Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 11: Policy in Edge Und Chrome Browser nicht deaktivierbar, lädt Beautiful New Tab(Edge) und Qtr Search(Chrome) Hijacker Erweiterung

Windows 11: Policy in Edge Und Chrome Browser nicht deaktivierbar, lädt Beautiful New Tab(Edge) und Qtr Search(Chrome) Hijacker Erweiterung


Log-Analyse und Auswertung: Windows 11: Policy in Edge Und Chrome Browser nicht deaktivierbar, lädt Beautiful New Tab(Edge) und Qtr Search(Chrome) Hijacker Erweiterung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 23.07.2024, 13:38   #1
sky44
 
Windows 11: Policy in Edge Und Chrome Browser nicht deaktivierbar, lädt Beautiful New Tab(Edge) und Qtr Search(Chrome) Hijacker Erweiterung - Beitrag

Windows 11: Policy in Edge Und Chrome Browser nicht deaktivierbar, lädt Beautiful New Tab(Edge) und Qtr Search(Chrome) Hijacker Erweiterung


Hallo zusammen,

auf unserem Familien Compter, haben wir uns scheinbar zwei Browser Hijacker, eingefangen:

Symptome:
Edge:
1. Edge Browser Richtlinie (edge://policy) ExtensionInstallForceList aktiviert sich immer wieder

2. Edge Erweiterung "Beautiful New Tab" installiert sich selbständig und ist nicht deaktivier- oder löschbar

Chrome:
1. Chrome Browser Richtlinie (Chrome://policy) ExtensionInstallForceList aktiviert sich immer wieder

2. Chrome Erweiterung "Qtr Search" installiert sich selbständig und ist nicht deaktivier- oder löschbar


Bisherige ergebnislose Lösungsversuche:
1. Scans mit Windows Defender
2. Scans mit Malwarebytes Anti-Malware & adwcleaner

Beobachtungen:
1. "Beautiful New Tab" Erweiterung schreibt sich in der Registry in:

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\ExtensionInstallForcelist


2. "Qtr Search" Erweiterung schreibt sich in der Registry in:

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist


3. Löschung des gesamten Keys inkl. "ExtensionInstallforceList" wirkt zumindest soweit, dass die Meldung im Edge Browser "Von Ihrer Organisation verwaltet" für einige Zeit (Zeitraum nicht gemessen, ggf. ca 1h oder wenig) verschwindet.
Danach taucht wieder "Von Ihrer Organisation verwaltet" auf

Die "ApplicationInstallForceList" Policy aktiviert sich weiterhin immer wieder...


Rahmenbedingungen:
- Windows 11 Home
- Aktuelles Patchlevel
- Windows Defender aktiv, aktuell und nach Beschreibung im Trojaner-Board, eingestellt
- Kein Defender Application Guard (Service nicht installiert)


