Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PDF im Browser geöffnet, mögl. infiziert?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Thema geschlossen
Alt 15.10.2024, 16:43   #1
NaraW12
 
PDF im Browser geöffnet, mögl. infiziert? - Standard

PDF im Browser geöffnet, mögl. infiziert?



Hey,

ich war auf Webseite X unterwegs und habe dort auf einem Link geklickt bei dem ich vorher nicht wusste, dass er zu einer PDF führer wird. Grundsätzlich klicke ich keine Links, die zu PDFs führen.
Als ich dann merkte, dass der Link innerhalb von Chrome eine PDF öffnet, schloss ich den Tab.
Ich ließ einen Malwarebytes Scan durchlaufen, der keine Treffer erzielte.

Zusätzlich habe ich den PDF Datei auf meinem Linux VM heruntergeladen und dort noch mal einen Scan der Datei über Virustotal machen lassen.
Ebenfalls keine Treffer, aber die Behaviour Analyste lässt mich ein wenig besorgt zurück.

Dort hat die Datei zwei Tags "autoaction calls-wmi" und unter Behavious "MITRE ATT&CK Tactics and Techniques" heißt es zum Beispiel bei "execution" "The adversary is trying to run malicious code" bei den anderen Stichpunkten steht ähnliches.

Hash vom Virustotal Scan:
70661f8fd6c77a521a3b3a7bf6b68c832d2bb9d8eaca7923390889e7b4e460a9

Ist doch alles in Ordnung, oder sollte ich noch andere Dinge prüfen? Danke für die Hilfe.

Alt 15.10.2024, 16:54   #2
M-K-D-B
/// TB-Ausbilder
 
PDF im Browser geöffnet, mögl. infiziert? - Standard

PDF im Browser geöffnet, mögl. infiziert?







Zitat:
ich war auf Webseite X unterwegs (...)
Pornoseite? Download von illegaler Software? Wovon sprechen wir?
Bitte konkreter.



Zitat:
Ist doch alles in Ordnung, oder sollte ich noch andere Dinge prüfen?
Wenn du unsere Meinung wissen möchtest, ob dein System infiziert ist:
Bitte die Hinweise für Hilfesuchende lesen und umsetzen.

Alles andere ist rein spekulativ und hilft niemandem weiter.
__________________


Alt 15.10.2024, 17:48   #3
NaraW12
 
PDF im Browser geöffnet, mögl. infiziert? - Standard

PDF im Browser geöffnet, mögl. infiziert?



Zitat:
Zitat von M-K-D-B Beitrag anzeigen





Pornoseite? Download von illegaler Software? Wovon sprechen wir?
Bitte konkreter.




Wenn du unsere Meinung wissen möchtest, ob dein System infiziert ist:
Bitte die Hinweise für Hilfesuchende lesen und umsetzen.

Alles andere ist rein spekulativ und hilft niemandem weiter.

Nein, ist eine Seite, die sich als Healtcare StartUP ausgibt. Möglicherweise ein fake.
Ich hab jetzt FRST laufen lassen. Als ich FRST laufen ließ, kam übrigens die Meldung von Windows Defender, dass eine Bedrohung mit der Stufe "niedrig" erkannt wurde.
Erkannt wurde "PUABundler:Win32/FusionCore"
Kategorie "Potenziell unerwünschte Software"
Element: file: C:\Users\Comp\Downloads\nox_setup_v6.6.0.5_full_intl.exe

Ich denke, ich kann das erstmal ignorieren, oder was wäre die Empfehlung? Vermute mal, die Datei wurde erst jetzt erkannt, aufgrund des Deepscans von FRST.

Nun aber die Logs:
FRST.TXT
[CODE]
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
durchgeführt von Comp (Administrator) auf DESKTOP-L7IO3LM (15-10-2024 18:31:14)
Gestartet von C:\Users\Comp\Downloads\FRST64.exe
Geladene Profile: Comp
Plattform: Microsoft Windows 10 Home Version 22H2 19045.5011 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FCDBLog.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSettings.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiTray.exe
(C:\Program Files\LGHUB\lghub_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(Discord Inc. -> Discord Inc.) C:\Users\Comp\AppData\Local\Discord\app-1.0.9166\Discord.exe <6>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <33>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\Comp\AppData\Local\Programs\signal-desktop\Signal.exe <4>
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Comp\Desktop\telegram\Telegram.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <27>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\scheduler.exe
(services.exe ->) (Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(services.exe ->) (Golden Frog GmbH -> Golden Frog, GmbH.) C:\Program Files (x86)\VyprVPN\VyprVPNService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (NETGEAR -> ) C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>
(sihost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\FullTrustNotifier.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2405.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-09-16] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2261600 2021-05-12] (voidtools -> voidtools)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [937984 2015-10-01] (AVM Berlin) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-06-01] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [483976 2020-08-13] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Comp\AppData\Local\Microsoft\Teams\Update.exe [2324624 2020-01-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2021-12-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4230544 2022-07-26] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46525336 2024-09-25] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [280952 2022-02-18] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\Comp\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2023-09-18] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\Comp\AppData\Local\Programs\signal-desktop\Signal.exe [163723200 2023-12-07] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Run: [MicrosoftEdgeAutoLaunch_C84A5ACAF0A8CA7A1FEC7DE39997474F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3794984 2024-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Run: [Discord] => C:\Users\Comp\AppData\Local\Discord\Update.exe [1526504 2024-08-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\MountPoints2: {0bd2e0ae-3d95-11ea-be95-a85e4517e8b4} - "E:\pushinst.exe" 
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.90\Installer\chrmstp.exe [2024-10-03] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\129.1.70.126\Installer\chrmstp.exe [2024-10-09] (Brave Software, Inc. -> Brave Software, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0AD03BD4-1542-40F8-813A-EC301B99F34F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {EA261461-F8C9-4749-A273-967995CF6BC5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C3796D0A-3B0F-4E17-AF56-11AF0A927B53} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4454832 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FCA79DCB-9955-43DB-8E88-E73BC780E141} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2023-08-07] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {5912BD5D-F045-494F-B4DB-A19964F37E79} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{F1C80FBA-0A56-4013-9BF8-A0259F56F0C8} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-27] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {6CEC4A3D-421B-40AD-8D09-7DE2624EBCE9} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{1462BAF7-F80F-414F-978E-ED0032FBE0AE} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-27] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {61387D1B-2216-4612-8DC1-B9E9EE47BE46} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{23CDE69D-B331-429E-A96D-82E0A7244A42} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {A29C4392-AF3D-4524-B6EE-A408E332EF42} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {31469197-8C20-47AC-BAF3-9087DCFD2393} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9697D4DB-8030-4472-8997-730CC8497FB1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312520 2024-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {64A532A2-3749-46BC-9714-841A54C37CC2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312520 2024-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {88E42AC0-2C64-4AC2-983B-675819DC13A4} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6A75980-8B1B-496E-B487-7F943CB0A08B} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4465608 2024-09-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {521301AB-8D9C-4EC6-B8D4-0B38C6FDBC73} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [91928 2024-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {60A6853A-B95C-45E1-A107-84C0E7ED12A7} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => C:\WINDOWS\system32\clipesu.exe [221680 2024-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {C5C2F02E-9ED9-43A1-8C94-DA5EB2FC8966} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F7905934-5DBD-40DB-82E4-C67AEE362E99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {727B0BAB-DF24-449D-A4FC-713CF6223BD4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A5065FB8-5420-47BF-A4C2-2DDE9CE83E7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91424FD5-DA54-45E1-B603-3E3E066B3B8A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34376 2024-09-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {211BFE03-4F78-4C80-9D74-E8A054539D3D} - System32\Tasks\VivaldiUpdateCheck-f2f596bdf0d42c14 => C:\Users\Comp\AppData\Local\Vivaldi\Application\update_notifier.exe [3732104 2024-10-08] (Vivaldi Technologies AS -> Vivaldi Technologies AS) -> C:\Users\Comp\AppData\Local\Vivaldi\Application\--from-scheduler

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 192.168.68.1
Tcpip\..\Interfaces\{5af3114c-9c6e-4c86-ac56-79fdde4434a3}: [NameServer] 8.8.8.8,1.0.0.1
Tcpip\..\Interfaces\{5af3114c-9c6e-4c86-ac56-79fdde4434a3}: [DhcpNameServer] 192.168.178.1 192.168.68.1
Tcpip\..\Interfaces\{7e4dccfe-f79b-4575-b976-001e4ac1b4ef}: [DhcpNameServer] 192.168.178.1 192.168.68.1
Tcpip\..\Interfaces\{7e4dccfe-f79b-4575-b976-001e4ac1b4ef}\64259445A51224F687027353930302A465: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7e4dccfe-f79b-4575-b976-001e4ac1b4ef}\64259445A51224F687027353930302A465: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{8d45d433-9f20-4b58-9266-433780d711ac}\445636F6D443: [DhcpNameServer] 192.168.178.1 192.168.68.1

