09:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-10-25 00:06 - 2022-05-07 06:36 - 000012288 ___SH C:\DumpStack.log.tmp
2024-10-24 23:22 - 2022-05-07 07:13 - 000000000 ___RD C:\Users\alexf\OneDrive
2024-10-24 23:22 - 2022-05-07 07:11 - 000000000 ____D C:\Users\alexf\AppData\Local\Packages
2024-10-24 23:22 - 2022-05-07 06:37 - 000000000 ____D C:\ProgramData\Packages
2024-10-24 23:05 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2024-10-24 23:05 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2024-10-24 22:45 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\OCR
2024-10-24 22:44 - 2024-09-05 19:16 - 000000000 ____D C:\ProgramData\Package Cache
2024-10-24 22:41 - 2024-09-06 12:41 - 000000000 ____D C:\Users\alexf\AppData\Local\CrashDumps
2024-10-24 22:40 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-24 20:11 - 2024-09-06 13:19 - 000000130 _____ C:\Users\alexf\AppData\LocalLow\e53c766679b7063038c30daa81aa3ac8a6e44b2cd8630b0c362fec30f4afd0a9
2024-10-24 20:10 - 2024-09-06 13:17 - 000000000 ____D C:\Users\alexf\AppData\Roaming\.minecraft
2024-10-24 16:52 - 2022-05-07 07:14 - 000000000 ____D C:\Users\alexf\AppData\Local\D3DSCache
2024-10-22 17:35 - 2024-09-15 14:21 - 000000130 _____ C:\Users\alexf\AppData\LocalLow\da65008ffc7068591cc0826318ffb1cd2e25947a56a0835b592c008e33e07619
2024-10-22 07:36 - 2024-09-16 10:30 - 000001514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2024-10-22 07:36 - 2024-09-10 10:25 - 000092376 _____ C:\ProgramData\agent.update.1725956750.bdinstall.v2.bin
2024-10-22 07:36 - 2024-09-10 10:24 - 000145184 _____ C:\ProgramData\agent.1725956658.bdinstall.v2.bin
2024-10-22 07:36 - 2024-09-05 19:08 - 000001272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2024-10-22 07:32 - 2024-09-10 10:31 - 000697856 _____ C:\ProgramData\cl.1725956828.bdinstall.v2.bin
2024-10-22 07:11 - 2024-09-06 19:38 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Badlion Client
2024-10-22 06:42 - 2024-09-07 17:50 - 000000000 ____D C:\Users\alexf\AppData\Local\Overwolf
2024-10-21 07:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\appcompat
2024-10-20 23:55 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2024-10-20 23:42 - 2024-04-01 09:21 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2024-10-20 23:38 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Windows NT
2024-10-20 23:38 - 2022-05-07 07:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-10-20 21:08 - 2024-04-01 09:26 - 000000000 ___RD C:\Program Files\Windows Defender
2024-10-20 21:07 - 2024-09-05 23:43 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-20 21:06 - 2024-04-01 09:26 - 000000000 __RHD C:\Users\Public\Libraries
2024-10-20 21:06 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-10-20 21:05 - 2024-09-10 10:30 - 000000000 ____D C:\WINDOWS\system32\elambkup
2024-10-20 21:05 - 2024-09-10 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2024-10-20 21:05 - 2024-09-08 18:22 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Play Games
2024-10-20 21:05 - 2024-09-08 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Play Games
2024-10-20 21:05 - 2024-09-07 17:51 - 000000000 ____D C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-10-20 21:05 - 2024-09-05 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-10-20 21:05 - 2024-09-05 18:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-10-20 21:05 - 2024-04-01 18:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-10-20 21:05 - 2024-04-01 09:26 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-10-20 21:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-10-20 21:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\spool
2024-10-20 21:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-10-20 21:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2024-10-20 21:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2024-10-20 21:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2024-10-20 21:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-10-20 21:05 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-10-20 21:05 - 2022-05-07 12:39 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2024-10-20 21:05 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-10-20 21:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-10-20 21:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2024-10-20 20:35 - 2024-04-01 09:29 - 000000000 ____D C:\WINDOWS\Setup
2024-10-20 20:28 - 2024-04-01 09:26 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2024-10-20 20:27 - 2024-09-08 16:43 - 000000000 ____D C:\Users\enaun\AppData\Local\Packages
2024-10-20 20:26 - 2024-09-05 18:08 - 000000000 ____D C:\Program Files (x86)\MSI