FRST Log:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2024
durchgeführt von skysc (Administrator) auf SKYSGAMINGPC-CA (Micro-Star International Co., Ltd. MS-7C56) (22-07-2024 21:17:59)
Gestartet von C:\Users\skysc\Downloads\Neuer Ordner\FRST64 (1).exe
Geladene Profile: skysc
Plattform: Microsoft Windows 11 Home Version 23H2 22631.3880 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.38.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler64.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.254.0.13\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.254.0.13\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.254.0.13\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\skysc\AppData\Local\Overwolf\ProcessCache\0.254.0.13\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.CropAndLock.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\WinUI3Apps\PowerToys.Peek.UI.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.16300.20.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.113\msedgewebview2.exe <6>
(C:\Users\skysc\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\skysc\AppData\Local\Programs\Opera GX\109.0.5097.142\opera_crashreporter.exe
(Discord Inc. -> Discord Inc.) C:\ProgramData\skysc\Discord\app-1.0.9154\Discord.exe <6>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(explorer.exe ->) (Moonsworth, LLC -> Moonsworth LLC) C:\Users\skysc\AppData\Local\Programs\launcher\Lunar Client.exe <4>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Users\skysc\AppData\Local\Programs\Opera GX\opera.exe <41>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (RealDefense, LLC -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1803724721d1a34c\RtkAudUService64.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Samsung\Easy Connection to Screen\Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (6099D0EF-9374-47ED-BDFE-A82136831235 -> File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(svchost.exe ->) (A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> ) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.15.0_x64__kzh8wxbdkxb8p\Gamebar_Widget.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.132.0701.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.16300.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <10>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI Center\GameBar\MSI_GamebarTool.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Copyright © 2020 Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\GameBar\TraceFPS.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Speed Up\StorageMonitor.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1803724721d1a34c\RtkAudUService64.exe [1945544 2024-02-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [MSIRegister] => C:\Program Files (x86)\MSI\MSIRegister\MSIRegister.exe [1266864 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919312 2024-07-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-07-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [Opera GX Stable] => C:\Users\skysc\AppData\Local\Programs\Opera GX\launcher.exe [2273696 2024-06-18] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\skysc\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1832968 2024-07-08] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37550568 2024-06-21] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [Discord] => C:\ProgramData\skysc\Discord\Update.exe [1525024 2023-11-06] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [] => [X]
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [MicrosoftEdgeAutoLaunch_E457065EC9FFC031D52374F8B9832F00] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883472 2024-07-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11248160 2024-04-29] (RealDefense LLC -> SUPERAntiSpyware)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1001\...\Run: [Lunar Client] => C:\Users\skysc\AppData\Local\Programs\launcher\Lunar Client.exe [176849464 2024-07-22] (Moonsworth, LLC -> Moonsworth LLC)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1002\...\Run: [MicrosoftEdgeAutoLaunch_B751ED54CA5804D0129CEDA4AA0FE63C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3883472 2024-07-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1221853621-2447620182-1933698513-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919312 2024-07-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] => C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.22.9" (Keine Datei)
HKU\S-1-5-18\...\Run: [Norton Download ManagerFORCE_UPGRADE_22_23_5] => C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.23.5" (Keine Datei)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.182\Installer\chrmstp.exe [2024-07-17] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\126.1.67.134\Installer\chrmstp.exe [2024-07-17] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {31A29B33-2F9D-4E5A-B113-C2F9AE0A2F8D} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{DFB371DD-43E6-4228-ACFE-FADEACBD0C31} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [166424 2024-04-14] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {FFF40F90-C4A9-480F-AF6F-95D6FE70C03E} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{A5CFE2E1-9623-44C3-B3C8-B178FBF5D7D2} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [166424 2024-04-14] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {8FE0E829-5739-4830-B8A4-8EADE5477709} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{08699C9D-C6E5-410E-854E-9120298296B0} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
Task: {7FE0D883-DA2A-4259-AA1B-F2D690708800} - System32\Tasks\KondSerp_OptimizerV2 => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [450560 2024-02-14] (Microsoft Windows -> Microsoft Corporation) -> -File C:/Windows/System32/KondSerp_Optimizer.ps1 <==== ACHTUNG