Edge: 
=======
Edge Profile: C:\Users\Comp\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-26]
Edge Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-22]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-24]
Edge Extension: (Edge relevant text changes) - C:\Users\Comp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: bqzdq9yk.default
FF ProfilePath: C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\bqzdq9yk.default [2020-01-22]
FF ProfilePath: C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release [2024-10-15]
FF Extension: (Notes by Firefox) - C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release\Extensions\notes@mozilla.com.xpi [2023-07-04]
FF Extension: (Pocket Universe) - C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release\Extensions\pocketuniverse@refractlabs.io.xpi [2023-08-16]
FF Extension: (Alternate Player for Twitch.tv) - C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release\Extensions\twitch5@coolcmd.xpi [2024-06-20]
FF Extension: (uBlock Origin) - C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release\Extensions\uBlock0@raymondhill.net.xpi [2024-10-03]
FF Extension: (MetaMask) - C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release\Extensions\webextension@metamask.io.xpi [2024-08-29]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-06-18]
FF Extension: (Argent X - Starknet Wallet) - C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release\Extensions\{51e0c76c-7dbc-41ba-a45d-c579be84301b}.xpi [2024-06-13]
FF Extension: (Video Speed Controller) - C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release\Extensions\{7be2ba16-0f1e-4d93-9ebc-5164397477a9}.xpi [2021-04-06]
FF Extension: (TTV ad-block) - C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release\Extensions\{8119073b-9727-4455-8b87-89bbb89e8668}.xpi [2021-05-20]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Comp\AppData\Roaming\Mozilla\Firefox\Profiles\kn341fcp.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-10-02]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-08-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-06-01] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-09-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-06-01] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Profile 19
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default [2024-10-10]
CHR Notifications: Default -> hxxps://app.traitsniper.com; hxxps://www.netflix.com
CHR Extension: (TraitSniper) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaonckckmmakfgjfkgbfeepdhmajkeg [2023-08-12]
CHR Extension: (Dunkler Modus - Nachtauge) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\alncdjedloppbablonallfbkeiknmkdi [2024-10-10]
CHR Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-10-07]
CHR Extension: (Ronin Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjhmkhhmkbjkkabndcnnogagogbneec [2024-10-07]
CHR Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-10-08]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-10]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-09]
CHR Extension: (Distill Web Monitor) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlikjemeeknofckkjolnjbpehgadgge [2024-10-07]
CHR Extension: (Video Speed Controller) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2024-06-20]
CHR Extension: (MetaMask) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-10-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Grammatik- und Rechtschreibprüfung - LanguageTool) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldceeleldhonbafppcapldpdifcinji [2024-10-07]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-11]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 10 [2023-04-26]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-26]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 11 [2023-04-26]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-26]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 12 [2023-04-26]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-26]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 13 [2023-04-26]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-26]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 14 [2023-04-26]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-26]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15 [2024-10-11]
CHR Extension: (Rabby Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\acmacodkjbdgmoleebolmdjonilkdbch [2024-10-11]
CHR Extension: (Phantom) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\bfnaelmomeimhlpmgjnjophhpkkoljpa [2024-10-11]
CHR Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-10-11]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-10-04]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-11]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-11]
CHR Extension: (KasWare Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\hklhheigdmpoolooomdihmhlpjjdbklf [2024-10-11]
CHR Extension: (TronLink) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\ibnejdfjmmkpcnlpebklmnkoeoihofec [2024-10-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-10-04]
CHR Extension: (Typhon Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\kfdniefadaanbjodldohaedphafoffoh [2024-10-11]
CHR Extension: (Nami) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\lpfcbjknijpeeillifnkikgncikgfhdo [2024-10-11]
CHR Extension: (OKX Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\mcohilncbfahbmgdjkbpemcciiolgcge [2024-10-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Extension: (UniSat Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\ppbibelpcjmhbdihakflkdcoccbgbkpo [2024-10-11]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19 [2024-10-15]
CHR Extension: (Rabby Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\acmacodkjbdgmoleebolmdjonilkdbch [2024-10-15]
CHR Extension: (Phantom) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\bfnaelmomeimhlpmgjnjophhpkkoljpa [2024-10-08]
CHR Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-09-28]
CHR Extension: (Search by Image) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\cnojnbdhbhnkbcieeekonklommdnndci [2024-09-24]
CHR Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-11]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-08]
CHR Extension: (MetaMask) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-10-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-09-24]
CHR Extension: (Sui Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\opcgpfmipidbgpenhmajoajpbobppdil [2024-10-13]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-10-15]
CHR Extension: (Rabby Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\acmacodkjbdgmoleebolmdjonilkdbch [2024-10-14]
CHR Extension: (Compass Wallet for Sei) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\anokgmphncpekkhclmingpimjmcooifb [2024-10-13]
CHR Extension: (Phantom) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bfnaelmomeimhlpmgjnjophhpkkoljpa [2024-10-07]
CHR Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-09-27]
CHR Extension: (Search by Image) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cnojnbdhbhnkbcieeekonklommdnndci [2024-06-26]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2024-06-04]
CHR Extension: (Keplr) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dmkamcknogkgcdfhhbddcghachkejeap [2024-10-13]
CHR Extension: (Petra Aptos Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ejjladinnckdgjemekebdpeokbikhfci [2024-10-05]
CHR Extension: (MyTonWallet · My TON Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fldfpgipfncgndfolcbkdeeknbbbnhcc [2024-10-09]
CHR Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-27]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-09-20]
CHR Extension: (MetaMask) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-10-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-25]
CHR Extension: (UniSat Wallet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ppbibelpcjmhbdihakflkdcoccbgbkpo [2024-10-13]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-10-02]
CHR Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2022-09-17]
CHR Extension: (User-Agent Switcher and Manager) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bhchdcejhohfmigjafbampogmaanbfkg [2024-10-02]
CHR Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-10-02]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2024-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-10-02]
CHR Extension: (MetaMask) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-02-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-25]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-04-11]
CHR Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2022-11-06]
CHR Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-04-07]
CHR Extension: (MetaMask) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-04-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-25]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-04-07]
CHR Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-04-06]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-04-07]
CHR Extension: (MetaMask) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-04-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-25]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-08-10]
CHR Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-08-10]
CHR Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-08-10]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-10]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-08-10]
CHR Extension: (MetaMask) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-04-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-11]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 7 [2024-09-24]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-09-24]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-09-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 8 [2024-08-20]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-08-20]
CHR Extension: (MetaMask) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-08-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 9 [2023-04-26]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-26]
CHR Extension: (Google Docs Offline) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Comp\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Profile: C:\Users\Comp\AppData\Local\Google\Chrome\User Data\System Profile [2024-10-15]
CHR HKU\S-1-5-21-1573054408-997910720-4152984468-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Brave: 
=======
BRA DefaultProfile: Profile 11
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-08-20]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2023-04-27]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-25]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-05-25]
BRA Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-05-24]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-24]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-27]
BRA Extension: (Sticky Notes 3.5 - Super Quick & Personal) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\plpdjbappofmfbgdmhoaabefbobddchk [2023-08-31]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2023-05-26]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1 [2024-09-13]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2023-04-27]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-24]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-05-24]
BRA Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-05-24]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-24]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-27]
BRA Extension: (Sticky Notes 3.5 - Super Quick & Personal) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\plpdjbappofmfbgdmhoaabefbobddchk [2023-09-30]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 10 [2024-02-01]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 10\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2023-04-29]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 10\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-04-29]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 10\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-29]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 10\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2023-04-29]
BRA Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 10\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-04-29]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 10\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-29]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 10\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-29]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 11 [2024-10-11]
BRA Extension: (Rabby Wallet) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 11\Extensions\acmacodkjbdgmoleebolmdjonilkdbch [2024-10-11]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 11\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2024-02-08]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 11\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-10-03]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 11\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-10-03]
BRA Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 11\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-10]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 11\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-09-24]
BRA Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 11\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2024-08-24]
BRA Extension: (UniSat Wallet) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 11\Extensions\ppbibelpcjmhbdihakflkdcoccbgbkpo [2024-10-11]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 12 [2023-12-28]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 12\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-28]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 12\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-28]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 13 [2024-10-10]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 13\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-10-10]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 13\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-10-10]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 13\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-10-10]
BRA Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 13\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-10]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 13\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-08-17]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 14 [2024-06-20]
BRA Extension: (Rabby Wallet) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 14\Extensions\acmacodkjbdgmoleebolmdjonilkdbch [2024-06-20]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 14\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-30]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 14\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-06-19]
BRA Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 14\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-06-20]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 14\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-06-19]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 14\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-06-20]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 2 [2024-05-26]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 2\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2023-04-27]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-25]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 2\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2023-06-30]
BRA Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-05-25]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-25]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 2\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-27]
BRA Extension: (Sticky Notes 3.5 - Super Quick & Personal) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 2\Extensions\plpdjbappofmfbgdmhoaabefbobddchk [2023-06-30]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 3 [2024-05-26]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 3\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2023-04-27]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 3\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-26]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 3\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2023-04-27]
BRA Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-05-25]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-25]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 3\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-27]
BRA Extension: (Sticky Notes 3.5 - Super Quick & Personal) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 3\Extensions\plpdjbappofmfbgdmhoaabefbobddchk [2023-06-30]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 4 [2024-05-26]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 4\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2023-04-27]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 4\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-26]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 4\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-05-26]
BRA Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 4\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-05-26]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 4\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-26]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 4\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-05-26]
BRA Extension: (Sticky Notes 3.5 - Super Quick & Personal) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 4\Extensions\plpdjbappofmfbgdmhoaabefbobddchk [2023-06-30]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 5 [2024-04-13]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 5\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2023-04-29]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 5\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-04-29]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 5\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2023-04-29]
BRA Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 5\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-04-29]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 5\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-29]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 5\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-29]
BRA Extension: (Sticky Notes 3.5 - Super Quick & Personal) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 5\Extensions\plpdjbappofmfbgdmhoaabefbobddchk [2023-06-30]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 6 [2024-04-13]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 6\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2023-04-29]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 6\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-01]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 6\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-02-01]
BRA Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 6\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-02-01]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 6\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-29]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 6\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-29]
BRA Extension: (Sticky Notes 3.5 - Super Quick & Personal) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 6\Extensions\plpdjbappofmfbgdmhoaabefbobddchk [2023-06-30]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 7 [2024-09-24]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 7\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2023-04-29]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 7\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-09-24]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-31]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 7\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2024-09-24]
BRA Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 7\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-09-24]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 7\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-09-24]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 7\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-10-31]
BRA Extension: (Sticky Notes 3.5 - Super Quick & Personal) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 7\Extensions\plpdjbappofmfbgdmhoaabefbobddchk [2023-06-30]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 8 [2024-04-13]
BRA Extension: (BP Proxy Switcher) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 8\Extensions\bapeomcobggcdleohggighcjbeeglhbn [2023-04-29]
BRA Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 8\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-04-29]
BRA Extension: (Pocket Universe) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 8\Extensions\gacgndbocaddlemdiaadajmlggabdeod [2023-04-29]
BRA Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 8\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-04-29]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 8\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-29]
BRA Extension: (MetaMask) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 8\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-29]
BRA Profile: C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\System Profile [2024-09-24]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-10-08]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-10-11]
BRA Extension: (Brave NTP background images) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-09-11]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-10-11]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-22]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-10-11]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2024-10-03]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-09-24]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2023-04-27]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-10-11]
BRA Extension: (Brave Ads Resources) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2024-09-10]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2024-10-11]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-10-03]
BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-24]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2024-10-11]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Comp\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-31]