2024-10-20 20:26 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\schemas
2024-10-20 20:26 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-10-20 20:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-10-20 20:22 - 2024-04-01 18:35 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-10-20 20:22 - 2024-04-01 18:35 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-10-20 20:22 - 2024-04-01 18:35 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\WUModels
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Com
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\IME
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-10-20 20:22 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2024-10-20 20:22 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2024-10-20 20:20 - 2024-04-01 18:35 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-10-20 20:20 - 2024-04-01 18:35 - 000028898 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-10-20 20:20 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-10-20 20:20 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-10-20 20:19 - 2024-04-01 09:22 - 000063064 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcLpioDMA.dll
2024-10-20 20:19 - 2024-04-01 09:22 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcPseDMA.dll
2024-10-20 20:19 - 2024-04-01 09:22 - 000062944 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtPL080.dll
2024-10-20 20:15 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2024-10-20 20:15 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2024-10-20 20:15 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2024-10-20 20:15 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2024-10-20 20:15 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\system32\winrm
2024-10-20 20:15 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\system32\WCN
2024-10-20 20:15 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\system32\slmgr
2024-10-20 20:15 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2024-10-20 20:15 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\dsc
2024-10-20 20:15 - 2024-04-01 09:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2024-10-19 12:38 - 2024-09-15 14:21 - 000000026 _____ C:\Users\alexf\AppData\LocalLow\5ee1420138684b3400e6382f3ff220b00804414f6f221e5d8766d9690a8fdab1
2024-10-17 15:59 - 2024-09-06 13:00 - 000001386 _____ C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2024-10-16 22:11 - 2022-05-07 07:12 - 000000000 ____D C:\Users\alexf\AppData\Local\PlaceholderTileLogoFolder
2024-10-16 21:05 - 2024-09-06 13:14 - 000000000 ____D C:\XboxGames
2024-10-16 17:59 - 2022-05-07 07:05 - 000000000 ___SD C:\Users\alexf\AppData\Roaming\Microsoft\Credentials
2024-10-14 15:20 - 2024-09-07 17:51 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-10-12 19:29 - 2024-09-06 18:34 - 000002264 _____ C:\Users\alexf\AppData\LocalLow\4d0fd3a1c3b18357be0a37001713ed5788fb65bf42c8206ac4818d103e6d3390
2024-10-12 16:19 - 2024-09-06 13:19 - 000000026 _____ C:\Users\alexf\AppData\LocalLow\98d0e4421e7c456cde91a4f7e96e99b339a03fde7bde428ad2a3e63a0f1c5a7a
2024-10-11 21:04 - 2022-05-07 07:13 - 000002395 _____ C:\Users\alexf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-11 19:11 - 2024-09-05 18:07 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-10-11 19:11 - 2024-09-05 18:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-10-05 02:30 - 2024-09-08 18:18 - 000000000 ____D C:\ProgramData\Google
2024-10-05 02:30 - 2024-09-08 18:18 - 000000000 ____D C:\Program Files\Google
2024-10-01 10:47 - 2024-09-06 13:14 - 002819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-10-01 10:47 - 2024-09-06 13:14 - 000775720 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-10-01 10:47 - 2024-09-06 13:14 - 000243264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-10-01 10:47 - 2024-09-06 13:14 - 000210472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-10-01 10:47 - 2024-09-06 13:14 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-10-01 10:47 - 2024-09-06 13:14 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-10-01 10:47 - 2024-09-06 13:14 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-09-25 22:26 - 2024-09-05 23:12 - 000000000 ____D C:\Users\alexf\AppData\Local\NVIDIA
2024-09-25 22:26 - 2024-09-05 23:12 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-09-25 22:26 - 2024-09-05 19:16 - 000000000 ____D C:\Users\alexf\AppData\Local\NVIDIA Corporation
2024-09-25 22:26 - 2024-09-05 18:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-09-25 22:26 - 2024-09-05 18:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation

==================== FLock ==============================

2022-05-07 06:36 C:\WINDOWS\system32\config\BFS

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

boobie 25.10.2024 06:14
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2024
durchgeführt von alexf (25-10-2024 06:59:29)
Gestartet von C:\Users\alexf\OneDrive\Desktop
Microsoft Windows 11 Home Version 24H2 26100.2033 (X64) (2024-10-20 21:38:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-4165446667-139938376-1288695477-500 - Administrator - Disabled)
alexf (S-1-5-21-4165446667-139938376-1288695477-1001 - Administrator - Enabled) => C:\Users\alexf
DefaultAccount (S-1-5-21-4165446667-139938376-1288695477-503 - Limited - Disabled)
enaun (S-1-5-21-4165446667-139938376-1288695477-1002 - Limited - Enabled) => C:\Users\enaun
Gast (S-1-5-21-4165446667-139938376-1288695477-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4165446667-139938376-1288695477-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Bitdefender Virenschutz (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {37623117-A018-E2F0-08DD-DD91CABD1259}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ASUS Ambient HAL (HKLM\...\{127BAA1F-BF99-457D-92AD-DCCD7698B294}) (Version: 4.2.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{984fc5fa-e6ab-4cfa-880b-81b5db4f8b4b}) (Version: 4.2.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
AURA DRAM Component (HKLM\...\{B6B3BA9B-2FA3-4B3A-9C3A-0945B89E725C}) (Version: 1.1.27 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{9983b059-3dd9-449a-80e6-bcb45c840bdf}) (Version: 1.1.27 - ASUS) Hidden
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 4.4.0 - Badlion)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.286 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 27.0.41.194 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 27.1.4.2 - Bitdefender)
CurseForge (HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 1.263.2.779 - Overwolf app)
Discord (HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Discord) (Version: 1.0.9166 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.314.0.5827 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{3a68de82-953f-4d29-b5ce-8ca39c0688c4}) (Version: 13.314.0.5827 - Electronic Arts)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.53.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{34c42fa7-d8b5-4396-b5d0-5e377ca5c3ad}) (Version: 1.1.53.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0d380ad9-daa5-4680-ada2-dc3ed9207e16}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{5F15891E-8342-47CD-AFFF-89211CFC04D0}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Google Play Spiele (Beta) (HKLM\...\GooglePlayGames) (Version: 24.9.1554.1 - Google LLC)
Java 8 Update 431 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180431F0}) (Version: 8.0.4310.10 - Oracle Corporation)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{afab10dc-c1d5-45c1-ad91-fe33af8ac488}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.7.625196 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 130.0.2849.46 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 130.0.2849.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\OneDriveSetup.exe) (Version: 24.186.0915.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4165446667-139938376-1288695477-1002\...\OneDriveSetup.exe) (Version: 24.166.0818.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
NVIDIA FrameView SDK 1.4.10316.34570960 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.10316.34570960 - NVIDIA Corporation)
NVIDIA Grafiktreiber 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
NVIDIA-App 10.0.2.210 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 10.0.2.210 - NVIDIA Corporation)
Opera Stable 114.0.5282.102 (HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Opera 114.0.5282.102) (Version: 114.0.5282.102 - Opera Software)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.260.0.8 - Overwolf Ltd.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{55993b50-5bec-47c8-8b2b-1aecad927e48}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.5.20 - Rainmeter)
Riot Client  (HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\Riot Game Riot_Client.) (Version:  - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.7 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{9a732423-e2f4-47d0-87ab-ef745c7dba69}) (Version: 1.0.0.7 - PD) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden

Packages:
=========

@{MicrosoftWindows.LKG.AccountsService_1000.22621.4317.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.LKG.AccountsService/resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-10-20] (Microsoft Windows)
@{MicrosoftWindows.LKG.IrisService_1000.22621.4317.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.LKG.IrisService/resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-10-20] (Microsoft Windows)
@{MicrosoftWindows.LKG.TwinSxS_1000.22621.4317.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.LKG.TwinSxS/resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.TwinSxS_cw5n1h2txyewy [2024-10-20] (Microsoft Windows)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5635.0_x64__8j3eq9eme6ctt [2024-09-25] (INTEL CORP) [Startup Task]
Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2024-10-24] (Sparse Package)
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2024-10-25] (Bitdefender)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_21.1.3.0_x86__m9bz608c1b9ra [2024-10-18] (Nordcurrent)
Cooking Simulator Windows -> C:\Program Files\WindowsApps\BigCheeseStudio.CookingSimulatorWindows_1.0.11.0_x64__j479vfd09vc9j [2024-10-16] (Big Cheese Studio)
FarmVille 2: Country Escape -> C:\Program Files\WindowsApps\D52A8D61.FarmVille2CountryEscape_26.4.92.0_x64__jwbwg6xx0377a [2024-10-01] (Zynga Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-09-08] (Microsoft Corp.)
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.7.9181.0_x86__8wekyb3d8bbwe [2024-10-01] (Microsoft Studios)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24135.300.2876.2873_x64__8wekyb3d8bbwe [2024-10-20] (Microsoft) [Startup Task]
Microsoft.ApplicationCompatibilityEnhancements -> C:\Program Files\WindowsApps\Microsoft.ApplicationCompatibilityEnhancements_1.2405.3.0_x64__8wekyb3d8bbwe [2024-10-21] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.2331.0_x64__8wekyb3d8bbwe [2024-10-22] (Microsoft Corporation)
Microsoft.AVCEncoderVideoExtension -> C:\Program Files\WindowsApps\Microsoft.AVCEncoderVideoExtension_1.1.3.0_x64__8wekyb3d8bbwe [2024-10-21] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-10-18] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-10-20] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.168.0_x64__8wekyb3d8bbwe [2024-09-28] (Microsoft Corporation) [Startup Task]
Microsoft.Windows.AugLoop.CBS -> C:\Windows\SystemApps\Microsoft.Windows.AugLoop.CBS_8wekyb3d8bbwe [2024-10-20] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24092.24.0_x64__cw5n1h2txyewy [2024-10-19] (Microsoft Windows) [Startup Task]
Minecraft for Windows -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.21.4101.0_x64__8wekyb3d8bbwe [2024-10-23] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_2.0.16.0_x64__8wekyb3d8bbwe [2024-09-07] (Microsoft Studios)
Mozilla Firefox -> C:\Program Files\WindowsApps\Mozilla.Firefox_131.0.3.0_x64__n80bbvh6b1yt2 [2024-10-18] (Mozilla) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-09-05] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-10-20] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0 [2024-10-12] (Spotify AB) [Startup Task]
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2024.1.0.0_x64__v826wp6bftszj [2024-09-16] (Charles Milette) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm [2024-10-11] (WhatsApp Inc.) [Startup Task]
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe [2024-09-08] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-10-20] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-10-20] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.TwinSxS_cw5n1h2txyewy [2024-10-20] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.AIX_cw5n1h2txyewy [2024-10-20] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy [2024-10-20] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Photon_cw5n1h2txyewy [2024-10-20] (Microsoft Windows)
Windows-Fotoanzeige -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-09-18] (Microsoft Corporation) [Startup Task]

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4165446667-139938376-1288695477-1001_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\nvshext.dll [2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2024-10-05 02:30 - 2024-10-01 17:46 - 001006080 _____ () [Datei ist nicht signiert] C:\Program Files\Google\Play Games Services\Current\Service\libcrash_native_asset.so
2024-10-05 02:30 - 2024-10-01 17:46 - 004441088 _____ () [Datei ist nicht signiert] C:\Program Files\Google\Play Games Services\Current\Service\libmanifest_native_asset.so
2024-10-05 02:30 - 2024-10-01 17:46 - 004481024 _____ () [Datei ist nicht signiert] C:\Program Files\Google\Play Games Services\Current\Service\libmetrics_recorder_asset.so
2024-10-05 02:30 - 2024-10-01 17:46 - 011020288 _____ () [Datei ist nicht signiert] C:\Program Files\Google\Play Games Services\Current\Service\libportable_phenotype_asset.so
2024-10-05 02:30 - 2024-10-01 17:46 - 000545280 _____ () [Datei ist nicht signiert] C:\Program Files\Google\Play Games Services\Current\Service\libsystem_monitor_ffi.so
2024-10-05 02:30 - 2024-10-01 17:46 - 000538112 _____ () [Datei ist nicht signiert] C:\Program Files\Google\Play Games Services\Current\Service\libwin32_ffi.so
2024-09-25 22:26 - 2024-09-25 22:26 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\PlugIns\NVIDIA app\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2024-09-25 22:26 - 2024-09-25 22:26 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2024-08-27 17:25 - 2024-08-27 17:25 - 002612152 _____ (Rainmeter Team -> Rainmeter) [Datei ist nicht signiert] C:\Users\alexf\Downloads\Rainmeter.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\alexf\OneDrive\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\alexf\OneDrive\Desktop\TechnicLauncher.exe:BDU [0]
AlternateDataStreams: C:\Users\alexf\Downloads\adwcleaner.exe:BDU [0]
AlternateDataStreams: C:\Users\alexf\Downloads\DiscordSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\alexf\Downloads\fabric-installer-1.0.1(1).exe:BDU [0]
AlternateDataStreams: C:\Users\alexf\Downloads\fabric-installer-1.0.1.exe:BDU [0]
AlternateDataStreams: C:\Users\alexf\Downloads\Install League of Legends euw.exe:BDU [0]
AlternateDataStreams: C:\Users\alexf\Downloads\lghub_installer.exe:BDU [0]
AlternateDataStreams: C:\Users\alexf\Downloads\Rainmeter-4.5.20.exe:BDU [0]
AlternateDataStreams: C:\ProgramData\agent.1725956658.bdinstall.v2.bin:9BF9AA2233 [3442]
AlternateDataStreams: C:\ProgramData\agent.update.1725956750.bdinstall.v2.bin:A8219D5506 [3442]
AlternateDataStreams: C:\ProgramData\cl.1725956828.bdinstall.v2.bin:17760F5126 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk:1219A9EFD8 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7016]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cdd.dll => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{13cfe1b1-6b17-424c-ac3f-16ace8733898} => ""="I3C devices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cdd.dll => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ExecutionContext.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netadaptercx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinHttpAutoProxySvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{13cfe1b1-6b17-424c-ac3f-16ace8733898} => ""="I3C devices"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_431\bin\ssv.dll [2024-09-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_431\bin\jp2ssv.dll [2024-09-30] (Oracle America, Inc. -> Oracle Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\localhost -> localhost