Task: {C4F8F6AF-D8BB-46EB-BA88-43F5FDF7B4B3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {506BA0A8-DADC-4595-B0DA-A7691B71C178} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4EE6DC46-FA2C-42D4-A227-D1C2A6DDD040} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115584 2022-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {56EC0CC9-972B-4DAD-9FA5-3B9402190B3A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115584 2022-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {880B02F1-E7D2-498A-9A96-8D3CAE66DE9D} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\Windows\system32\rundll32.exe [90112 2024-07-09] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {28ABD9F2-6737-46AD-8E0C-DDC433A2E213} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EF0A3A8E-574C-4DCB-BFF6-6812FDD96FDA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF3E2465-DBAF-44DE-9296-EBE42160D27D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EEBEA335-5213-497F-BC43-9876DE8688BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B0F24A60-5E79-4210-B730-A2F79708048A} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2676840 2023-12-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {357123E4-3248-405C-B227-A69F3326D479} - System32\Tasks\MSI Task Host - MSI_GamebarTool => C:\Program Files (x86)\MSI\MSI Center\GameBar\MSI_GamebarTool.exe [81208 2021-09-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {AC26D83B-FCAF-453F-95DE-FE3F8465C2AA} - System32\Tasks\MSI Task Host - TraceFPS => C:\Program Files (x86)\MSI\MSI Center\GameBar\TraceFPS.exe [2780144 2021-01-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Copyright © 2020 Micro-Star INT'L CO., LTD.)
Task: {4BD989F5-A0B9-437E-81EE-C28C6C688B44} - System32\Tasks\MSI_GamebarConnect => "C:\Program Files (x86)\MSI\MSI Companion\Gamebar_Connect.exe"  -run (Keine Datei)
Task: {BE288D1C-D22E-4A65-B6A3-CE0B3052224E} - System32\Tasks\MSI_GamebarTool => C:\Program Files (x86)\MSI\MSI Companion\MSI_GamebarTool.exe [119392 2023-08-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {1C40815B-A056-4AC2-A931-091E03CB0218} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [31904 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {70F898CB-5077-4047-A303-A8EBC1F66A90} - System32\Tasks\MSI_TraceFPS => "C:\Program Files (x86)\MSI\MSI Companion\MSI_TraceFPS.exe"  (Keine Datei)
Task: {3F3A6A2A-6264-4493-A43D-B8A22A01190E} - System32\Tasks\Norton 360\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {CA54FDB8-6128-47BD-A0ED-C9D0BBDC5708} - System32\Tasks\Norton 360\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {85460D07-DD81-48AC-9DB8-FAEDDD9E4A9C} - System32\Tasks\Norton 360\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {0700D5B1-102A-4893-9ADA-7185056261A3} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.24.2.6\WSCStub.exe [646520 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {215D98A3-22CF-401A-B072-0FE3E4252469} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CB09D936-04C5-49C6-91A5-CD343A8088D7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6046E66B-556D-4BB5-96D7-FDFB29791D41} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {95330FA2-42F5-4B9D-BCDD-CC2BC8E9858B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EFCC5B6E-BB1B-4CFD-B824-89EA3F22A919} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EFDA8A96-B078-491E-9E03-8E76DE56ABD2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B0B1CF3B-E160-45F4-8767-2446FF93B44B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B43D8D56-45EB-4D1E-91B8-63CF957E1173} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {833377F9-8375-488D-9096-CF4605EB48C5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {15469283-290A-4C91-A80D-973776316BD4} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {54E56090-CE3D-4B15-A9F5-A7DA596CFE18} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1221853621-2447620182-1933698513-1000 => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe  /reporting (Keine Datei)
Task: {3246FB24-FF9D-4B54-95BD-653EE03503A7} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1221853621-2447620182-1933698513-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {46979F62-4655-4018-955E-9BF1D88DDF97} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1221853621-2447620182-1933698513-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {64E3E2E2-E8DF-4744-BD6F-EF5E97162EE2} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1693322873 => C:\Users\skysc\AppData\Local\Programs\Opera GX\launcher.exe [2273696 2024-06-18] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\skysc\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {CF648919-4154-44DE-BFE9-9DF87ED8EC9C} - System32\Tasks\Opera GX scheduled Autoupdate 1691520674 => C:\Users\skysc\AppData\Local\Programs\Opera GX\launcher.exe [2273696 2024-06-18] (Opera Norway AS -> Opera Software)
Task: {EBAC0C4B-4BF7-483A-BD3B-1E4EB3E0E848} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2369544 2024-07-08] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {1BC7AD52-96F9-4C93-AC9B-BFE2E3FFC697} - System32\Tasks\PowerToys\Autorun for skysc => C:\Program Files\PowerToys\PowerToys.exe [1194016 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BF364AE-DAB2-4D3F-9DAC-3D957CB25BD6} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360 for Gamers\Upgrade.exe [2353000 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {8B4CA8A8-BDAC-4447-9FE7-4ABA29333A32} - System32\Tasks\SEO => C:\Users\skysc\AppData\Roaming\SEO\SEO.exe  (Keine Datei) <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9d3406a1-6456-4e84-a9a3-a377cf7e7013}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9d3406a1-6456-4e84-a9a3-a377cf7e7013}: [DhcpDomain] Speedport_W_724V_09011603_06_010