Vivaldi: 
=======
VIV Profile: C:\Users\Comp\AppData\Local\Vivaldi\User Data\Default [2024-09-29]
VIV Extension: (uBlock Origin) - C:\Users\Comp\AppData\Local\Vivaldi\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-09-29]
VIV Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Comp\AppData\Local\Vivaldi\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-07-21]
VIV Extension: (AdBlock — block ads across the web) - C:\Users\Comp\AppData\Local\Vivaldi\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-09-29]
VIV Extension: (Malwarebytes Browser Guard) - C:\Users\Comp\AppData\Local\Vivaldi\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-09-29]
VIV Extension: (Hide Discord Sidebar) - C:\Users\Comp\AppData\Local\Vivaldi\User Data\Default\Extensions\kaaohmdnmbdagpnenakakpkinddjmenp [2024-06-23]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-06-01] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4578736 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AvmSwitchUsb; C:\Program Files (x86)\avmwlanstick\AVMSwitchUsb.exe [125440 2015-10-01] () [Datei ist nicht signiert]
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2569352 2024-08-02] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-27] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\129.1.70.126\elevation_service.exe [2666512 2024-10-09] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-27] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861080 2024-10-12] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-03-25] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-30] (Epic Games Inc. -> Epic Games, Inc.)
R2 Everything; C:\Program Files\Everything\Everything.exe [2261600 2021-05-12] (voidtools -> voidtools)
R2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [141712 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-01-15] (FUTUREMARK INC -> Futuremark)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11335576 2024-09-25] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9019096 2024-10-05] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-07-14] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2021-06-07] (nordvpn s.a. -> TEFINCOM S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [281464 2022-02-18] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [22384 2023-11-15] (Microsoft Windows -> Microsoft Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [483976 2020-08-13] (Geek Software GmbH -> Geek Software GmbH)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [401512 2022-12-14] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [328808 2022-12-14] (Proton Technologies AG -> ProtonVPN)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-01-15] (Oracle Corporation -> Oracle Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9806200 2020-09-16] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [42560 2024-07-03] (Microsoft Corporation -> Microsoft)
R2 VyprVPN; C:\Program Files (x86)\VyprVPN\VyprVPNService.exe [418304 2022-01-19] (Golden Frog GmbH -> Golden Frog, GmbH.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-18] (NETGEAR -> )

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 avmeject; C:\WINDOWS\System32\drivers\avmeject.sys [14120 2015-10-01] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [310672 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [157736 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [71248 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70536 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-23] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl253966d5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8299E210-14CF-4D46-B3F9-2757179BC600}\MpKslDrv.sys [267552 2024-10-15] (Microsoft Windows -> Microsoft Corporation)
R2 NDivert; C:\Program Files\NordVPN\6.45.5.0\Drivers\NDivert.sys [130424 2022-03-16] (nordvpn s.a. -> Nordvpn S.A.)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
S3 NPF; C:\WINDOWS\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2022-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R0 SCMNdisP; C:\WINDOWS\System32\DRIVERS\scmndisp.sys [25312 2007-01-19] (NETGEAR -> Windows (R) Codename Longhorn DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [28160 2022-01-19] (OpenVPN Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-10-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapvyprvpn; C:\WINDOWS\System32\drivers\tapvyprvpn.sys [44896 2022-01-19] (Golden Frog, GmbH -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5487312 2020-09-16] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
R1 WinRing0_1_2_0; C:\Program Files (x86)\EVGA\WinRing0\WinRing0x64.sys [14536 2019-06-24] (EVGA -> OpenLibSys.org)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2022-08-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\system32\DRIVERS\wireguard.sys [489368 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 wovad_micarray; C:\WINDOWS\system32\drivers\womic.sys [34496 2020-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2020-04-09] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-10-15 18:31 - 2024-10-15 18:32 - 000074274 _____ C:\Users\Comp\Downloads\FRST.txt
2024-10-15 18:30 - 2024-10-15 18:31 - 000000000 ____D C:\FRST
2024-10-15 18:28 - 2024-10-15 18:28 - 002397696 _____ (Farbar) C:\Users\Comp\Downloads\FRST64.exe
2024-10-15 12:46 - 2024-10-15 12:46 - 000684696 _____ C:\Users\Comp\Downloads\Rechnung_R24-409328_231474.pdf
2024-10-14 13:40 - 2024-10-14 13:40 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-10-14 13:40 - 2024-09-16 01:28 - 025312776 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2024-10-14 13:40 - 2024-09-16 01:28 - 002040680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-10-14 13:40 - 2024-09-16 01:28 - 002040680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-10-14 13:40 - 2024-09-16 01:28 - 001583976 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-10-14 13:40 - 2024-09-16 01:28 - 001583976 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-10-14 13:40 - 2024-09-16 01:28 - 001446760 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-10-14 13:40 - 2024-09-16 01:28 - 001446760 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-10-14 13:40 - 2024-09-16 01:28 - 001296744 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-10-14 13:40 - 2024-09-16 01:28 - 001296744 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-10-14 13:40 - 2024-09-16 01:28 - 000477704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-10-14 13:40 - 2024-09-16 01:28 - 000374816 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-10-14 13:40 - 2024-09-16 01:25 - 001547400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-10-14 13:40 - 2024-09-16 01:25 - 001202808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-10-14 13:40 - 2024-09-16 01:25 - 001078928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-10-14 13:40 - 2024-09-16 01:25 - 000856696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-10-14 13:40 - 2024-09-16 01:25 - 000669840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-10-14 13:40 - 2024-09-16 01:25 - 000505992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-10-14 13:40 - 2024-09-16 01:24 - 016200352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-10-14 13:40 - 2024-09-16 01:24 - 014270096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-10-14 13:40 - 2024-09-16 01:24 - 006914168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-10-14 13:40 - 2024-09-16 01:24 - 005348872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-10-14 13:40 - 2024-09-16 01:24 - 003788432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-10-14 13:40 - 2024-09-16 01:24 - 002178696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-10-14 13:40 - 2024-09-16 01:24 - 001629296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-10-14 13:40 - 2024-09-16 01:24 - 001034248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-10-14 13:40 - 2024-09-16 01:24 - 000796792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-10-14 13:40 - 2024-09-16 01:24 - 000461984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-10-14 13:40 - 2024-09-16 01:24 - 000131656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-10-14 13:40 - 2024-09-16 01:23 - 005910024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-10-14 13:40 - 2024-09-16 01:23 - 000853136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-10-14 13:40 - 2024-09-16 01:22 - 007133144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-10-14 13:40 - 2024-09-16 01:22 - 006212848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-10-14 13:40 - 2024-09-16 00:53 - 000127247 _____ C:\WINDOWS\system32\nvinfo.pb
2024-10-12 22:34 - 2024-10-12 22:34 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-10-09 11:58 - 2024-10-09 11:58 - 000000000 ___HD C:\$WinREAgent
2024-10-03 15:22 - 2024-10-03 15:22 - 000068163 _____ C:\Users\Comp\Downloads\bytecode examples.txt
2024-09-28 13:03 - 2024-09-28 13:03 - 000000226 _____ C:\Users\Comp\Downloads\tester 2.7z
2024-09-27 14:28 - 2024-09-27 16:08 - 000005022 _____ C:\Users\Comp\Downloads\gra from tuna.txt
2024-09-27 13:50 - 2024-09-27 13:50 - 000004852 _____ C:\Users\Comp\Downloads\message (3).txt
2024-09-27 13:36 - 2024-09-27 13:36 - 000004852 _____ C:\Users\Comp\Downloads\message (2).txt
2024-09-25 21:02 - 2024-09-25 21:02 - 000006532 _____ C:\Users\Comp\Downloads\Users%2FDEJSxQwEXk92zuHi2A4e45XmTvWaLVKkrptfoTXTs1CY%2FCollections%2Fc8GGx4IYaBchTbHlgdKe%2Fcover.webp
2024-09-25 11:38 - 2024-09-25 11:38 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2024-09-25 11:38 - 2024-09-25 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-09-25 11:38 - 2024-09-25 11:38 - 000000000 ____D C:\Program Files\LGHUB
2024-09-24 13:51 - 2024-09-24 13:51 - 000450017 _____ C:\Users\Comp\Downloads\bookmarks_24.09.24.html
2024-09-22 22:43 - 2024-09-22 22:43 - 000000226 _____ C:\Users\Comp\Downloads\geschi.7z

