| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Riskware mit Pop-up Fenstern und Weiterleitung auf Stonifient.comWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
Gestern, 10:46
| #1 |
 |  Riskware mit Pop-up Fenstern und Weiterleitung auf Stonifient.com Hallo ich habe seit ein paar Tagen ein nervigen Trojaner/Virus der mit rollierenden Popupfenstern am rechten Bildschirmrand auftaucht. Meldung wie "Virus erkannt" und "Ihr Computer ist infiziert" sollen zum klicken anregen. Beim wegklicken habe ich mal das Kreuz nicht richtig getroffen, dann öffnet er die Webseite "https://stonifient.com/..." die dann von TotalAV und Malwarebytes erkannt und blockiert wird. Scans haben keinen Erfolg gebracht. Könnt ihr mir helfen? die FRST.txt füge ich hier ein, die Addition.txt wegen Größenproblemen im nächsten Theme: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2025
durchgeführt von raine (Administrator) auf HPOMEN14RB (HP OMEN Transcend Gaming Laptop 14-fb0xxx) (22-08-2025 11:24:01)
Gestartet von C:\Users\raine\Downloads\FRST64.exe
Geladene Profile: raine & _ashbackuppb_
Plattform: Microsoft Windows 11 Home Version 24H2 26100.4946 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\TotalAV\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\TotalAV\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files (x86)\TotalAV\SecurityService.exe ->) (Total Security Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe
(C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\oxHelper.exe <2>
(C:\Program Files\Fortect\MainService.exe ->) (Fortect LTD -> Fortect LTD) C:\Program Files\Fortect\MainProtection.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\HP\KeyboardRemap\OMENKeyboardRemapLauncher.exe ->) (HP Inc. -> ) C:\Program Files\HP\KeyboardRemap\OMENKeyboardRemapper.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Sentry and Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logi_crashpad_handler.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.46.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.46.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.25072.63.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.25072.63.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(CACCD12F-7BFA-4346-AD14-30B4E275348F -> ) C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.33.0.0_x64__0a78dr3hq0pvt\Assets\Native\GeneralHelper\NGenuity2GeneralHelper.exe <4>
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.32.165.1\extnhost\mc-extn-browserhost.exe
(drivers\Intel\ICPS\IDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\Intel\ICPS\IDBWM.exe
(drivers\Intel\ICPS\IntelConnectService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\Intel\ICPS\IntelConnect.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_0f2b4c962c16d743\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_0f2b4c962c16d743\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\BridgeCommunication.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_a50addc1f126c381\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_a50addc1f126c381\ipf_helper.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.46.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe
(Evernote Corporation -> Evernote Corporation) C:\Users\raine\AppData\Local\Programs\Evernote\Evernote.exe <8>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupClient-abpb.exe
(explorer.exe ->) (Fortect LTD -> Fortect Ltd.) C:\Program Files\Fortect\bin\FortectTray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <28>
(explorer.exe ->) (Marek Jasiński -> Marek Jasinski) C:\Program Files (x86)\FreeCommander XE\FreeCommander.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <21>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\raine\AppData\Local\Microsoft\OneDrive\25.140.0720.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\raine\AppData\Local\Microsoft\OneDrive\25.140.0720.0001\Microsoft.SharePoint.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\TotalAV\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Fortect LTD -> Fortect Ltd.) C:\Program Files\Fortect\bin\MainDaemon.exe
(services.exe ->) (Fortect LTD -> Fortect LTD.) C:\Program Files\Fortect\MainService.exe
(services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_0f2b4c962c16d743\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3c97e435117f8c16\x64\OmenCap\OmenCap.exe
(services.exe ->) (HP Inc. -> HP Inc; HP Development Company, L.P.) C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_91b5ed43a9896c4a\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_a50addc1f126c381\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_b966ea70c5407e74\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\Intel\ICPS\IntelAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\Intel\ICPS\IntelConnectivityNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_3f27c0e4d2852503\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\Intel\ICPS\IDBWMService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\Intel\ICPS\IntelConnectService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_373d1c272c00666b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ddb8818cc734a764\RtkAudUService64.exe <3>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (Total Security Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe <2>
(sihost.exe ->) (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI) C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2025.224.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe <5>
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_47.52530.5546.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12002.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Copilot_1.25074.146.0_x64__8wekyb3d8bbwe\Copilot.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2532.3.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_47.52530.5546.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\KeyboardRemap\OMENKeyboardRemapLauncher.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.26.430.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3456.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2508.1001.27.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.92.1.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ddb8818cc734a764\RtkAudUService64.exe [2387480 2024-11-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Ashampoo Backup PB] => C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupClient-abpb.exe [975712 2024-12-16] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [654048 2025-04-28] (Geek Software GmbH -> geek software GmbH)
HKLM\...\Run: [Fortect] => C:\Program Files\Fortect\bin\FortectTray.exe [3450424 2025-07-22] (Fortect LTD -> Fortect Ltd.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9527232 2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [545288 2025-03-16] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\Run: [com.evernote.Evernote] => C:\Users\raine\AppData\Local\Programs\Evernote\Evernote.exe [190679120 2025-08-08] (Evernote Corporation -> Evernote Corporation)
HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [42073048 2025-07-15] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\Run: [GoogleChromeAutoLaunch_77E96CAE99F3D92DD8B007DE1DB723F4] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3078808 2025-08-12] (Google LLC -> Google LLC)
HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\Run: [MicrosoftEdgeAutoLaunch_8F7C902004052123F2AAC02EFFB8DA1F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4117544 2025-08-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\Run: [] => [X]
HKU\S-1-5-21-2735172248-1304287514-1941203570-1002\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [545288 2025-03-16] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2735172248-1304287514-1941203570-1002\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2024-01-12] (HP Inc. -> )
HKLM\...\Windows x64\Print Processors\Canon TS6300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFQ.DLL [526848 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6300 series: C:\windows\system32\CNMLMFQ.DLL [956928 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\139.0.7258.129\Installer\chrmstp.exe [2025-08-19] (Google LLC -> Google LLC)
Startup: C:\Users\raine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2025-08-17]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {90817CF9-0318-4EFA-90F1-0457E6D9691F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {6E6246F6-C9BF-49D3-9C26-80CCE56CC9EB} - System32\Tasks\DropboxSystem\DropboxUpdater\DropboxUpdaterTaskSystem123.0.6299.129{E1158137-E04F-4820-829C-3055232FFBAC} => C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5F597A4E-F0B2-4B94-AC58-AED8056E2A0F} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem141.0.7340.0{6FA2D4F3-BE35-4ACB-B233-EE263E55714A} => C:\Program Files (x86)\Google\GoogleUpdater\141.0.7340.0\updater.exe [6813336 2025-08-06] (Google LLC -> Google LLC)
Task: {9FD4CB93-1566-488C-9720-5DE8105984A2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1004040 2025-05-26] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {1913413C-475A-4A3F-9293-45C0B0F660D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [480264 2025-05-26] (HP Inc. -> HP Inc.)