Edge: 
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\skysc\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-19]
Edge NewTab: Default ->  Active:"chrome-extension://fepbfegljfpfclgajmjlmnhdillncgke/newtabHTML.html"
Edge Extension: (Google Docs Offline) - C:\Users\skysc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-19]
Edge Extension: (Edge relevant text changes) - C:\Users\skysc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-07-19]
Edge Profile: C:\Users\skysc\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-07-22]
Edge HomePage: Profile 1 -> hxxp://www.google.com/
Edge NewTab: Profile 1 ->  Active:"chrome-extension://fepbfegljfpfclgajmjlmnhdillncgke/newtabHTML.html"
Edge DefaultSearchURL: Profile 1 -> hxxps://www.bing.com/search?PC=U523&q={searchTerms}
Edge Extension: (Microsoft Rewards) - C:\Users\skysc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2024-07-19]
Edge Extension: (Beautiful New Tab) - C:\Users\skysc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\fepbfegljfpfclgajmjlmnhdillncgke [2024-07-22]
Edge Extension: (Google Docs Offline) - C:\Users\skysc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-19]
Edge Extension: (Edge relevant text changes) - C:\Users\skysc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-07-19]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-06-22] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\skysc\AppData\Local\Google\Chrome\User Data\Default [2024-07-22]
CHR DefaultSearchURL: Default -> hxxps://qtrsearch.com/search?q={searchTerms}&s=rg&u=%USERID%
CHR DefaultSearchKeyword: Default -> qtr
CHR DefaultSuggestURL: Default -> hxxps://qtrsearch.com/suggest?q={searchTerms}
CHR Extension: (the web) - C:\Users\skysc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdamghfpmkabflbpldhdpbbfofolgaji [2024-07-22]
CHR Extension: (Google Docs Offline) - C:\Users\skysc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\skysc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-27]