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-10-15 18:32 - 2023-05-01 15:53 - 000000000 ____D C:\Users\Comp\AppData\Local\Malwarebytes
2024-10-15 18:19 - 2021-12-17 22:02 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-10-15 18:02 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-15 17:52 - 2021-08-28 22:59 - 000021363 _____ C:\Users\Comp\Desktop\NFTs.txt
2024-10-15 17:44 - 2022-08-01 16:50 - 000002374 ____H C:\Users\Comp\Documents\Default.rdp
2024-10-15 17:34 - 2024-08-23 18:00 - 000000000 ____D C:\Users\Comp\AppData\Local\Discord
2024-10-15 16:47 - 2022-12-22 15:24 - 000000128 _____ C:\Users\Comp\AppData\Local\PUTTY.RND
2024-10-15 16:34 - 2024-08-23 18:00 - 000000000 ____D C:\Users\Comp\AppData\Roaming\discord
2024-10-15 16:18 - 2020-10-08 21:53 - 000000000 ____D C:\Users\Comp\Desktop\telegram
2024-10-15 14:39 - 2021-03-24 01:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-15 13:54 - 2020-02-17 13:27 - 000000000 ____D C:\Users\Comp\.VirtualBox
2024-10-15 13:53 - 2020-02-17 13:27 - 000000000 ____D C:\ProgramData\VirtualBox
2024-10-15 12:39 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-15 12:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-10-15 11:43 - 2023-10-27 12:54 - 000000000 ____D C:\Users\Comp\AppData\Roaming\Signal
2024-10-15 11:41 - 2022-02-10 04:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-15 11:41 - 2020-04-01 20:24 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-10-15 11:36 - 2021-03-24 01:16 - 001632024 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-10-15 11:36 - 2019-12-07 16:50 - 000706062 _____ C:\WINDOWS\system32\perfh007.dat
2024-10-15 11:36 - 2019-12-07 16:50 - 000142356 _____ C:\WINDOWS\system32\perfc007.dat
2024-10-15 11:36 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-10-15 11:35 - 2020-09-22 11:08 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-10-15 11:32 - 2021-06-25 00:27 - 000000000 ____D C:\Users\Comp\AppData\Local\LGHUB
2024-10-15 11:32 - 2021-03-24 01:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-15 11:32 - 2021-03-24 01:09 - 000008192 ___SH C:\DumpStack.log.tmp
2024-10-15 11:32 - 2020-05-08 22:12 - 000000000 ____D C:\ProgramData\NVIDIA
2024-10-15 04:03 - 2021-07-03 03:27 - 000000000 ____D C:\Users\Comp\AppData\Local\Everything
2024-10-15 04:03 - 2021-07-03 01:14 - 000000000 ____D C:\Users\Comp\AppData\Roaming\Everything
2024-10-15 04:03 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-10-15 03:59 - 2022-04-06 14:04 - 000000000 ____D C:\Users\Comp\AppData\Local\NordVPN
2024-10-14 23:36 - 2023-10-07 12:38 - 000000000 ____D C:\Program Files\RUXIM
2024-10-14 13:41 - 2022-08-30 22:46 - 000000000 ____D C:\Users\Comp\AppData\LocalLow\NVIDIA
2024-10-14 13:40 - 2020-05-08 22:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-10-13 23:11 - 2021-03-24 01:09 - 000469232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-10-13 23:09 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-10-13 23:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-10-13 23:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-10-13 23:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-10-13 23:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-10-13 23:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-10-13 23:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-10-13 23:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-10-13 23:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-10-13 23:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-10-13 23:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-10-13 20:33 - 2020-05-05 16:04 - 000013119 _____ C:\Users\Comp\Desktop\phrase.txt
2024-10-12 22:34 - 2020-08-23 11:21 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-12 22:34 - 2020-08-23 11:21 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-10-12 22:34 - 2020-01-26 12:12 - 000000000 ____D C:\Program Files\Microsoft Office
2024-10-12 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-10-10 19:35 - 2024-07-03 20:30 - 000000000 ____D C:\Users\Comp\Desktop\Python shit
2024-10-10 16:37 - 2020-08-30 11:12 - 000000000 ____D C:\Users\Comp\AppData\Local\CrashDumps
2024-10-10 01:15 - 2023-09-02 16:00 - 000000000 ____D C:\Users\Comp\AppData\Roaming\G HUB
2024-10-09 23:42 - 2024-06-22 23:42 - 000002377 _____ C:\Users\Comp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2024-10-09 23:42 - 2024-06-22 23:42 - 000002340 _____ C:\Users\Comp\Desktop\Vivaldi.lnk
2024-10-09 23:42 - 2024-06-22 23:41 - 000000000 ____D C:\Users\Comp\AppData\Local\Vivaldi
2024-10-09 23:20 - 2023-04-27 18:44 - 000002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-10-09 23:20 - 2023-04-27 18:44 - 000002315 _____ C:\Users\Public\Desktop\Brave.lnk
2024-10-09 12:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-10-09 12:03 - 2021-03-24 01:10 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-10-09 11:10 - 2020-01-22 23:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-10-09 11:05 - 2020-01-22 23:20 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-10-09 01:02 - 2022-10-12 15:50 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-10-08 23:48 - 2022-12-15 13:32 - 000002395 _____ C:\Users\Comp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-08 23:48 - 2021-12-12 19:25 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1573054408-997910720-4152984468-1001
2024-10-08 23:48 - 2021-03-24 01:15 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1573054408-997910720-4152984468-1001
2024-10-08 22:02 - 2021-03-24 01:15 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-08 22:02 - 2021-03-24 01:15 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-08 15:10 - 2022-10-11 16:00 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-10-08 15:10 - 2022-10-11 16:00 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-10-06 11:45 - 2020-01-22 23:14 - 000000000 ____D C:\Users\Comp\AppData\Local\D3DSCache
2024-10-06 02:08 - 2022-01-18 21:59 - 000000000 ____D C:\Users\Comp\Documents\Soundaufnahmen
2024-10-04 11:23 - 2024-08-23 18:00 - 000002243 _____ C:\Users\Comp\Desktop\Discord.lnk
2024-10-03 23:46 - 2020-12-12 13:20 - 000000000 ____D C:\Users\Comp\Downloads\Telegram Desktop
2024-10-03 22:50 - 2020-01-23 01:09 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-03 22:50 - 2020-01-23 01:09 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-09-29 01:37 - 2024-06-22 23:42 - 000000527 _____ C:\Users\Comp\.vivaldi_reporting_data
2024-09-27 23:53 - 2021-06-25 00:27 - 000000000 ____D C:\Users\Comp\AppData\Roaming\LGHUB
2024-09-21 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-09-21 02:30 - 2023-08-11 00:58 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2024-09-21 02:17 - 2020-04-01 20:31 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-09-17 13:39 - 2020-01-23 06:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-09-16 22:45 - 2021-09-02 10:18 - 000000000 ____D C:\Users\Comp\Desktop\ga docs rat etc
2024-09-16 21:31 - 2020-01-26 12:35 - 000000000 ____D C:\Users\Comp\AppData\Roaming\Microsoft\Word
2024-09-15 23:43 - 2020-02-03 18:00 - 000000000 ____D C:\Users\Comp\AppData\Roaming\Microsoft\Excel

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-04-01 20:21 - 2020-04-01 20:21 - 000000410 _____ () C:\Users\Comp\AppData\Local\oobelibMkey.log
2022-12-22 15:24 - 2024-10-15 16:47 - 000000128 _____ () C:\Users\Comp\AppData\Local\PUTTY.RND

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
--- --- ---

Die Addition txt file ist im nachfolgenden Beitrag, da zu viele Zeichen.

Edit: Dauert etwas länger, da ich nur alle 600 Sekunden einen Beitrag senden kann.
__________________

Geändert von NaraW12 (15.10.2024 um 17:54 Uhr)

Alt 15.10.2024, 18:03   #4
NaraW12
 
PDF im Browser geöffnet, mögl. infiziert? - Standard

PDF im Browser geöffnet, mögl. infiziert?