Task: {F5426D63-65A0-4A9B-BEAD-4528E3E16428} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [102400 2025-07-09] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {2B5F7703-8941-4AAB-8D2F-6A2893787FBE} - System32\Tasks\HPOneAgentRepairTask => C:\ProgramData\Package Cache\{38EBE077-6B9B-4E51-BE50-8F272A7853DB}\HPOneAgent.exe [1169784 2025-08-06] (HP Inc. -> HP Inc; HP Development Company, L.P.)
Task: {97230C05-6EFA-44D0-A816-703F59E17B37} - System32\Tasks\KeyboardRemap-sid-S-1-5-21-2735172248-1304287514-1941203570-1001 => C:\Program Files\HP\KeyboardRemap\OMENKeyboardRemapLauncher.exe [109576 2025-08-20] (HP Inc. -> HP Inc.)
Task: {AD5F97DB-74B0-453B-BF8B-595E6FFABB1D} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {AD5F97DB-74B0-453B-BF8B-595E6FFABB1D} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {2BF9D7FC-4491-4702-B014-83F16E0F5EE7} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {2BF9D7FC-4491-4702-B014-83F16E0F5EE7} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {8729A249-9E37-45B6-A37C-D8770FCE7E32} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {8729A249-9E37-45B6-A37C-D8770FCE7E32} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {C7D75262-4AB9-41DD-97BB-467F41118CE5} - System32\Tasks\McAfee\WPS\McAfee Fake Alert Blocker => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {8EDE0E9D-94E4-4D5B-B98D-977E53D41DA6} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\wps\1.32.165.1\sustainability\mc-sustainability.exe [939688 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {A715E31D-127E-4996-B42C-9834F2BF32A6} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.32.165.1\dad\mc-dad.exe [2696240 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {645B554D-FD1D-4BA3-BF31-DC0E73D38CB5} - System32\Tasks\McAfee\WPS\McAfee Message Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {645B554D-FD1D-4BA3-BF31-DC0E73D38CB5} - System32\Tasks\McAfee\WPS\McAfee Message Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {232BE671-D012-47FC-B89D-58DEF5B35302} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {232BE671-D012-47FC-B89D-58DEF5B35302} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {3E651104-0DE2-4F47-830C-F4D2ED7A73F8} - System32\Tasks\McAfee\WPS\McAfee restart of PC => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {D3D4F1E9-AEC0-4195-9A79-69EEBC7EA59F} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {60923C70-90B9-480A-AC84-AD01726F45F8} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {7957E978-7BC9-4FF2-8A90-D7479EB63E74} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.32.165.1\mc-update.exe [3361008 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {EA25D83E-34FA-4737-ABDB-F31F7E1D0C64} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {EA25D83E-34FA-4737-ABDB-F31F7E1D0C64} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
Task: {4D1BF41E-9F79-4FE7-8C70-6249A657F5C2} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\WPS\1.32.165.1\mc-wns-client\mc-wns-client.exe [1051768 2025-08-15] (McAfee, LLC -> )
Task: {A79990E6-A140-4FD1-A03E-7AD3FF395FF6} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16890224 2025-08-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8935DC0-F6AA-4791-B9F3-86DB3457DD80} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28813696 2025-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2784BAC-4D92-4358-896E-8A6E9E42BB79} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [69984 2025-08-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {21CEEB38-793F-4F48-8828-5A85BD696793} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28813696 2025-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {876F22CB-9C2B-4C1B-9F9A-297F851C0A27} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311104 2025-08-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCC8DC8C-493D-4B5D-AA79-2599949B1DB7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311104 2025-08-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {80CECF1D-FB7D-41F2-AE3D-E627B6FC33BF} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1355064 2025-07-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {B488BD5F-0455-4900-AF31-0915B9B3652D} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2735172248-1304287514-1941203570-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [694912 2025-08-08] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {E39B295F-419C-4760-A91B-B6627C2EA06E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34944 2025-08-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {CE69CF26-661A-4B94-A822-A51A9DCF9604} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-12-14] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A1DA0254-DC29-47AA-A113-6D619695B916} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-12-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A17F908F-83DE-4531-9E59-B1CAA70D1FE3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-12-14] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {E69B9392-4C3A-4AEB-85C0-5DB6E6573239} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-12-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0C4099D5-769F-4D63-887B-5FF3DF988ED7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-12-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {020C2FC4-3CD9-49BD-8AB5-5478E9F549B2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-12-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3EC0D359-7C56-4689-B6D4-6F914F297BF6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-12-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {281CBF32-4023-402B-A816-31CE347E7C27} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73736 2025-08-20] (HP Inc. -> HP Inc.)