Opera: 
=======
StartMenuInternet: (HKU\S-1-5-21-1221853621-2447620182-1933698513-1001) Opera GXStable - "C:\Users\skysc\AppData\Local\Programs\Opera GX\Launcher.exe"

Brave: 
=======
BRA Profile: C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-07-20]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-07-20]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-07-20]
BRA Extension: (Brave NTP background images) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-04-14]
BRA Extension: (Brave Ads Resources) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\bbefpembgddgdihpkcidgdgiojjlchji [2024-04-14]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-07-20]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-07-20]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-07-20]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-04-14]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-07-20]
BRA Extension: (Brave Ads Resources) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2024-07-20]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2024-07-20]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-07-20]
BRA Extension: (Brave NTP sponsored images) - C:\Users\skysc\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2024-07-20]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [177392 2023-09-14] (RealDefense, LLC -> SUPERAntiSpyware.com)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-12-03] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [166424 2024-04-14] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\126.1.67.134\elevation_service.exe [2688024 2024-07-17] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [166424 2024-04-14] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988424 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
S3 ComboCleaner.Guard; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe [144616 2024-06-04] (RCS LT UAB -> RCS LT)
S3 ComboCleaner.WinService; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe [152296 2024-06-04] (RCS LT UAB -> RCS LT)
R2 Easy Connection to Screen; C:\Program Files\Samsung\Easy Connection to Screen\Service.exe [367816 2023-01-13] (Samsung Electronics CO., LTD. -> )
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-10-01] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.132.0701.0002\FileSyncHelper.exe [3522992 2024-07-20] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [347408 2023-11-30] (Underwriters Laboratories Inc. -> Futuremark)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [92768 2023-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8901528 2024-07-01] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-06-04] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpDefenderCoreService.exe [1377416 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSIREGISTER_MR; C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe [2019504 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe [142648 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe [37104 2022-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe [344888 2024-03-04] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe [1059176 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.132.0701.0002\OneDriveUpdaterService.exe [3864080 2024-07-20] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2369544 2024-07-08] (Overwolf Ltd -> Overwolf LTD)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\NisSrv.exe [3236728 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MsMpEng.exe [133688 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 DFWSIDService; C:\ProgramData\Wondershare\wsServices\WsidService.exe [X]
S2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [X]
S4 EsgShKernel; "C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe" [X]
S2 ShMonitor; "C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe" [X]
S2 WirelessBackupService; C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone Basic - Deutsch\Addins\Recovery\WirelessBackupService.exe [X]
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [800672 2023-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.23.5.106\Definitions\BASHDefs\20231204.001\BHDrvx64.sys [1706512 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1618020.006\ccSetx64.sys [198288 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [84640 2023-03-21] (Microsoft Windows Hardware Compatibility Publisher -> wch.cn)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [32296 2023-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2023-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 EnigmaFileMonDriver; C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [88736 2024-07-18] (Microsoft Windows Hardware Compatibility Publisher -> EnigmaSoft Limited)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2023-08-18] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [177056 2021-10-10] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.23.5.106\Definitions\IPSDefs\20231201.064\IDSvia64.sys [1554400 2023-10-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26168 2021-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [221264 2024-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-06-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1618020.006\nsvst.sys [57120 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [32488 2023-11-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_e41dba7ae72d1e1a\rt68cx21x64.sys [458168 2021-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [18160 2023-08-25] (RealDefense, LLC -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [15600 2023-08-25] (RealDefense, LLC -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SRTSP; C:\Windows\System32\drivers\NGCx64\1618020.006\SRTSP64.SYS [960640 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1618020.006\SRTSPX64.SYS [52864 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1618020.006\SYMEFASI64.SYS [2180248 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1618020.006\SymELAM.sys [36016 2024-03-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100328 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.23.5.106\SymPlatform\SymEvnt.sys [722400 2022-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1618020.006\Ironx64.SYS [306872 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1618020.006\symnets.sys [492720 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [633264 2022-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 UsbNcm; C:\Windows\System32\drivers\UsbNcm.sys [167936 2023-11-15] (Microsoft Windows -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21968 2024-07-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602520 2024-07-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-07-16] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1618020.006\wpCtrlDrv.sys [1016792 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-07-22 16:20 - 2024-07-22 16:20 - 000720948 _____ C:\Windows\system32\perfh007.dat
2024-07-15 17:37 - 2024-07-15 17:37 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2024-07-09 20:41 - 2024-07-09 20:41 - 000025684 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json