Und nun die Addition txt file.
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2024
durchgeführt von Comp (15-10-2024 18:33:14)
Gestartet von C:\Users\Comp\Downloads
Microsoft Windows 10 Home Version 22H2 19045.5011 (X64) (2021-03-23 23:15:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-1573054408-997910720-4152984468-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1573054408-997910720-4152984468-503 - Limited - Disabled)
Gast (S-1-5-21-1573054408-997910720-4152984468-501 - Limited - Disabled)
Comp (S-1-5-21-1573054408-997910720-4152984468-1001 - Administrator - Enabled) => C:\Users\Comp
WDAGUtilityAccount (S-1-5-21-1573054408-997910720-4152984468-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 24.003.20180 - Adobe Systems Incorporated)
Adobe Acrobat Reader - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 24.003.20180 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.5.1.3 - Adobe Inc.)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_1_1) (Version: 24.1.1 - Adobe Inc.)
Adobe Media Encoder 2022 (HKLM-x32\...\AME_22_1_1) (Version: 22.1.1 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_1) (Version: 21.1.1 - Adobe Inc.)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_1_2) (Version: 22.1.2 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Application Verifier x64 External Package (DesktopEditions) (HKLM\...\{C85A0AA9-2CF5-7B43-C078-4E8B7CE362D2}) (Version: 10.1.22621.3233 - Microsoft) Hidden
Application Verifier x64 External Package (OnecoreUAP) (HKLM\...\{2C78EC40-921E-1C02-01FC-A1B6B0489B8C}) (Version: 10.1.22621.3233 - Microsoft) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 06.20.07 - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.12.115.2101 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\BlueStacksServices) (Version: 3.0.1 - now.gg, Inc.)
BlueStacks X (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\BlueStacks X) (Version: 10.3.10.1006 - now.gg, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 129.1.70.126 - Die Brave-Autoren)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CPUID HWMonitor 1.52 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.52 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Discord) (Version: 1.0.9159 - Discord Inc.)
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Everything 1.4.1.1009 (x64) (HKLM\...\Everything) (Version: 1.4.1.1009 - voidtools)
EVGA Precision X1 (HKLM\...\EVGA Precision X1) (Version: 1.0.4.0 - EVGA Corporation)
FortiClient VPN (HKLM\...\{A43400FD-C5F7-4E6D-B258-E271AB41FC93}) (Version: 6.2.6.0951 - Fortinet Technologies Inc)
Futuremark SystemInfo (HKLM-x32\...\{A93C08EF-FEB5-49B0-BA5C-2149018683B5}) (Version: 5.26.809.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.90 - Google LLC)
InstallWintun (HKLM\...\{FE2AA480-D491-4272-92BC-EAE2101B8B94}) (Version: 1.0.0 - WireGuard LLC) Hidden
Kits Configuration Installer (HKLM-x32\...\{5D7663D4-8EF0-0323-8F60-1FC5EECB77E5}) (Version: 10.1.22621.3233 - Microsoft) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.7.625196 - Logitech)
Malwarebytes version 5.1.11.133 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.11.133 - Malwarebytes)
Microsoft .NET Host - 5.0.14 (x64) (HKLM\...\{61A6E3A7-F406-418A-B2A6-0606DB55B325}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x64) (HKLM\...\{8D88F0E2-CE9B-4A6D-8309-FDC562195F5B}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x64) (HKLM\...\{B810ACDF-1C0C-4108-9B92-12F1674FA444}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.18025.20140 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\OneDriveSetup.exe) (Version: 24.181.0908.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Teams) (Version: 1.2.00.34161 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Debug Runtime - 14.40.33810 (HKLM\...\{3003CC13-9BC4-48D1-95D6-14B2AFE0683B}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Debug Runtime - 14.40.33810 (HKLM-x32\...\{A0B90EAF-8FC1-49B2-A7D6-7F9B1FEFDD43}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.10.2154.60269 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{6E7D95E1-DA2A-4DED-A8C6-3FBA1714DB62}) (Version: 3.9.2148.60653 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{0AC39B1B-4AFC-4684-B22C-625848E16C92}) (Version: 3.9.2148.60653 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM\...\{4CD6FFC6-FA14-4016-A7A6-B7E3D6286331}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM-x32\...\{d21a4f20-968a-4b0c-bf04-a38da5f06e41}) (Version: 5.0.14.30911 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 130.0 (x64 de)) (Version: 130.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
MSI Development Tools (HKLM-x32\...\{3891A7DE-A85F-9B4E-2B84-50162AFA1E48}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.)
NETGEAR WNA3100 wireless USB 2.0 driver (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.2.2.29 - TEFINCOM S.A.)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.45.5.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.6.0.5 - Duodian Technology Co. Ltd.)
NVIDIA Grafiktreiber 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20140 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.18025.20126 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.2 (HKLM\...\{581F6CE1-0EE9-471C-B3E7-D8800F9E12C9}) (Version: 6.1.2 - Oracle Corporation)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PDF24 Creator 9.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.0 - PDF24.org)
ProtonVPN (HKLM-x32\...\{8C16DE53-E22C-406E-83C9-447D01A536B5}) (Version: 2.3.2 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 2.3.2) (Version: 2.3.2 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{87BDF456-9882-44E6-8FFC-F73B83E42EAD}) (Version: 1.1.4 - Proton Technologies AG)
ProtonVPNTun (HKLM-x32\...\{B1EBF050-CC3E-45B0-9DE5-339C6241F3DA}) (Version: 0.13.1 - Proton Technologies AG)
PS Remote Play (HKLM-x32\...\{E536EB8F-03EF-4EBA-B3FF-C5A544604841}) (Version: 4.0.0.09240 - Ihr Firmenname)
PuTTY release 0.78 (64-bit) (HKLM\...\{4EEF2644-700F-46F8-9655-915145248986}) (Version: 0.78.0.0 - Simon Tatham)
Python 3.12.4 (64-bit) (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\{fb355cb0-c07e-4095-85a7-81c5a2838da6}) (Version: 3.12.4150.0 - Python Software Foundation)
Python 3.12.4 Add to Path (64-bit) (HKLM\...\{EE615DC3-96ED-4BAD-8C76-ED4CCB561389}) (Version: 3.12.4150.0 - Python Software Foundation) Hidden
Python 3.12.4 Core Interpreter (64-bit) (HKLM\...\{4F815F87-CE9F-45CF-AEDE-EDF03728F8E6}) (Version: 3.12.4150.0 - Python Software Foundation) Hidden
Python 3.12.4 Development Libraries (64-bit) (HKLM\...\{7BFF8368-33A0-4DB3-9442-F5C881FE1B4D}) (Version: 3.12.4150.0 - Python Software Foundation) Hidden
Python 3.12.4 Documentation (64-bit) (HKLM\...\{AC7F58DC-CF45-4B28-9EAE-AE152C588907}) (Version: 3.12.4150.0 - Python Software Foundation) Hidden
Python 3.12.4 Executables (64-bit) (HKLM\...\{754A267E-52AE-4A9F-AFF4-F67EDC4B3610}) (Version: 3.12.4150.0 - Python Software Foundation) Hidden
Python 3.12.4 pip Bootstrap (64-bit) (HKLM\...\{EFA83559-2E1E-4671-85F7-B28AA1DD08D7}) (Version: 3.12.4150.0 - Python Software Foundation) Hidden
Python 3.12.4 Standard Library (64-bit) (HKLM\...\{62DD7DAF-6279-46FA-A06B-C4A541244045}) (Version: 3.12.4150.0 - Python Software Foundation) Hidden
Python 3.12.4 Tcl/Tk Support (64-bit) (HKLM\...\{71BC2876-3319-44FC-B5C5-1C0B86FC2733}) (Version: 3.12.4150.0 - Python Software Foundation) Hidden
Python 3.12.4 Test Suite (64-bit) (HKLM\...\{AC669800-A797-444D-A450-A5109BBC74DE}) (Version: 3.12.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3C4935A5-B72E-4DA4-809E-0287A0BC046F}) (Version: 3.12.4150.0 - Python Software Foundation)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.)
SDK ARM Additions (HKLM-x32\...\{2D2C18BA-7B10-0A98-F662-9D397CAEA0C3}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{B5F4C6AF-DC6F-F6A4-1087-D068F4660610}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Signal 6.41.0 (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.41.0 - Signal Messenger, LLC)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Support- und Wiederherstellungs-Assistent von Microsoft (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\ab73c1b96b735f9e) (Version: 17.1.1659.0 - Microsoft Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.34161 - Microsoft Corporation)
UltraVNC (HKLM\...\Ultravnc2_is1) (Version: 1.4.3.6 - uvnc bvba)
Universal CRT Extension SDK (HKLM-x32\...\{E9508840-8997-0DA6-2BF2-66913126B654}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{D3CE43AE-FB64-9FCA-BE16-5A2F3F2B112D}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{1D228B5E-62E8-737B-3478-78A795EBB8EC}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{2C897543-D940-0177-58DE-0D00653DE0B2}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{384A28F5-6B08-01FB-BE75-EBC673BBCACF}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D3B0EFC4-878A-CA8C-7C79-1160CDF637D1}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
vcpp_crt.redist.clickonce (HKLM-x32\...\{92668CA7-D080-40A4-A0B4-061504E9C785}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Visual Studio Build Tools 2022 (HKLM-x32\...\27952d8d) (Version: 17.10.3 - Microsoft Corporation)
Vivaldi (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\Vivaldi) (Version: 6.9.3447.54 - Vivaldi Technologies AS.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VS Script Debugging Common (HKLM\...\{D56DC014-C4C1-4330-B32B-D9785DAE7BCB}) (Version: 17.0.125.0 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{D53621DB-9A8B-443C-A5DA-B31625BAF7D0}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{30E1FE2A-3AF7-4025-8C58-7CC7A6111956}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{A02B2AB5-932A-4D33-9625-DC3FFDBE5E5D}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{1851460E-0E63-4117-B5BA-25A2F045801B}) (Version: 17.7.40001 - Microsoft Corporation)
vs_filehandler_amd64 (HKLM-x32\...\{D1C55BC2-6D4A-4324-A55C-CA49A8824307}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{56100714-49CB-4B21-9206-4DD1AFDDD56F}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{7E323F7D-3983-41D9-9D7F-F961D53EB7B8}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_githubprotocolhandlermsi (HKLM-x32\...\{7239EFF3-63C4-474B-874B-5A7364E243EE}) (Version: 17.10.34803 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{F49FD8E1-D278-4089-B3E0-8CE3415ED830}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{EEA6D3A0-5550-4C72-A240-6855A26F2784}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{F7D0A75D-B5E4-475E-950D-B7A100656B2F}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{DE0B333D-49EB-498A-8AFE-90186269B5EA}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{E37D72E2-6E06-4F6E-96C5-95C8F0B51E6E}) (Version: 17.10.34804 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{66DCCE57-13F7-43AC-B16E-48EA5C89806D}) (Version: 17.10.34803 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{582A2D2E-B9C9-4002-BA6C-28EDDA3DBD96}) (Version: 17.10.34803 - Microsoft Corporation) Hidden
VyprVPN (HKLM\...\{526B3DDC-6891-4F43-8F64-8B83DC9E4848}) (Version: 4.3.1.10763 - Golden Frog, GmbH.)
WinAppDeploy (HKLM-x32\...\{C952A289-86CA-9322-7C44-F6E7526FD5E3}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (HKLM\...\{750766A0-28E0-2EC0-B83C-7C6F1236B041}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{C7C6D595-1045-1CDB-DDB8-F0DCB03B63B2}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{2CF6B1B1-3D60-A198-E401-093F7BA784F0}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (OnecoreUAP) (HKLM-x32\...\{7625FDE9-5B15-1CDF-3810-EC60A67F6D39}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{D6982C58-1FDC-FB2E-B55A-7329ADE7315C}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{779B6704-D2FB-9087-C7FB-0AA1586F6FCD}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{CFF175F4-9F1D-289D-B99E-EA6AFCF28F4E}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{8D92043C-84C1-368A-885F-5FD8B92200EC}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{A3D0A593-20CD-83E6-83DE-6068053F2BDF}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{01E7E930-A0F4-5340-5E2D-92EFC9D5821D}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{2DF27D5D-478A-CC3F-EF64-E461BC3B3580}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{F1E37C98-16B7-421F-BA33-6C5B5400012A}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{963BD0BD-2098-D21C-AA37-39876C732819}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{31D517CE-04EE-F508-87C6-A503372B02A1}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{A69CD06B-FED5-81AD-3D62-38B325BAD254}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{3A928615-B22E-42B6-A30A-CB7B1135F1CF}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{F50E3BAF-A09C-0730-319C-56221E12B747}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{2F5EB743-8C97-930F-F41E-2EC8D5D5565B}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{87CB1714-C57F-13EA-8982-8F720B44BCF3}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{838DC63C-34E9-9DBB-3A07-AEFC7768DC2A}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{24DAC073-46EA-ED5D-860A-845E8A27F426}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{A4634E74-BFEE-CF6C-BF53-8D5E252FC574}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{BED088F5-660E-C8E2-9FF4-F652445CC5FA}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{CACD4EBA-F620-A294-1B60-3CEB0954FE02}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{7E23CCDF-D8BD-36F8-CB1F-1DDE0D2B3F07}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{8122ABB9-0148-144D-F136-C3AFF4B985DB}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{E473E2C8-92A5-BA58-31B1-D24F923D927B}) (Version: 10.1.22621.3233 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{7741665B-2D3B-7E24-1014-56B62296CD88}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{6136B5FC-9FAD-B577-C5EA-AF2D266B7293}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{5F1CD2CB-9C4E-BF51-9C82-DE916CA5E4AE}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{5E5BB524-BA91-E7DE-4A85-11EC531AA622}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{76749279-BE8A-20AF-F257-0A79E080CF7E}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{CE1B7747-A39C-46B8-EB6F-01E5262B1289}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{4A130AF9-EC97-7D26-1FB0-03A0E5CC672B}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{35552522-5930-E1A1-B1E9-FF78918E1543}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{0374E0D0-98AE-0078-841E-DE9F70EDCB90}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{76D32574-2D58-5B25-A3D7-8B2CB4873306}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{C65278B7-2A3B-2D88-1489-991195ECF5F2}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{417DF3A3-09A1-3EAE-9F6C-5EB8DB4AD0F2}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{56E349AC-F849-A151-269B-8CFF2D14BB14}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.22621.3233 (HKLM-x32\...\{71684ad3-afc2-4a65-9d45-92ef58510f18}) (Version: 10.1.22621.3233 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{908BD5F8-E6C6-D2F6-AC09-C9F36EBC1A5F}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{FAA6B22E-702C-2AC7-05B1-197CD7CEA21D}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{B3CFDD53-69FB-E652-4F3D-D3781CF7F66E}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{538E91F2-5231-E289-051F-DB55DE88CF56}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{44E4AFD9-74E0-9631-4CE0-E7C779624FE2}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6430F847-9A5F-B3B8-7EEE-355F9F1CCD47}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{7E99A93A-8345-8BB6-EADB-10461E81BE0F}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{C5BEF528-FEAA-9607-907E-0972D86AD06F}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{5EBB309A-2974-F721-42A9-0212E54B3693}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{94DE555A-B513-762F-D7C6-2B2922940641}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{3C25B44A-1D95-9E5E-57E3-19D9AE3C3BC1}) (Version: 10.1.22621.3233 - Microsoft Corporation) Hidden
Zoom (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\ZoomUMX) (Version: 5.16.2 (22807) - Zoom Video Communications, Inc.)