Task: {C1F24ED1-5DD5-4D9B-8B99-883626A58529} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73736 2025-08-20] (HP Inc. -> HP Inc.)
Task: {5B8470BD-8CAE-40EC-A7A9-E9F9E79F383A} - System32\Tasks\OmenInstallMonitorCustomEvent-sid-S-1-5-21-2735172248-1304287514-1941203570-1001 => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73736 2025-08-20] (HP Inc. -> HP Inc.)
Task: {FFD643AB-03BA-4C55-97EA-DBADDEDFC570} - System32\Tasks\OmenInstallMonitor-sid-S-1-5-21-2735172248-1304287514-1941203570-1001 => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73736 2025-08-20] (HP Inc. -> HP Inc.)
Task: {5A48CD99-E9D9-436C-8BCA-C02A370EC95E} - System32\Tasks\OmenInstallMonitorTemp => C:\Users\raine\AppData\Local\Temp\HP\OmenInstallMonitorTemp\OmenInstallMonitor.exe -update (Keine Datei) <==== ACHTUNG
Task: {79E5CA6F-48B4-4D14-A5F9-0241509FB68D} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2025-08-20] (HP Inc. -> HP Inc.)
Task: {08B8BF0A-E181-4822-8683-C1CF7E22428E} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2025-08-20] (HP Inc. -> HP Inc.)
Task: {1DDC2188-DF7B-45E8-B1C2-D5B101E5AF5E} - System32\Tasks\OmenOverlayCustomEvent-sid-S-1-5-21-2735172248-1304287514-1941203570-1001 => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2025-08-20] (HP Inc. -> HP Inc.)
Task: {FF2732D7-65E0-4826-8811-9B3AADA5462E} - System32\Tasks\OmenOverlay-sid-S-1-5-21-2735172248-1304287514-1941203570-1001 => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2025-08-20] (HP Inc. -> HP Inc.)
Task: {8E4A05D5-E733-48B9-83B6-3FA2D32634D3} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2735172248-1304287514-1941203570-1001 => C:\Users\raine\AppData\Local\Microsoft\OneDrive\25.140.0720.0001\OneDriveLauncher.exe [723816 2025-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5CC05BA-B25C-4263-930B-ADBB2295FE35} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [164360 2025-08-20] (HP Inc. -> HP Inc.)
Task: {5F600F2F-2564-4111-9BD4-7B621EFAB3A4} - System32\Tasks\SystemOptimizerCustomEvent => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [164360 2025-08-20] (HP Inc. -> HP Inc.)
Task: {21B28472-F5DB-482B-8EC8-02100864C63D} - System32\Tasks\SystemOptimizerCustomEvent-sid-S-1-5-21-2735172248-1304287514-1941203570-1001 => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [164360 2025-08-20] (HP Inc. -> HP Inc.)
Task: {D915285A-7FEF-410D-8808-3D8FBED45A0C} - System32\Tasks\SystemOptimizer-sid-S-1-5-21-2735172248-1304287514-1941203570-1001 => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [164360 2025-08-20] (HP Inc. -> HP Inc.)
Task: {116BFAD7-8545-47FE-BF39-12F2A878C86E} - System32\Tasks\SystemOptimizerTemp => C:\Users\raine\AppData\Local\Temp\HP\SystemOptimizerTemp\SystemOptimizer.exe -update (Keine Datei) <==== ACHTUNG
Task: {089050FE-1113-45E5-8E9D-778D2F2CF1B1} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2735172248-1304287514-1941203570-1001 => C:\Users\raine\AppData\Roaming\Zoom\bin\Zoom.exe [441656 2025-07-07] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\RNIdle Task.job => C:\Windows\System32\drivers\Intel\ICPS\RNIdleTask.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\1434D205279667164756: [DhcpNameServer] 10.128.128.128
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\1434D27457563747: [DhcpNameServer] 10.128.128.128
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\1447C616E6479637: [DhcpNameServer] 172.16.52.1
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\1447C616E6479637: [DhcpDomain] lan
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\24163756C6562784F6660284F6473507F647: [DhcpNameServer] 192.168.148.1
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\24163756C6562784F6660284F6473507F647: [DhcpDomain] localdomain
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\2456277686165737: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\2456277686165737: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\44F6E602255746F6C666F602: [DhcpNameServer] 192.168.5.1
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\44F6E602255746F6C666F602: [DhcpDomain] tendawifi.com
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\84D2255677162746370226970294E64756273696479784F64756C6: [DhcpNameServer] 10.211.15.254
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\86F6C6964616973757E6: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\86F6C6964616973757E6: [DhcpDomain] home
Tcpip\..\Interfaces\{ff40a4a4-d293-4cad-a7e1-a6614b0b0521}\94847402F4E45402255475142544350264275656027594D26494: [DhcpNameServer] 172.20.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default [2025-08-22]
Edge HomePage: Default -> hxxps://start.me/
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge NewTab: Default -> Active:"chrome-extension://acifeljplikjhjobbicjiknoeafjoddh/new_tab.html"
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Loom for Edge) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abeameknhmpmfegfbeioekonmhbmbpai [2025-02-27]