==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-07-22 21:18 - 2024-05-27 21:26 - 000000000 ____D C:\FRST
2024-07-22 21:18 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-07-22 21:16 - 2024-06-04 17:30 - 000000000 ____D C:\Users\skysc\AppData\Local\Malwarebytes
2024-07-22 21:14 - 2023-08-08 19:27 - 000000000 ____D C:\Users\skysc\AppData\Local\Norton
2024-07-22 21:13 - 2023-08-07 15:06 - 000000000 ____D C:\Program Files (x86)\Steam
2024-07-22 20:53 - 2023-08-08 23:11 - 000000000 ____D C:\Users\skysc\AppData\Roaming\vlc
2024-07-22 20:52 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-07-22 19:50 - 2023-08-09 20:01 - 000000000 ____D C:\Users\skysc\OneDrive\Microsoft Edge Drop Files\Dokumente\Audioaufzeichnungen
2024-07-22 19:02 - 2023-11-11 18:24 - 000000000 ____D C:\Users\skysc\AppData\Roaming\discord
2024-07-22 18:54 - 2023-08-07 14:18 - 000000000 ____D C:\Users\skysc\AppData\Local\D3DSCache
2024-07-22 17:02 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-07-22 16:20 - 2022-06-22 10:23 - 001662900 _____ C:\Windows\system32\PerfStringBackup.INI
2024-07-22 16:20 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-07-22 16:18 - 2024-04-02 21:44 - 000000000 ____D C:\Windows\system32\Tasks\Norton 360
2024-07-22 16:12 - 2023-09-19 15:17 - 000000000 ____D C:\Users\skysc\AppData\Local\Overwolf
2024-07-22 16:12 - 2023-08-07 14:12 - 000000000 ___RD C:\Users\skysc\OneDrive
2024-07-22 16:11 - 2024-06-09 14:12 - 000000000 ____D C:\Windows\system32\Tasks\PowerToys
2024-07-22 16:11 - 2023-08-21 17:42 - 000000000 ____D C:\Users\skysc\AppData\Local\CrashDumps
2024-07-22 16:11 - 2022-06-22 10:35 - 000000000 ____D C:\ProgramData\NVIDIA
2024-07-22 16:11 - 2022-06-22 10:16 - 000012288 ___SH C:\DumpStack.log.tmp
2024-07-22 16:11 - 2022-06-22 10:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-07-22 16:10 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-07-22 16:06 - 2023-08-07 17:42 - 000000000 ____D C:\Users\skysc\AppData\Roaming\.minecraft
2024-07-22 15:43 - 2023-08-07 14:12 - 000000000 ____D C:\Users\skysc
2024-07-22 14:42 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-07-21 16:39 - 2022-06-22 10:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-07-20 21:46 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-07-20 21:23 - 2024-06-02 18:45 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2024-07-20 21:23 - 2023-08-08 14:20 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-07-20 17:58 - 2022-06-22 10:18 - 000000000 ____D C:\ProgramData\Packages
2024-07-20 15:58 - 2023-08-07 17:35 - 000000000 ____D C:\XboxGames
2024-07-20 15:58 - 2023-08-07 14:18 - 000000000 ____D C:\Users\skysc\AppData\Local\Packages
2024-07-20 15:31 - 2023-11-09 14:14 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1221853621-2447620182-1933698513-1002
2024-07-20 15:31 - 2023-08-07 14:20 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1221853621-2447620182-1933698513-1001
2024-07-20 15:31 - 2022-06-22 10:19 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-07-20 15:31 - 2022-06-22 10:19 - 000002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-07-20 14:52 - 2024-05-27 21:44 - 000000000 ____D C:\Users\skysc\AppData\Local\Google
2024-07-20 14:48 - 2024-05-22 20:55 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-07-20 14:48 - 2024-05-22 20:55 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-07-20 14:39 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-07-19 20:47 - 2024-04-14 15:22 - 000004024 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{A5CFE2E1-9623-44C3-B3C8-B178FBF5D7D2}
2024-07-19 20:47 - 2024-04-14 15:22 - 000003900 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{DFB371DD-43E6-4228-ACFE-FADEACBD0C31}
2024-07-18 14:31 - 2023-11-11 18:24 - 000002002 _____ C:\Users\skysc\Desktop\Discord.lnk
2024-07-17 19:28 - 2024-04-14 15:22 - 000002363 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-07-17 19:28 - 2024-04-14 15:22 - 000002322 _____ C:\Users\Public\Desktop\Brave.lnk
2024-07-17 19:25 - 2024-05-27 21:48 - 000000000 ____D C:\Users\skysc\AppData\Local\GUI
2024-07-17 19:24 - 2024-05-25 20:06 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-07-17 19:24 - 2024-05-25 20:06 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-07-17 16:49 - 2022-06-22 10:36 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-07-16 17:08 - 2024-02-17 14:40 - 000267880 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-07-16 17:08 - 2023-08-07 17:35 - 002799208 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-07-16 17:08 - 2023-08-07 17:35 - 000751208 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-07-16 17:08 - 2023-08-07 17:35 - 000222816 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-07-16 17:08 - 2023-08-07 17:35 - 000206440 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-07-16 17:08 - 2023-08-07 17:35 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-07-16 17:08 - 2023-08-07 17:35 - 000108136 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-07-16 17:08 - 2023-08-07 17:35 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-07-16 15:17 - 2022-06-22 10:16 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-07-15 17:42 - 2024-06-04 17:29 - 000239576 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2024-07-12 15:57 - 2022-06-22 10:16 - 000474232 _____ C:\Windows\system32\FNTCACHE.DAT
2024-07-12 15:56 - 2023-12-14 23:09 - 000000000 ____D C:\Windows\InboxApps
2024-07-12 15:56 - 2023-10-11 20:19 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Provisioning
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-07-12 15:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-07-12 14:43 - 2022-06-22 10:16 - 000003754 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-12 14:43 - 2022-06-22 10:16 - 000003630 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-07-11 14:49 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2024-07-09 20:55 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-07-09 20:51 - 2023-08-07 17:05 - 000000000 ____D C:\Windows\system32\MRT
2024-07-09 20:50 - 2023-08-07 17:05 - 194135240 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-07-09 20:44 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-07-09 20:42 - 2022-06-22 10:19 - 003212800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-07-09 20:14 - 2023-09-19 15:20 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-07-01 18:05 - 2024-05-29 17:26 - 000000000 ____D C:\Users\skysc\AppData\LocalLow\Norton
2024-06-30 20:23 - 2023-08-20 18:23 - 000000000 ____D C:\Users\skysc\AppData\Roaming\Microsoft\Word
2024-06-27 14:17 - 2024-05-28 21:28 - 000000000 ____D C:\ProgramData\Avast Software
2024-06-26 21:39 - 2023-08-13 22:30 - 000000000 ____D C:\Users\skysc\AppData\Roaming\Code
2024-06-24 14:31 - 2023-08-13 22:30 - 000000000 ____D C:\Users\skysc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2024-06-24 14:24 - 2024-05-23 16:54 - 000049704 _____ C:\Users\skysc\Downloads\Lebenslauf Jessika.pdf
2024-06-24 14:08 - 2024-06-18 19:47 - 000038589 _____ C:\Users\skysc\Downloads\Bewerbung Jessika.pdf
2024-06-23 14:38 - 2023-08-07 14:19 - 000000000 ____D C:\Users\skysc\AppData\Local\PlaceholderTileLogoFolder