Chrome apps:
============
Dokumente (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\80f019795061c75aaa93085ae5c445ba) (Version: 1.0 - Google\Chrome)
Dokumente (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\b39b36fa5ec9d17c1cad7782dc36bbe4) (Version: 1.0 - Google\Chrome)
Dokumente (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\c83b27e5041a41060387f08bdab44ab4) (Version: 1.0 - Google\Chrome)
Dokumente (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\ce32448fa175eba03f3092cc0817e549) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\23e29c0e4b602f5eca0b7c25cd4715e7) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\6dd92758c8cec2793f40728bf0ba2ec4) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\7e9af63030d1760d4ae278eebeb78046) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\fcdbdf23e9bd4561588443f6c43d3f6d) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\cd1e1783faac961ec080d02a0ecf3d99) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\df25f180bf670e4248674249817b7cf2) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\e0010a19f9a57894268fdf4c949082e2) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\eb24cc1b11c526ff4e006497341c31fd) (Version: 1.0 - Google\Chrome)
Präsentationen (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\5d7339ddebd91af334b6ab518e25cf54) (Version: 1.0 - Google\Chrome)
Präsentationen (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\8805f6dcb1e81b21952bfc8318d72612) (Version: 1.0 - Google\Chrome)
Präsentationen (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\bbfe5a9de8dc67bab75ad9bd7b16093d) (Version: 1.0 - Google\Chrome)
Präsentationen (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\cdccf01994919ecd57bb335916cc5eb4) (Version: 1.0 - Google\Chrome)
Tabellen (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\4243d202e910f612f1221afd38aa1121) (Version: 1.0 - Google\Chrome)
Tabellen (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\5cd1f9f124e543416c737fc12590a22c) (Version: 1.0 - Google\Chrome)
Tabellen (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\b06689da86c6741d1f83f17fcb12a4ee) (Version: 1.0 - Google\Chrome)
Tabellen (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\e832baa9cec3490fc36532553eeac70d) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\479cb9ef6886b6dbac9584005810473d) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\527fc5f681d50a0c69514d1ff7323a08) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\96c4d9d5f1a6f32e07ab0dafe437a954) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\c604bd52a14b4f70fb38c8bdd0efac05) (Version: 1.0 - Google\Chrome)