Edge Extension: (Neuer Tab-Seite von start.me) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\acifeljplikjhjobbicjiknoeafjoddh [2025-02-27]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2025-08-12]
Edge Extension: (ColorZilla) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2025-02-27]
Edge Extension: (Glasp Web Highlighter: PDF & Web Highlight) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\blillmbchncajnhkjfdnincfndboieik [2025-08-04]
Edge Extension: (Merlin - Ask AI to Research, Write & Review) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\camppjleccjaphfdbohjdohecfnoikec [2025-06-04]
Edge Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2025-08-07]
Edge Extension: (Video Rank Engine) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpjjipckhmcemlcgldkhdohmagjlladj [2025-02-27]
Edge Extension: (Keepa - Amazon Price Tracker) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejefaeioamebhekmfaclajddbpnnobje [2025-02-27]
Edge Extension: (Video Downloader Professional) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2025-02-27]
Edge Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fcbmiimfkmkkkffjlopcpdlgclncnknm [2025-06-27]
Edge Extension: (Google Docs Offline) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-28]
Edge Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hfaciehifhdcgoolaejkoncjciicbemc [2025-04-27]
Edge Extension: (Perplexity - AI Companion) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hlgbcneanomplepojfcnclggenpcoldo [2025-02-27]
Edge Extension: (OneTab) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hoimpamkkoehapgenciaoajfkfkpgfop [2025-02-27]
Edge Extension: (Chrome Remote Desktop) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2025-02-27]
Edge Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2025-02-27]
Edge Extension: (Phedra X: Revisualize & Edit Images From Web) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jckigdhmponckmebbhbfenjmofkklnif [2025-06-05]
Edge Extension: (ChatGPT for Google) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jgjaeacdkonaoafenlfkkkmbaopkbilf [2025-02-27]
Edge Extension: (Save to Pocket) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jicacccodjjgmghnmekophahpmddeemd [2025-02-27]
Edge Extension: (Edge relevant text changes) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-02-27]
Edge Extension: (Video DownloadHelper) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmkaglaafmhbcpleggkmaliipiilhldn [2025-08-15]
Edge Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\klfeohnijmogpjoeenglhonjfiacajpp [2025-08-21]
Edge Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2025-02-27]
Edge Extension: (Evernote Web Clipper) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llhcnbijpnechllogkacbcjmkcgjbjfi [2025-08-12]
Edge Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2025-08-21]
Edge Extension: (Enhanced ChatGPT) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mcbhhiafbiafmggccdcpgfldcaeipopg [2025-02-27]
Edge Extension: (Screencastify - Screen Video Recorder) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2025-08-12]
Edge Extension: (Video Downloader PLUS) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2025-02-27]
Edge Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2025-07-25]
Edge Extension: (Bookmarker bei start.me) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\obgopghdefjihikoknnjfooahlleabno [2025-02-27]
Edge Extension: (Monica: ChatGPT AI Assistant | DeepSeek, GPT-4o, Claude 3.5, o1 &More) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ofpnmcalabcbjgholdjcjblkibolbppb [2025-08-06]
Edge Extension: (Page Monitor) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ogeebjpdeabhncjpfhgdibjajcajepgg [2025-02-27]
Edge Extension: (Bookmarks clean up) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oncbjlgldmiagjophlhobkogeladjijl [2025-02-27]
Edge Extension: (OneNote Web Clipper) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oogbnpmeihfgnccdnmmlgicknopghhma [2025-04-27]
Edge Extension: (Telephone Number Detection) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oolkfddhhccdciigjigaghblnlkbgjki [2025-02-27]
Edge Extension: (vidIQ Vision for YouTube) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2025-08-15]
Edge Extension: (Microsoft Single Sign On) - C:\Users\raine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ppnbnpeolgkicgegkbkbjmhlideopiji [2025-02-27]
FireFox:
========
FF DefaultProfile: wptnycp5.default
FF ProfilePath: C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\wptnycp5.default [2025-04-29]
FF ProfilePath: C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release [2025-07-31]
FF Homepage: Mozilla\Firefox\Profiles\akavspe9.default-release -> hxxps://start.me/p/q6mjom/meine-startseite
FF Session Restore: Mozilla\Firefox\Profiles\akavspe9.default-release -> ist aktiviert.