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2023-08-14 18:17 - 2023-08-14 18:17 - 000005998 _____ () C:\Users\skysc\AppData\Local\91094746112
2024-04-06 15:56 - 2024-04-06 15:56 - 000005998 _____ () C:\Users\skysc\AppData\Local\93293858673
2023-10-13 15:29 - 2023-10-13 15:29 - 000005998 _____ () C:\Users\skysc\AppData\Local\9437468409
2023-10-22 18:46 - 2023-10-22 18:46 - 000000028 _____ () C:\Users\skysc\AppData\Local\CapCutConfigure.ini
2023-10-22 20:57 - 2023-10-22 20:57 - 000001611 _____ () C:\Users\skysc\AppData\Local\recently-used.xbel
2024-05-25 19:34 - 2024-05-25 19:34 - 000000017 _____ () C:\Users\skysc\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

 

Themen zu Windows 11: Policy in Edge Und Chrome Browser nicht deaktivierbar, lädt Beautiful New Tab(Edge) und Qtr Search(Chrome) Hijacker Erweiterung
administrator, adware entfernen, autorun, avast, bonjour, browser, browser adblocker entfernen, browser extensions entfernen, cpu, desktop, error, google, homepage, installation, internet, prozesse, realtek, registry, rundll, security, services.exe, software, svchost.exe, symantec, system, updates, usb, windows


« Win 11 , Schwarze Fenster öffnen sich | Windows 11: Seo Shell-Benachrichtigungssymbol kann nicht entfernt werden »