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2024-09-10 13:16 - 2024-09-10 13:16 - 000000929 _____ C:\WINDOWS\system32\drivers\etc\hosts
18.173.154.8 1uzxr3b3jraw5nlmnvbsikiioud2vilw5.web-networking.com
44.237.137.97 geoip.pango-paas.co

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-4165446667-139938376-1288695477-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\enaun\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt640x64.sys
WLAN: Intel(R) Wi-Fi 6E AX211 160MHz -> Netwtw14.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run: => "Bdagent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\StartupApproved\Run: => "Badlion Client"
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\StartupApproved\Run: => "LGHUB"
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_9492D799C07693992FE914071B5FB0C5"
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-4165446667-139938376-1288695477-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{4082A9B6-284A-41C7-8647-A3AF05BFFD54}C:\users\alexf\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Block) C:\users\alexf\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [TCP Query User{959C32A1-0763-44C7-9451-5A5E08D7F23B}C:\users\alexf\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Block) C:\users\alexf\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [UDP Query User{760D06C0-6473-4B01-9601-C80F372D1814}C:\users\alexf\appdata\local\discord\app-1.0.9166\discord.exe] => (Allow) C:\users\alexf\appdata\local\discord\app-1.0.9166\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [TCP Query User{15FA70AC-41D0-4490-96F6-96152046AEDF}C:\users\alexf\appdata\local\discord\app-1.0.9166\discord.exe] => (Allow) C:\users\alexf\appdata\local\discord\app-1.0.9166\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{F06C0188-8F3F-4B19-8A05-0C2E4D85DF7D}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{0E25B7AA-BD6E-4C57-B66E-95C19D75B108}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{B9A17963-878C-4BBF-89FE-0A42726A46B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saiko no sutoka\Saiko no sutoka.exe () [Datei ist nicht signiert]
FirewallRules: [{BE8674D3-2D9D-46A3-B75A-478D740E7192}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saiko no sutoka\Saiko no sutoka.exe () [Datei ist nicht signiert]
FirewallRules: [{2A7C9B80-59C2-42E4-AB5A-9C3A37FF8958}] => (Allow) C:\Program Files (x86)\Overwolf\0.260.0.8\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FB069B3B-84C5-4151-8F0F-1ECF88C1F2B5}] => (Allow) C:\Program Files (x86)\Overwolf\0.260.0.8\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F9A33D67-1062-4687-ACB0-90D35AF8B5C3}] => (Block) C:\Program Files (x86)\Overwolf\0.258.1.7\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{9279D9CE-CB60-4B65-A234-C7499098FCD8}] => (Block) C:\Program Files (x86)\Overwolf\0.258.1.7\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{3066EE00-909C-4810-B1F5-23D4A29868ED}] => (Allow) C:\Program Files (x86)\Overwolf\0.258.1.7\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{68D9526F-D9AD-4C9E-883A-08DCA603B939}] => (Allow) C:\Program Files (x86)\Overwolf\0.258.1.7\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{0F3413B1-EB35-41DE-B451-4496A195EB64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{15FAA736-AAB7-4DB9-A26B-872BC9EC6794}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1760FE43-52D3-4EA5-B730-FDBB356DEB8D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C60F0E65-5C97-4B34-90C8-732FD757B525}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6AC3921A-8F49-4884-97B0-27A2D494CACC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AFFD8955-D4ED-45B4-A0A0-34A902888BA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4B051BF-B9CB-4049-8A4E-14D6BB385C9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DF70839E-1C04-4618-BF19-51AE18103EC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1BEAD120-211C-4B00-9903-09BF5A62C400}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{68B6FC04-CF58-498B-BC0E-93FB6BCA1EE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FC253555-28B3-4C4D-807F-9388A66923F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Escape Room - The Sick Colleague\Escape Room.exe () [Datei ist nicht signiert]
FirewallRules: [{C2AF4831-8C01-4C4B-9E15-13B60FAC5FF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Escape Room - The Sick Colleague\Escape Room.exe () [Datei ist nicht signiert]
FirewallRules: [{E442D21F-F5C5-4B88-A2A4-FD457B88388A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief Simulator\thief.exe () [Datei ist nicht signiert]
FirewallRules: [{9C08DEE3-CAEF-4FD3-AFE7-ACBFE999A2B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief Simulator\thief.exe () [Datei ist nicht signiert]
FirewallRules: [{2008CD97-0FA4-4BA2-A165-D5FE97FFAA42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\We Become What We Behold\We-Become-What-We-Behold.exe (Mismatch Studio) [Datei ist nicht signiert]
FirewallRules: [{50000E60-C9DF-415D-ABBE-3CA95255E75C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\We Become What We Behold\We-Become-What-We-Behold.exe (Mismatch Studio) [Datei ist nicht signiert]
FirewallRules: [{D62190FA-FD75-4B3F-8E2B-294C09E13412}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> )
FirewallRules: [{12471AE1-EA6F-4DBD-9EFB-D7B5DBF4D0A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> )
FirewallRules: [{B66006BA-67BF-49D4-98DD-BC6B271F8E07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [Datei ist nicht signiert]