FF Extension: (Ant Video downloader) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\anttoolbar@ant.com.xpi [2025-04-29]
FF Extension: (Coupert - Coupon Assistent & Cashback) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\appledev@soarinfotech.com.xpi [2025-07-24]
FF Extension: (Lesezeichenduplikate) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\bookmarkdupes@martin-vaeth.org.xpi [2025-04-29]
FF Extension: (Bookmarks Organizer) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\bookmarksorganizer@agenedia.com.xpi [2025-04-29]
FF Extension: (Easy Screenshot) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\easyscreenshot@mozillaonline.com.xpi [2025-04-29]
FF Extension: (OneTab) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\extension@one-tab.com.xpi [2025-04-29]
FF Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\fvdmedia@gmail.com.xpi [2025-04-29]
FF Extension: (ProxTube) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\ich@maltegoetz.de.xpi [2025-04-29]
FF Extension: (Grammatik- und Rechtschreibprüfung - LanguageTool) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\languagetool-webextension@languagetool.org.xpi [2025-07-25]
FF Extension: (Page Saver WE) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\pagesaver@pearlcrescent.com.xpi [2025-04-29]
FF Extension: (LastPass) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\support@lastpass.com.xpi [2025-07-23]
FF Extension: (Google Translator for Firefox) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\translator@zoli.bod.xpi [2025-04-29]
FF Extension: (View Pocket List) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{07ac6e38-c8dd-46b9-b089-7bee1def675c}.xpi [2025-04-29]
FF Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}.xpi [2025-04-29]
FF Extension: (Dark space - The best dynamic theme) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{22b0eca1-8c02-4c0d-a5d7-6604ddd9836e}.xpi [2025-04-29]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2025-07-23]
FF Extension: (Search by Image) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2025-07-23]
FF Extension: (SEOquake) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}.xpi [2025-04-29]
FF Extension: (Download All Images) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2025-07-23]
FF Extension: (Lightshot (Screenshot Tool)) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}.xpi [2025-04-29]
FF Extension: (ColorZilla) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2025-04-29]
FF Extension: (User-Agent Switcher) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2025-04-29]
FF Extension: (Logitech SetPoint) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi [2025-04-29]
FF Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2025-07-23]
FF Extension: (start.me Bookmarker) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{a52beb03-e4b2-42d3-ba9b-35bec74bb475}.xpi [2025-04-29]
FF Extension: (Private Video Downloader) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{b9a672d6-0a2c-470e-9bed-1ca2e2a900c5}.xpi [2025-04-29]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2025-04-29]
FF Extension: (Video DownloadHelper) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-07-23]
FF Extension: (Cosmic Cloud) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{cdabc232-3126-426f-8624-3d4b1609e431}.xpi [2025-04-29]
FF Extension: (Evernote Web Clipper) - C:\Users\raine\AppData\Roaming\Mozilla\Firefox\Profiles\akavspe9.default-release\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2025-07-23]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-08-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-07-15] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-08-17] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default [2025-08-22]
CHR Notifications: Default -> hxxps://17sya7h917.densiviste.com
CHR HomePage: Default -> hxxps://start.me/
CHR StartupUrls: Default -> "hxxps://confluence.aquila-capital.com/index.action"
CHR NewTab: Default -> Active:"chrome-extension://cfmnkhhioonhiehehedmnjibmampjiab/new_tab.html"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Superpower ChatGPT) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhmeenmapldpjdedekalnfifgnpfnkc [2025-08-17]
CHR Extension: (ColorZilla) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2025-03-10]
CHR Extension: (Glasp Web Highlighter: PDF & Web Highlight) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blillmbchncajnhkjfdnincfndboieik [2025-08-06]
CHR Extension: (PocketTube: Youtube PlayList Manager) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bplnofkhjdphoihfkfcddikgmecfehdd [2025-08-13]
CHR Extension: (Merlin - Ask AI to Research, Write & Review) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\camppjleccjaphfdbohjdohecfnoikec [2025-06-04]
CHR Extension: (Neuer Tab-Seite von start.me) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfmnkhhioonhiehehedmnjibmampjiab [2025-03-10]
CHR Extension: (OneTab) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2025-03-10]
CHR Extension: (vidIQ for Chrome) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppnjmdljhemhdachecffocboniemifa [2025-03-10]
CHR Extension: (Tampermonkey) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2025-03-10]
CHR Extension: (Video Rank Engine) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjjipckhmcemlcgldkhdohmagjlladj [2025-03-10]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-08-17]
CHR Extension: (Video Downloader Professional) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2025-03-10]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-08-17]
CHR Extension: (SERP Snippet Extractor by searchanalyzer.io) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcigkdheghgmadikicbaahpgklohlikn [2025-03-10]
CHR Extension: (Google Docs Offline) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-28]
CHR Extension: (1of10.com - Optimization Tool For Youtube) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkfdnmclhbgbidnpmimfdobgjpeblckn [2025-08-19]
CHR Extension: (OneNote Web Clipper) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojbdfnpnhogfdgjbigejoaolejmgdhk [2025-04-19]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2025-08-21]
CHR Extension: (Video Downloader Pro) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hebjaboacandjnlnhocfikmaghgbfjlp [2025-03-10]
CHR Extension: (Perplexity - AI Companion) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlgbcneanomplepojfcnclggenpcoldo [2025-03-10]
CHR Extension: (QuillBot: AI Writing and Grammar Checker Tool) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidnbdjijdkbmajdffnidomddglmieko [2025-08-21]
CHR Extension: (Chrome Remote Desktop) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2025-03-10]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2025-03-10]
CHR Extension: (ChatGPT for Google) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjaeacdkonaoafenlfkkkmbaopkbilf [2025-03-10]
CHR Extension: (AI Prompt Genius) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjdnakkfjnnbbckhifcfchagnpofjffo [2025-07-28]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2025-08-18]
CHR Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmnjgijlmjgmimahnillepgcgeemffb [2025-08-22]
CHR Extension: (GigaBrain - AI Companion for Reddit) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofkhnkdmpbngifdgbjeedlppjilcaei [2025-03-10]
CHR Extension: (Jabra Device Connector (Browser Extension)) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpmedpgagnidddimmioekjdhfllmdfia [2025-03-10]
CHR Extension: (Evernote Web) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2025-03-10]
CHR Extension: (Recall | Summarize Anything, Forget Nothing) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbooahljamnocpaahaidnmlgfklbben [2025-08-17]
CHR Extension: (Loom – Screen Recorder & Screen Capture) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2025-08-06]
CHR Extension: (Video DownloadHelper) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2025-05-22]
CHR Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2025-08-21]
CHR Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2025-07-11]
CHR Extension: (MaxAI: Ask AI anything as you browse (GPT, Gemini, Claude, Grok, etc.)) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhnlakgilnojmhinhkckjpncpbhabphi [2025-08-17]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2025-08-13]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2025-08-13]
CHR Extension: (Video Downloader PLUS) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2025-03-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-03-10]
CHR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2025-07-28]
CHR Extension: (Bookmarker bei start.me) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\obgopghdefjihikoknnjfooahlleabno [2025-03-10]
CHR Extension: (Monica: ChatGPT AI Assistant | DeepSeek, GPT-4o, Claude 3.5, o1 &More) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpnmcalabcbjgholdjcjblkibolbppb [2025-08-06]
CHR Extension: (Page Monitor) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogeebjpdeabhncjpfhgdibjajcajepgg [2025-03-10]
CHR Extension: (Bookmarks clean up) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncbjlgldmiagjophlhobkogeladjijl [2025-03-10]
CHR Extension: (Chat to Notion) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojndninaelbpllebamcojkdecjjhcle [2025-03-14]
CHR Extension: (Telephone Number Detection) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolkfddhhccdciigjigaghblnlkbgjki [2025-03-10]
CHR Extension: (vidIQ Vision for YouTube) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2025-08-17]
CHR Extension: (Evernote Web Clipper) - C:\Users\raine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2025-08-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe [40288 2024-12-16] (Ashampoo GmbH & Co. KG -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13283736 2025-08-08] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\System32\DbxSvc.exe [58984 2025-04-29] (Dropbox, Inc -> Dropbox, Inc.)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\230.4.8797\DropboxElevationService.exe [1659344 2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterInternalService123.0.6299.129; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterService123.0.6299.129; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [498456 2025-02-20] (DTS, Inc. -> DTS Inc.)