Ähnliche Themen: Windows 11: Policy in Edge Und Chrome Browser nicht deaktivierbar, lädt Beautiful New Tab(Edge) und Qtr Search(Chrome) Hijacker Erweiterung


  1. Webbrowser: Google Chrome und Microsoft Edge 104 schließen Sicherheitslücken
    Nachrichten - 08.08.2022 (0)
  2. Windows 11 Pro: Policy in Edge Browser nicht deaktivierbar, lädt activeserachbar.me Hijacker Erweiterung
    Log-Analyse und Auswertung - 28.06.2022 (35)
  3. Jetzt patchen! Exploit-Code für Chrome und Edge in Umlauf
    Nachrichten - 27.09.2021 (0)
  4. Windows 10 - nach WiperSoft Deinstallation Probleme mit Browser (Chrome, MS-Edge)
    Log-Analyse und Auswertung - 29.06.2021 (8)
  5. Gehackt: Windows, Ubuntu, Exchange, Teams, Zoom, Chrome, Safari und Edge
    Nachrichten - 09.04.2021 (0)
  6. Webbrowser-Erweiterungen für Chrome und Edge schnorcheln Daten ab
    Nachrichten - 17.12.2020 (0)
  7. Youtube suche extrem langsam in Chrome+Firefox+Edge Browser Chromium
    Alles rund um Windows - 29.08.2020 (3)
  8. Webbrowser: Updates für Chrome und Chromium-Edge beseitigen 15 Schwachstellen
    Nachrichten - 13.08.2020 (0)
  9. Ungewünschte Pop-Ups in Chrome und Edge
    Plagegeister aller Art und deren Bekämpfung - 13.07.2017 (20)
  10. chrome öffnet bei jedem click reimage repair und oder anderen Mist. Außerdem funktioniert edge nicht mehr (es kann nicht auf seiten zugegrif
    Plagegeister aller Art und deren Bekämpfung - 11.05.2017 (19)
  11. Windows 10: Google Chrome und MS Edge - Startseite "launchpage.org"
    Log-Analyse und Auswertung - 19.03.2017 (19)
  12. Google Custom Search from Chrome, Firefox, IE and Edge entfernen
    Anleitungen, FAQs & Links - 06.11.2016 (2)
  13. Win10 Edge und Chrome bringen Werbung ungewollte Weiterleitungen
    Plagegeister aller Art und deren Bekämpfung - 27.10.2016 (38)
  14. Popupwerbung in allen Browsern (Chrome, Edge, Firefox und sogar im Steamclient)
    Plagegeister aller Art und deren Bekämpfung - 19.07.2016 (19)
  15. Google Chrome lädt Malware - MS Edge nicht
    Plagegeister aller Art und deren Bekämpfung - 08.03.2016 (21)
  16. Chrome lädt Malware - MS Edge nicht
    Diskussionsforum - 03.03.2016 (3)
  17. CinePlus-meine Browser(Firefox, Chrome und Microsoft Edge) öffnen wenn sie geschlossen sind Pop-Up-Fenster
    Alles rund um Windows - 06.12.2015 (52)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 11: Policy in Edge Und Chrome Browser nicht deaktivierbar, lädt Beautiful New Tab(Edge) und Qtr Search(Chrome) Hijacker Erweiterung - Hallo zusammen, auf unserem Familien Compter, haben wir uns scheinbar zwei Browser Hijacker, eingefangen: Symptome: Edge: 1. Edge Browser Richtlinie (edge://policy) ExtensionInstallForceList aktiviert sich immer wieder 2. Edge Erweiterung "Beautiful - Windows 11: Policy in Edge Und Chrome Browser nicht deaktivierbar, lädt Beautiful New Tab(Edge) und Qtr Search(Chrome) Hijacker Erweiterung...
Archiv
Du betrachtest: Windows 11: Policy in Edge Und Chrome Browser nicht deaktivierbar, lädt Beautiful New Tab(Edge) und Qtr Search(Chrome) Hijacker Erweiterung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131