FirewallRules: [{5F88E35D-3418-4399-A00A-5E0F911872C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [Datei ist nicht signiert]
FirewallRules: [{F909DBE3-F50B-4DAC-B5D0-1967F09830B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Purple Place\Purple Place.exe () [Datei ist nicht signiert]
FirewallRules: [{4390D9AC-CBBC-4804-AF55-9359FEF94198}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Purple Place\Purple Place.exe () [Datei ist nicht signiert]
FirewallRules: [{6A1F30C4-DE7E-4560-9738-C1A19EFF9937}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Retail Company Simulator Prologue\RetailCompanySim.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{AAC0B188-539F-45BC-BD3B-CCDF2BEB6F08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Retail Company Simulator Prologue\RetailCompanySim.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{1A3144DA-0E6B-4524-BEBE-0FFBC459CAFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fears to Fathom - Episode 1\Fears To Fathom.exe () [Datei ist nicht signiert]
FirewallRules: [{8075D5F5-15AA-4E48-AC4E-B0445EC7C885}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fears to Fathom - Episode 1\Fears To Fathom.exe () [Datei ist nicht signiert]
FirewallRules: [{3670AC61-B7C6-44CF-8E43-4B71971609C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe () [Datei ist nicht signiert]
FirewallRules: [{ED26611D-CDA3-42F0-B69E-59AFEAC2D885}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{A4BF8553-380C-4BF4-895A-B1E86166F746}C:\users\alexf\appdata\roaming\badlion client\data\jdk-17.0.8\bin\javaw.exe] => (Allow) C:\users\alexf\appdata\roaming\badlion client\data\jdk-17.0.8\bin\javaw.exe
FirewallRules: [TCP Query User{BF685D5E-21E2-442D-B882-AE9BAC40E69E}C:\users\alexf\appdata\roaming\badlion client\data\jdk-17.0.8\bin\javaw.exe] => (Allow) C:\users\alexf\appdata\roaming\badlion client\data\jdk-17.0.8\bin\javaw.exe
FirewallRules: [UDP Query User{2982AECB-AF56-43B3-BFAD-B98D17F14BDD}C:\users\alexf\appdata\roaming\badlion client\data\jdk-21.0.2\bin\javaw.exe] => (Allow) C:\users\alexf\appdata\roaming\badlion client\data\jdk-21.0.2\bin\javaw.exe
FirewallRules: [TCP Query User{1B719BE1-5EEE-4CBB-9E80-C5B1F13AD738}C:\users\alexf\appdata\roaming\badlion client\data\jdk-21.0.2\bin\javaw.exe] => (Allow) C:\users\alexf\appdata\roaming\badlion client\data\jdk-21.0.2\bin\javaw.exe
FirewallRules: [UDP Query User{C5E84A21-97E2-48EC-979A-DBB4DDFB18D9}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (ESL Gaming Online, Inc. -> Badlion)
FirewallRules: [TCP Query User{D184892A-7DBE-4DA3-A770-EA10A1D267E9}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (ESL Gaming Online, Inc. -> Badlion)
FirewallRules: [{6C18AF53-124A-4BF9-8407-35D8BBD11DAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{347841A8-90E5-4893-ACBB-9EBBD18DB484}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{31C2F671-DC26-4D51-BCFB-B534B459308B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A6D1C50C-0700-44ED-A246-6D2817ED02B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B31856AE-E846-4C76-BA48-1EB34ED9CE2E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2A7AE230-6AAB-435A-8229-5354CD4F6778}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9B80F080-5F71-4B12-B1BF-6A193BB10412}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24135.300.2876.2873_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63C125ED-DFE9-413B-B3F9-2AA4F965B78D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24135.300.2876.2873_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ED15C97E-2C75-4E5D-BBE5-58BD6A3AC2A8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0D38B0B2-4FA9-4F33-8725-F080033570D9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7B8D272E-B53D-4B02-819C-FFE0291AF72C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2F9083F3-EAC3-4A03-956E-B2D8555D13FD}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{93F88A76-EF5A-45B0-AA9C-0B1E7A051883}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0291F87D-1692-438B-9D6D-D2F4A7E8092A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0C331564-02CF-457C-AEA5-70C6AF4DE0D4}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{11BEEA7E-5B41-48E5-8931-588FB0B5A195}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{42626740-B9A6-4282-8EA9-0B242F20CC72}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A983B585-A547-4632-BE8A-F6AAF6951276}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{98AEF6B3-DCF8-4861-B6C4-3A33256F18EF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{8F94CE91-DE27-4B6E-A5F6-DAE90124D99E}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{BADC1503-01F1-44F3-840A-DB34E6099900}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{FE9DB55C-E492-4185-BD0E-2803C8129B6C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30D1DBB3-3A13-4C6F-B75B-225C6EB72419}] => (Allow) C:\Users\alexf\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => Keine Datei
FirewallRules: [{9B2EC733-47E5-468B-93A5-8B0157362402}] => (Allow) C:\Users\alexf\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => Keine Datei
FirewallRules: [{A9249DB3-EE17-4A57-8BFE-0D4112B40920}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{61393ADE-4568-4BAE-9DA7-77A3065E4AB9}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{16291EBE-DAA4-4F28-B831-01C1FABCB1EA}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{81AEC935-E88A-46AB-88C7-B7573A5D906C}] => (Allow) C:\program files\asus\aacambienthal\aacambientlighting.exe (ASUSTeK COMPUTER INC. -> )