R2 EndpointProtectionService; C:\Program Files (x86)\TotalAV\Endpoint Protection SDK\endpointprotection.exe [12688224 2025-05-14] (Avira Operations GmbH -> Avira Operations GmbH) <==== ACHTUNG
S3 EndpointProtectionService2; C:\Program Files (x86)\TotalAV\Endpoint Protection SDK\endpointprotection.exe [12688224 2025-05-14] (Avira Operations GmbH -> Avira Operations GmbH) <==== ACHTUNG
R2 FortectDaemon; C:\Program Files\Fortect\bin\MainDaemon.exe [5286456 2025-07-21] (Fortect LTD -> Fortect Ltd.)
R2 FortectService; C:\Program Files\Fortect\MainService.exe [7196216 2025-07-22] (Fortect LTD -> Fortect LTD.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [475680 2023-04-14] (HP Inc. -> HP Inc.)
R2 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [2411616 2025-06-19] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\AppHelperCap.exe [930400 2025-07-14] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\DiagsCap.exe [928864 2025-07-14] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\NetworkCap.exe [924768 2025-07-14] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3c97e435117f8c16\x64\OmenCap\OmenCap.exe [755248 2024-10-25] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243720 2025-07-09] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\SysInfoCap.exe [929376 2025-07-14] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_0f2b4c962c16d743\x64\TouchpointAnalyticsClientService.exe [639720 2025-07-14] (HP Inc. -> HP Inc.)
R3 IDBWM; C:\WINDOWS\System32\drivers\Intel\ICPS\IDBWMService.exe [78648 2023-09-08] (Intel Corporation -> Intel® Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [460488 2024-04-03] (Canon Inc. -> )
R2 Intel Analytics Service; C:\WINDOWS\System32\drivers\Intel\ICPS\IntelAnalyticsService.exe [1985336 2023-09-08] (Intel Corporation -> Intel)
R2 Intel Connectivity Network Service; C:\WINDOWS\System32\drivers\Intel\ICPS\IntelConnectivityNetworkService.exe [2245536 2023-09-08] (Intel Corporation -> Intel)
S2 Intel Provider Data Helper Service; C:\WINDOWS\System32\drivers\Intel\ICPS\IntelProviderDataHelperService.exe [747936 2023-09-08] (Intel Corporation -> Intel)
S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_c25dbc60ad3b371a\lib\PlatformLicenseManagerService.exe [742904 2024-08-07] (Intel Corporation -> Intel(R) Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_3f27c0e4d2852503\AS\IAS\IntelAudioService.exe [363440 2025-02-17] (Intel Corporation -> Intel)
R3 IntelConnectService; C:\WINDOWS\System32\drivers\Intel\ICPS\IntelConnectService.exe [78752 2023-09-08] (Intel Corporation -> Intel® Corporation)
S2 IntelDisplayUMService; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_aa5575429179e6c3\IntelDisplayUMService.exe [390544 2025-02-02] (Intel Corporation -> Intel Corporation)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_a50addc1f126c381\ipf_uf.exe [3084992 2024-05-23] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9609096 2025-08-18] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-08-18] (Malwarebytes Inc. -> Malwarebytes)
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.32.165.1\mc-fw-host.exe [2723968 2025-08-15] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.32.165.1\mc-update.exe [3361008 2025-08-15] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [951024 2025-08-16] (McAfee, LLC -> McAfee, LLC)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_373d1c272c00666b\Display.NvContainer\NVDisplay.Container.exe [1275528 2025-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [21271888 2025-08-20] (Logitech Inc -> Logitech, Inc.)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [654048 2025-04-28] (Geek Software GmbH -> geek software GmbH)
R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [225912 2025-07-14] (Total Security Limited -> TotalAV) <==== ACHTUNG
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AcpiAudioCompositor; C:\WINDOWS\System32\DriverStore\FileRepository\acpiaudiocompositor.inf_amd64_3b72ba1d1e462699\AcpiAudioCompositor.sys [114560 2024-06-27] (Microsoft Corporation -> Microsoft Corporation)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [179768 2025-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [223296 2025-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
R1 cbfilter24-0; C:\Program Files\Fortect\cbfilter24.sys [407224 2025-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
R1 cbprocess24-0; C:\Program Files\Fortect\cbprocess24.sys [91360 2025-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
R1 cbregistry24-0; C:\Program Files\Fortect\cbregistry24.sys [143560 2025-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2025-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2025-04-19] (Microsoft Windows -> Microsoft Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_7a1ef17ecb1f36ce\x64\hpomencustomcapdriver.sys [24968 2024-07-11] (HP Inc. -> HP Inc.)