Packages:
=========

Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-08-29] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC [2024-06-15] ()
Adobe Acrobat Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC [2023-11-15] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-11] (Adobe Systems Incorporated)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-04-30] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-02] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe [2023-12-12] (Microsoft) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-24] (NVIDIA Corp.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-08-29] (Adobe Systems Incorporated)
Websuche von Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-3F6640289EF9} -> [Creative Cloud Files] => C:\Users\Comp\Creative Cloud Files [2022-02-02 16:16]
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Comp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{50585527-5BFE-4CCE-9D66-925ACD908D3E}\localserver32 -> C:\Users\Comp\AppData\Local\Vivaldi\Application\6.9.3447.54\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\Comp\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Comp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> ProtonVPN)
CustomCLSID: HKU\S-1-5-21-1573054408-997910720-4152984468-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-01] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-01] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-01] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-01] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-01] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-03] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Comp\Desktop\Daily Use - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Profile 11"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\OH 2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\OH 3 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\Profil 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\Reddit - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\sync 1st - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 15"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\sync 2nd - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\sync 3rd - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\sync 4th - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 9"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\sync 5th - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 10"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\sync 6th - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 11"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\sync 7th - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 12"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\sync 8th - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 13"
ShortcutWithArgument: C:\Users\Comp\Desktop\chrome profiles\sync 9th - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 14"
ShortcutWithArgument: C:\Users\Comp\Desktop\Brave profiles\Profile 1 - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Comp\Desktop\Brave profiles\sync 1 - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Comp\Desktop\Brave profiles\sync 2 - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Comp\Desktop\Brave profiles\sync 3 - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Comp\Desktop\Brave profiles\sync 4 - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Comp\Desktop\Brave profiles\Sync 5 - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Comp\Desktop\Brave profiles\Sync 6 - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Comp\Desktop\Brave profiles\Sync 7 - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Comp\Desktop\Brave profiles\Sync 8 - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Comp\Desktop\Brave profiles\Sync 9 - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Profile 10"
ShortcutWithArgument: C:\Users\Comp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Comp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Frist - 10 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Comp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\833c51592cc879ad\MetaMask.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 19" --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn
ShortcutWithArgument: C:\Users\Comp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69514ab4fcfe459c\New 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 19"
ShortcutWithArgument: C:\Users\Comp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\OH 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2022-01-19 19:37 - 2022-01-19 19:37 - 000101888 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\VyprVPN\GoldenFrogWFP.dll
2020-01-23 23:04 - 2015-02-26 21:19 - 000380928 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2020-01-23 23:04 - 2011-06-21 17:04 - 000229376 _____ (Broadcom Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\NETGEAR\WNA3100\wps_api.dll
2020-03-10 11:54 - 2020-03-10 11:54 - 001298962 _____ (Fortinet Inc.) [Datei ist nicht signiert] C:\Program Files\Fortinet\FortiClient\utilsdll.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Comp\Downloads\BlueStacks10Installer_10.3.10.1006_native_287d76b145429935d089ed956ae6616a_MzsxNSwwOzUsMTsxNSw0OzE1.exe:MBAM.Zone.Identifier [336]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\sharepoint.com -> hxxps://unikielde-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-03-19 06:49 - 2024-10-15 11:32 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1573054408-997910720-4152984468-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

Network Binding:
=============
Ethernet 3: Fortinet Virtual Ethernet Adapter (NDIS 6.30) -> ftvnic.sys
Ethernet 5: Nlwt Tun -> tap0901.sys
LAN-Verbindung 2: TAP-ProtonVPN Windows Adapter V9 -> tapprotonvpn.sys
Ethernet 6: TAP-VyprVPN Adapter V9 -> tapvyprvpn.sys
NordLynx 1: Nlwt Tun -> tap0901.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
LAN-Verbindung: PPPoP WAN Adapter -> pppop64.sys
Ethernet 4: Fortinet SSL VPN Virtual Ethernet Adapter -> ftsvnic.sys
Ethernet 2: TAP-NordVPN Windows Adapter V9 -> tapnordvpn.sys

NordLwf: NordVPN LightWeight Firewall
ft_fortifilter: FortiClient NDIS 6.3 Packet Filter Driver
SCM_NDISPROT: General NDIS Protocol Driver

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "AVMWlanClient"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\StartupApproved\Run: => "electron.app.BlueStacks Services"
HKU\S-1-5-21-1573054408-997910720-4152984468-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C84A5ACAF0A8CA7A1FEC7DE39997474F"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{12CF8AF1-8117-4AB8-BC37-E60EE756258A}] => (Allow) C:\Program Files (x86)\Sony\PS Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [{F638AC66-EA55-4C4E-A583-F8D92BDE19F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D90DB3CA-1FA3-4DD4-B607-B18A2E8EA971}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{776DBD50-66FA-47A9-BC69-EBA43FF3531B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{A81EBD8D-5B59-485D-8F2A-3AEB40414472}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{682B5DCC-0506-4F5D-B3FC-483AC8DBBDE6}] => (Block) C:\program files (x86)\starcraft ii\versions\base79998\sc2_x64.exe => Keine Datei
FirewallRules: [{85BC8193-3056-4C2D-ABA8-2C269789F4F3}] => (Block) C:\program files (x86)\starcraft ii\versions\base79998\sc2_x64.exe => Keine Datei
FirewallRules: [UDP Query User{343C23BB-57A4-4052-958F-569A983F6537}C:\program files (x86)\starcraft ii\versions\base79998\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base79998\sc2_x64.exe => Keine Datei
FirewallRules: [TCP Query User{CFBF9AF2-550C-4EA2-A14D-1ACFCCD4E96A}C:\program files (x86)\starcraft ii\versions\base79998\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base79998\sc2_x64.exe => Keine Datei
FirewallRules: [{FAD66705-5129-4E19-943C-E2B6EF779C7D}] => (Allow) C:\Users\Comp\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BF4BDEC1-516C-4B37-9323-F86CAA357B9C}] => (Allow) C:\Users\Comp\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5DAE8E81-A81E-4C20-B298-8BA04D2E04F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{D9202D5E-29DF-4078-B01E-5DE37CC30BF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{51922F1A-E359-4F0E-900F-D3C374865726}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{ECEF6453-FAA9-46AE-AAF0-5B3F0BEE7491}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C989858E-13B1-4548-BC73-D1826A07ECCB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1EDC6745-ACAA-48C4-98F3-CD6A0D520C3B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{9F490494-A1DE-4827-BDEF-36FC50DD578A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{389E2B2D-86A0-4C7A-A58D-8C38D73CB100}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0C1F52D4-F476-442D-A2B0-D77B2F9A4428}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{18E6F895-DC59-472A-A120-5ACA05450BD7}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [UDP Query User{707F82A1-30A9-40FA-88F9-D6C319D67F6C}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{631BA0E9-9CE4-4229-9BAD-81CE0A80FCC7}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{5B6CE7E2-5F61-4F74-941B-CDF721DBB52F}C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe => Keine Datei
FirewallRules: [TCP Query User{A9E76BA3-3000-4289-86FC-58589FD70CD4}C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe => Keine Datei
FirewallRules: [{241CBE84-AAA2-477F-B974-953281B750FD}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe => Keine Datei
FirewallRules: [UDP Query User{E2A32B15-A849-4465-85D7-ED8719EFB0B1}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{EDFC4297-7DD0-4B66-B1A8-E0F21CB9CA34}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{6056BA5A-22BF-4B96-9819-401B0E24D98F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{30300758-801D-4021-954D-E25376B13B79}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7A3A6EF5-EB74-49E4-9127-4D3158E14BD5}C:\users\Comp\desktop\telegram\telegramdesktopportable\app\telegram\telegram.exe] => (Block) C:\users\Comp\desktop\telegram\telegramdesktopportable\app\telegram\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{4A5074FF-2935-407D-ADDC-1BEEDACF5744}C:\users\Comp\desktop\telegram\telegramdesktopportable\app\telegram\telegram.exe] => (Block) C:\users\Comp\desktop\telegram\telegramdesktopportable\app\telegram\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{C1EE22A9-4199-4FE9-9276-E655F7E03D1D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FDAD9F11-FFBC-47E3-B4F0-3CBD7F679A5E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ACABE94B-D158-4711-9117-C3ED33B44159}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Datei ist nicht signiert]
FirewallRules: [{06C82A5F-D161-485D-A29D-C4D9F0BD2374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Datei ist nicht signiert]
FirewallRules: [{AA5D19DD-CF0B-4598-8072-087B3D6423AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{5AFEC648-60A2-4FC1-8A2D-499A96C23E0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{E708369D-AFBC-45BD-BC60-61F6B0D332B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{0E01E713-6CBB-4CCF-9BE8-77211427FE6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{6E9607C7-4CB6-4CD7-9216-9BCE15C5B5F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe () [Datei ist nicht signiert]
FirewallRules: [{60D97379-DFCD-4284-9149-D9D26E136EB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe () [Datei ist nicht signiert]
FirewallRules: [{C0A20DB1-1017-4498-8B00-BE2D3BDE26B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{6BB46F8C-8C0D-4A7B-849D-E676E3FA89CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{49871A9D-075A-4815-AB3F-186DE01D63F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Act Natural\JustActNatural.exe () [Datei ist nicht signiert]
FirewallRules: [{3079A40D-C2E3-41C8-9045-E185395A9EEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Act Natural\JustActNatural.exe () [Datei ist nicht signiert]
FirewallRules: [{8F252398-D360-4E61-BF7A-08BF5677483A}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{EC16B197-9BF1-4C70-9207-7D90AE77D188}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [{75D47D40-7E43-460C-A294-80A30E6BBA30}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{80E5AAD1-26CB-4005-B91F-B43A684274BB}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [{80E89D9A-45E2-4DB4-B979-4D52CC37F9B5}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99C13CBD-B124-44A5-8D53-BCC8F7F872C3}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B84FDF9-2635-4638-91DC-019C4BF1A968}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7B3543EF-8EB8-4509-B5AD-91B721575DB9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A29E9AB-75B1-46B9-B643-BF0582CBB08B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C1A79782-EBAF-4ADC-AE12-B8E83E8137D0}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{E5FF9B26-9BC6-42C3-990E-1282F010CC38}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{9AF37E52-D584-42DD-969A-914C7A225D72}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{ADD92E5F-53F0-4F2D-A429-65DD2D911E9B}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{74987490-35CC-4411-8765-337668611E9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95E42171-B954-46EF-80CF-1E3A0CB25740}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CAE0F1D9-72FD-466F-B11E-DE3EFCA0893A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C88201A-6FCF-4973-A9E8-D806F097C0E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1F4EF40-2691-47F3-8369-55DF2E8BADAF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{73A3A9B5-34B9-4FDF-9DD3-2C8E6B9CDA76}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{02090090-DAAD-4EB7-89B8-680BAD73178F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

09-10-2024 11:58:00 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Nlwt Tun
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-VyprVPN Adapter V9
Description: TAP-VyprVPN Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-VyprVPN Provider V9
Service: tapvyprvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (10/13/2024 02:56:38 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..