==================== Wiederherstellungspunkte =========================

21-10-2024 01:39:44 Windows Update
21-10-2024 01:39:46 Windows Update
21-10-2024 01:39:53 Windows Update
22-10-2024 06:57:22 DirectX wurde installiert
24-10-2024 22:23:28 Win_Riser_Restore_Point
25-10-2024 06:50:07 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (10/24/2024 10:41:15 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: BEBALEIN-GAMING)
Description: Die Anwendung oder der Dienst "ARMOURY CRATE Service" konnte nicht neu gestartet werden.

Error: (10/24/2024 10:41:04 PM) (Source: Application Error) (EventID: 1000) (User: BEBALEIN-GAMING)
Description: Fehlerhafter Anwendungsname: ArmouryCrate.UserSessionHelper.exe, Version: 5.7.0.0, Zeitstempel: 0x66c2d02d
Fehlerhafter Modulname: ntdll.dll, Version: 10.0.26100.2033, Zeitstempel: 0x9b03969e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000000000009da95
Fehlerhafte Prozess-ID: 0x68d0
Fehlerhafte Anwendungsstartzeit: 0x1db2653bff0c60f
Fehlerhafter Anwendungspfad: C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
Fehlerhafter Modulpfad: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichts-ID: 688220d3-141c-4d42-b8fb-64beebae5ce0
Vollständiger Name des fehlerhaften Pakets:
Fehlerhafte paketbezogene Anwendungs-ID:

Error: (10/24/2024 10:18:22 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: BEBALEIN-GAMING)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).