R2 HpReadHWData; C:\windows\system32\drivers\HpReadHWData.sys [58952 2025-03-11] (HP Inc. -> Windows (R) Win 7 DDK provider)
R3 iaLPSS2_GPIO2_MTL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_mtl.inf_amd64_09c898ac0a6057e6\iaLPSS2_GPIO2_MTL.sys [176232 2024-03-27] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_MTL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_mtl.inf_amd64_ebe13cc3b9ecef7d\iaLPSS2_I2C_MTL.sys [212584 2024-03-27] (Intel Corporation -> Intel Corporation)
R3 IntcBtLE; C:\WINDOWS\System32\DriverStore\FileRepository\intcbtle.inf_amd64_bb884529e7a7ec47\IntcBtLE.sys [170440 2025-02-17] (Intel Corporation -> Intel(R) Corporation)
R3 INTCCoSvc; C:\WINDOWS\System32\drivers\Intel\ICPS\IntcCo11X64.sys [215456 2023-09-08] (Intel Corporation -> Intel Corporation)
R0 IntcPMT; C:\WINDOWS\System32\DriverStore\FileRepository\intcpmt.inf_amd64_7a61591fddff4def\intcpmt.sys [66808 2024-05-27] (Intel Corporation -> Intel Corporation)
R3 IntcSdwBus; C:\WINDOWS\System32\DriverStore\FileRepository\intcsdwbus.inf_amd64_4c54c2efd8e56be7\IntcSdwBus.sys [647624 2025-02-17] (Intel Corporation -> Intel(R) Corporation)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_9243944f4484f5e9\IntcUSB.sys [947144 2025-02-17] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_8e2f374849f1eba9\gna.sys [90304 2024-04-25] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_d8fafa4e2f98ceba\ipf_acpi.sys [88768 2024-05-23] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_a50addc1f126c381\ipf_cpu.sys [88144 2024-05-23] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_a50addc1f126c381\ipf_lf.sys [499392 2024-05-23] (Intel Corporation -> Intel Corporation)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140704 2025-08-12] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-08-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [212072 2025-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80960 2025-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2025-08-19] (Malwarebytes Inc -> Malwarebytes)
S0 mfeelam; C:\WINDOWS\System32\DRIVERS\mfeelam.sys [19536 2025-08-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> McAfee, LLC)
R0 mfesec; C:\WINDOWS\System32\DRIVERS\mfesec.sys [78088 2025-08-15] (McAfee, LLC -> McAfee, LLC)
R3 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [119656 2025-04-28] (Avira Operations GmbH -> Avira Operations GmbH)
S3 Netwaw14; C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_3600c12b90247a8b\Netwaw14.sys [5406888 2023-11-09] (Intel Corporation -> Intel Corporation)
R3 Netwaw16; C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_477c028818b7a796\Netwaw16.sys [5817016 2024-06-05] (Intel Corporation -> Intel Corporation)
R3 npu; C:\WINDOWS\System32\DriverStore\FileRepository\npu.inf_amd64_23d547ee4d8ae674\npu_kmd.sys [606672 2025-04-24] (Intel Corporation -> Intel(R) Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2023-12-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [247000 2025-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 OMENAudio; C:\WINDOWS\System32\DriverStore\FileRepository\omenaudio.inf_amd64_cb4d87cf57d20575\OMENAudio.sys [124376 2023-03-06] (HP Inc. -> HP Inc.)
R3 OMENLighting; C:\WINDOWS\System32\drivers\OMENLighting.sys [42568 2025-03-11] (HP Inc. -> Windows (R) Win 7 DDK provider)
S3 polarbear-split-tunneling; C:\Program Files\McAfee\WPS\1.32.165.1\vpn\Drivers\x64\SplitTunnelingDriver.sys [29176 2025-08-15] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [67496 2023-03-23] (Realtek Semiconductor Corp. -> Realtek)
R3 RtkSdcaXu; C:\WINDOWS\System32\DriverStore\FileRepository\rtksdcaxuhp.inf_amd64_0b66f189b47dd8dd\RtkSdcaXu.sys [595024 2024-11-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [444600 2025-05-06] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [444608 2025-05-06] (Avira Operations GmbH -> Avira Operations GmbH)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28792 2025-05-06] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH)
R3 rtu53cx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtu53cx22x64.inf_amd64_7ad6cb6897455685\rtu53cx22x64.sys [1166272 2025-04-09] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 SdcaAggregator; C:\WINDOWS\System32\DriverStore\FileRepository\sdcaaggregator.inf_amd64_1b7296f56c622879\SdcaAggregator.sys [200464 2024-06-27] (Microsoft Corporation -> Microsoft Corporation)
R3 SdcaClass; C:\WINDOWS\System32\DriverStore\FileRepository\sdcaclass.inf_amd64_30dcd45a83cad2fc\SdcaClass.sys [515968 2024-06-27] (Microsoft Corporation -> Microsoft Corporation)
R3 SdcaMfd; C:\WINDOWS\System32\DriverStore\FileRepository\sdcamfd.inf_amd64_20fd1df5502146ec\SdcaMfd.sys [184080 2024-06-27] (Microsoft Corporation -> Microsoft Corporation)