Error: (10/13/2024 02:56:38 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.]

Error: (10/10/2024 04:37:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.19041.4842, Zeitstempel: 0x1f5e4fa0
Name des fehlerhaften Moduls: Windows.UI.ActionCenter.dll, Version: 10.0.19041.4717, Zeitstempel: 0x0cce247b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001e6cd0
ID des fehlerhaften Prozesses: 0x259c
Startzeit der fehlerhaften Anwendung: 0x01db1afc05869a69
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.ActionCenter.dll
Berichtskennung: 7c06221b-4f1e-4726-b740-2cd72431f167
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (10/07/2024 11:41:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.19041.4842, Zeitstempel: 0x1f5e4fa0
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.4842, Zeitstempel: 0xe6d00f33
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001342e
ID des fehlerhaften Prozesses: 0x2c7c
Startzeit der fehlerhaften Anwendung: 0x01db189cdab96e0b
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 39b748c1-a357-4f74-869c-88f0b660f458
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (10/07/2024 04:14:35 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..

Error: (10/07/2024 04:14:35 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.]

Error: (10/03/2024 11:23:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm notepad.exe Version 10.0.19041.4355 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4ee4

Startzeit: 01db15da00047911

Beendigungszeit: 5

Anwendungspfad: C:\Windows\System32\notepad.exe

Bericht-ID: 330d63a2-3b74-4077-bc63-9fe02f5b0336

Vollständiger Name des fehlerhaften Pakets: 

Relative Anwendungs-ID des fehlerhaften Pakets: 

Absturztyp: Unknown

Error: (09/27/2024 04:47:17 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..


Systemfehler:
=============
Error: (10/15/2024 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Das Secure Boot-Update konnte eine Secure Boot-Variable mit dem Fehler -2147020471 nicht aktualisieren. Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931

Error: (10/15/2024 03:23:39 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5AF3114C-9C6E-4C86-AC56-79FDDE4434A3} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (10/15/2024 03:23:39 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5AF3114C-9C6E-4C86-AC56-79FDDE4434A3} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (10/15/2024 03:23:39 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5AF3114C-9C6E-4C86-AC56-79FDDE4434A3} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (10/15/2024 03:23:39 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5AF3114C-9C6E-4C86-AC56-79FDDE4434A3} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (10/15/2024 12:58:38 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5AF3114C-9C6E-4C86-AC56-79FDDE4434A3} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (10/15/2024 12:58:38 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5AF3114C-9C6E-4C86-AC56-79FDDE4434A3} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (10/15/2024 12:58:38 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5AF3114C-9C6E-4C86-AC56-79FDDE4434A3} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.


Windows Defender:
================
Date: 2024-10-15 18:33:07
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/FusionCore&threatid=311944&enterprise=0
Name: PUABundler:Win32/FusionCore
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Comp\Downloads\nox_setup_v6.6.0.5_full_intl.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-L7IO3LM\Comp
Prozessname: C:\Users\Comp\Downloads\FRST64.exe
Sicherheitsversion: AV: 1.419.509.0, AS: 1.419.509.0, NIS: 1.419.509.0
Modulversion: AM: 1.1.24080.9, NIS: 1.1.24080.9

Date: 2024-10-15 14:21:09
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {9BCAD5BA-5B7C-4E0B-8DDC-66DA19EBA09E}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2024-10-14 14:53:28
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B552E0ED-030D-4EAA-8D76-E2F127589BFB}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2024-10-13 14:40:25
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {AE825FE9-6BF9-47B6-8E01-67F2438EBDFC}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2024-10-13 14:38:19
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {9D26E1DB-5BEC-4C6E-B6EF-C58E9717E8E6}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]:

Date: 2024-09-12 11:12:12
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.417.629.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.24070.3
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". 

Date: 2024-06-09 12:11:36
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.413.176.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.24050.5
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". 

Date: 2024-06-02 03:46:39
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.413.48.0
%Vorherige Version der Sicherheitsinformationen: 1.413.46.0
Update Source: Benutzer
Sicherheitstyp: AntiSpyware
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.24050.5
%Vorherige Modulversion: 1.1.24050.5
Fehlercode: 0x80509004
Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". 

Date: 2024-06-02 03:46:39
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.413.48.0
%Vorherige Version der Sicherheitsinformationen: 1.413.46.0
Update Source: Benutzer
Sicherheitstyp: AntiVirus
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.24050.5
%Vorherige Modulversion: 1.1.24050.5
Fehlercode: 0x80509004
Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". 

Date: 2024-03-02 12:39:11
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.405.802.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.24010.10
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 

CodeIntegrity:
===============
Date: 2024-10-15 11:34:21
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Comp\AppData\Local\Discord\app-1.0.9166\Discord.exe) attempted to load \Device\HarddiskVolume4\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 1820 09/12/2019
Hauptplatine: ASUSTeK COMPUTER INC. TUF B450-PLUS GAMING
Prozessor: AMD Ryzen 7 2700 Eight-Core Processor 
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 32696.4 MB
Verfügbarer physikalischer RAM: 13491.73 MB
Summe virtueller Speicher: 37560.4 MB
Verfügbarer virtueller Speicher: 11403.07 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.88 GB) (Free:379.8 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS

\\?\Volume{b85e8016-899d-4bbb-b4b8-437ee415493a}\ (Wiederherstellung) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{63537ace-0c6b-4946-95d2-aab8d4bd736f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2CDF1AE7)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
Vielen Dank für die Hilfe.

Alt 15.10.2024, 19:59   #5
M-K-D-B
/// TB-Ausbilder
 
PDF im Browser geöffnet, mögl. infiziert? - Standard

PDF im Browser geöffnet, mögl. infiziert?



Vielen Dank für die Logs.


Die vom Windows Defender bemängelte Datei sieht nach einem Installer aus, der Adware oder unerwünschte Software mitinstallieren könnte. Da wäre ich vorsichtig damit.
Für gewöhnlich lädt man Software direkt beim Hersteller/Entwickler, dann passiert sowas nicht. Du solltest besser auf deine Downloadquellen achten.



Die Logs sehen sauber aus, ich sehe keine aktive Malware.
Ich empfehle noch die Ausführung von SecurityCheck.

Führe SecurityCheck (SC) gemäß der bebilderten Anleitung aus und füge die Logdatei als Anhang hinzu.


Alt 19.10.2024, 14:41   #6
M-K-D-B
/// TB-Ausbilder
 
PDF im Browser geöffnet, mögl. infiziert? - Standard

PDF im Browser geöffnet, mögl. infiziert?



Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.

Thema geschlossen

Themen zu PDF im Browser geöffnet, mögl. infiziert?
andere, anderen, behaviour, browser, code, datei, dinge, führer, ics, infiziert, klicke, link, links, linux, malicious, malwarebytes, pdf, prüfen, scan, unterwegs, virus, virustotal, webseite, wenig, öffnet




Ähnliche Themen: PDF im Browser geöffnet, mögl. infiziert?


  1. pdf-Anhang in Spam-Mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 11.01.2024 (6)
  2. PDF-Anhang ausversehen geöffnet
    Überwachung, Datenschutz und Spam - 14.12.2022 (29)
  3. pdf-Anhang versehentlich geöffnet
    Überwachung, Datenschutz und Spam - 07.04.2022 (2)
  4. Phishing-PDF geöffnet - ist PC jetzt infiziert?
    Mülltonne - 31.03.2019 (35)
  5. Emailanhang geöffnet (PDF)
    Plagegeister aller Art und deren Bekämpfung - 08.02.2019 (3)
  6. Verdächtige PDF-Datei geöffnet - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 31.08.2016 (12)
  7. Wahrscheinlichinfizierte PDF Datei geöffnet
    Überwachung, Datenschutz und Spam - 23.07.2015 (1)
  8. DHL PDF im Spam Email geöffnet
    Log-Analyse und Auswertung - 20.05.2015 (13)
  9. PDF mit Trojaner geöffnet, Windows 7
    Plagegeister aller Art und deren Bekämpfung - 17.05.2015 (9)
  10. Fake Vodafone Rechnung PDF geöffnet. Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 20.11.2012 (3)
  11. 1&1 Telecom Rechnung PDF geöffnet
    Plagegeister aller Art und deren Bekämpfung - 31.10.2012 (10)
  12. Falsche Vodafonemail - PDF-Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (3)
  13. 1&1 Telekom PDF leider geöffnet
    Log-Analyse und Auswertung - 29.10.2012 (7)
  14. Elster E-Mail geöffnet - PDF exploiteingefangen ?
    Log-Analyse und Auswertung - 01.10.2012 (6)
  15. PDF geöffnet in Spammail geöffnet - Wie sicher sein das PC clean ist?
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (1)
  16. Elster.PDF geöffnet
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)

Zum Thema PDF im Browser geöffnet, mögl. infiziert? - Hey, ich war auf Webseite X unterwegs und habe dort auf einem Link geklickt bei dem ich vorher nicht wusste, dass er zu einer PDF führer wird. Grundsätzlich klicke ich - PDF im Browser geöffnet, mögl. infiziert?...
Archiv
Du betrachtest: PDF im Browser geöffnet, mögl. infiziert? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.