Error: (10/24/2024 07:50:29 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\BEBALEIN-GAMING$ über https://INTC-KeyId-ea950d987bcff0df9aac1feffb8ab4803fef2ca2.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(15ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (10/22/2024 07:12:01 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.]


Systemfehler:
=============
Error: (10/25/2024 12:09:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bitdefender VPN-Kerndienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/25/2024 12:09:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/25/2024 12:09:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Content Protection HDCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/25/2024 12:09:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Bitdefender Agent RedLine Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/25/2024 12:09:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Graphics Command Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/25/2024 12:09:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/25/2024 12:09:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ProductAgentService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/25/2024 12:09:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bitdefender VPN-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===============
Date: 2024-10-25 06:54:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267059357120000000\antimalware_provider64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends International, LLC. H.70 03/27/2024
Hauptplatine: Micro-Star International Co., Ltd. B760 GAMING PLUS WIFI (MS-7D98)
Prozessor: 13th Gen Intel(R) Core(TM) i9-13900K
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 32543.7 MB
Verfügbarer physikalischer RAM: 21440.22 MB
Summe virtueller Speicher: 34591.7 MB
Verfügbarer virtueller Speicher: 20838.79 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.63 GB) (Free:602.19 GB) (Model: Samsung SSD 980 PRO 1TB) NTFS

\\?\Volume{205f9e48-e226-44fb-9a8a-75b0cb6bef23}\ () (Fixed) (Total:0.76 GB) (Free:0.2 GB) NTFS
\\?\Volume{7027cc50-9ea3-404d-95c6-a78a80210af9}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

deeprybka 25.10.2024 20:17
Alles klar Chef, bekommen wir schon hin! :abklatsch:
Bitte am PC jetzt keine eigenen Veränderungen mehr vornehmen. Bevor wir fixen machen wir noch einen ESET-Scan. Falls der Bitdefender rumzickt - den ruhig stellen.

https://www.trojaner-board.de/186277...ml#post1662181

boobie 26.10.2024 07:01
Hier wäre dann die Log datei vom ESET scan. Seit gestern Abend wird mir die besagte Meldung nicht mehr angezeigt (es wurden auch keinerlei Änderungen von mir vorgenommen).

Code:
<?xml version="1.0" encoding="utf-8" ?>
<ESET>
  <LOG>
    <RECORD>
      <COLUMN NAME="Log">Scan-Log</COLUMN>
    </RECORD>
    <RECORD>
      <COLUMN NAME="Log">Version der Erkennungsroutine: 30116 (20241025)</COLUMN>
    </RECORD>
    <RECORD>
      <COLUMN NAME="Log">Datum: 26.10.2024  Uhrzeit: 06:47:13</COLUMN>
    </RECORD>
    <RECORD>
      <COLUMN NAME="Log">Gescannte Laufwerke, Ordner und Dateien: Arbeitsspeicher;C:\Bootsektoren/UEFI;C:\;WMI-Datenbank;System-Registry</COLUMN>
    </RECORD>
    <RECORD>
      <COLUMN NAME="Log">Benutzer: BEBALEIN-GAMING\alexf</COLUMN>
    </RECORD>
    <RECORD>
      <COLUMN NAME="Log">Gescannte Objekte: 0</COLUMN>
    </RECORD>
    <RECORD>
      <COLUMN NAME="Log">Anzahl der Ereignisse: 0</COLUMN>
    </RECORD>
    <RECORD>
      <COLUMN NAME="Log">Abgeschlossen: 07:48:21  Benötigte Zeit: 3668 Sek. (01:01:08)</COLUMN>
    </RECORD>
 </LOG>
</ESET>

deeprybka 26.10.2024 22:53
Hi,
schau Dir bitte nochmal die Anleitung von ESET henau an. Die Log-Datei sieht normal anders aus.
Anyway, poste mir bitte nochmal frische FRST-Scans.

M-K-D-B 31.10.2024 12:45
Fehlende Rückmeldung
Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten.
Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Alle anderen bitte hier klicken und ein eigenes Thema erstellen!


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:18 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27