R3 SndWireDsp; C:\WINDOWS\System32\DriverStore\FileRepository\sndwiredsphp.inf_amd64_0075ff242348c537\SndWireDsp.sys [357448 2024-11-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [51192 2025-08-15] (OpenVPN Inc. -> The OpenVPN Project)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2025-04-19] (Microsoft Windows -> Microsoft Corporation)
R3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2025-04-19] (Microsoft Windows -> Microsoft Corporation)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-08-22 11:24 - 2025-08-22 11:24 - 000075577 _____ C:\Users\raine\Downloads\FRST.txt
2025-08-22 11:23 - 2025-08-22 11:24 - 000000000 ____D C:\FRST
2025-08-22 11:22 - 2025-08-22 11:22 - 002409472 _____ (Farbar) C:\Users\raine\Downloads\FRST64.exe
2025-08-21 14:35 - 2025-08-21 14:35 - 000752562 _____ C:\WINDOWS\system32\perfh007.dat
2025-08-21 14:35 - 2025-08-21 14:35 - 000169176 _____ C:\WINDOWS\system32\perfc007.dat
2025-08-20 18:26 - 2025-08-20 18:28 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-08-20 18:26 - 2025-08-20 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-08-20 10:18 - 2025-08-20 10:18 - 000000000 _____ C:\WINDOWS\system32\rtp.db
2025-08-20 10:18 - 2025-04-28 09:59 - 000119656 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\netprotection_network_filter.sys
2025-08-20 10:17 - 2025-05-06 06:02 - 000444608 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp2.sys
2025-08-20 10:17 - 2025-05-06 06:02 - 000444600 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp1.sys
2025-08-20 10:13 - 2025-08-21 14:27 - 000000000 ____D C:\ProgramData\TotalAV
2025-08-20 10:13 - 2025-08-21 14:27 - 000000000 ____D C:\Program Files (x86)\TotalAV
2025-08-20 10:13 - 2025-08-20 10:13 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2025-08-20 09:52 - 2025-08-20 09:52 - 000222480 _____ C:\Users\raine\Downloads\TotalAV.exe
2025-08-20 00:31 - 2025-08-20 00:31 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-08-19 13:45 - 2025-08-21 16:20 - 000000000 ____D C:\Users\raine\AppData\Roaming\Fortect
2025-08-19 13:45 - 2025-08-19 13:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fortect
2025-08-19 13:45 - 2025-01-09 15:18 - 000011768 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbregistryevtmsg.dll
2025-08-19 13:45 - 2025-01-09 15:18 - 000011768 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbprocessevtmsg.dll
2025-08-19 13:45 - 2025-01-09 15:18 - 000011768 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbfilterevtmsg.dll
2025-08-19 13:44 - 2025-08-21 14:29 - 000000000 ____D C:\ProgramData\Fortect
2025-08-19 13:44 - 2025-08-19 13:45 - 000000000 ____D C:\Program Files\Fortect
2025-08-19 13:43 - 2025-08-19 13:43 - 000845672 _____ (Fortect) C:\Users\raine\Downloads\Fortect.exe
2025-08-19 13:38 - 2025-08-19 13:38 - 000000026 _____ C:\Users\raine\AppData\LocalLow\47c477fad8f83ce444ad35a730bdd38e4f86300079b95fb7117835759304fa2f
2025-08-19 13:35 - 2025-08-20 00:00 - 000226053 _____ C:\Users\raine\AppData\LocalLow\604861de5493d7cd120e855a1a5c1350dc0045a938eef314538361ed85b2bc05
2025-08-18 21:16 - 2025-08-22 11:25 - 000000000 ____D C:\Users\raine\AppData\Local\Malwarebytes
2025-08-18 21:16 - 2025-08-18 21:16 - 000002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-08-18 21:16 - 2025-08-18 21:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-08-18 21:16 - 2025-08-18 21:16 - 000000000 ____D C:\Program Files\Malwarebytes
2025-08-18 21:15 - 2025-08-18 21:15 - 002828424 _____ (Malwarebytes) C:\Users\raine\Downloads\MBSetup.exe
2025-08-17 18:59 - 2025-08-17 18:59 - 000000000 ____D C:\Users\raine\AppData\Local\PDF24
2025-08-17 17:52 - 2025-08-17 17:52 - 000000000 ____D C:\Users\raine\AppData\Roaming\Microsoft\Bibliography
2025-08-17 15:28 - 2025-08-17 15:28 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-08-17 13:08 - 2025-08-17 13:11 - 000000000 ____D C:\Users\raine\AppData\Roaming\Outlook Google Calendar Sync
2025-08-17 13:08 - 2025-08-17 13:08 - 007028096 _____ (Paul Woolcock) C:\Users\raine\Downloads\OGCS_Setup.exe
2025-08-17 13:08 - 2025-08-17 13:08 - 000002676 _____ C:\Users\raine\OneDrive\Desktop\Outlook Google Calendar Sync.lnk
2025-08-17 13:08 - 2025-08-17 13:08 - 000000000 ____D C:\Users\raine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paul Woolcock
2025-08-17 13:08 - 2025-08-17 13:08 - 000000000 ____D C:\Users\raine\AppData\Local\SquirrelTemp
2025-08-17 13:08 - 2025-08-17 13:08 - 000000000 ____D C:\Users\raine\AppData\Local\OutlookGoogleCalendarSync
2025-08-15 16:13 - 2025-08-15 16:13 - 000051192 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2025-08-15 11:47 - 2025-08-15 12:37 - 000020326 _____ C:\Users\raine\OneDrive\Dokumente\Bali_Itinerary_2025.xlsx
2025-08-14 07:05 - 2025-08-14 07:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2025-08-13 02:25 - 2025-08-22 04:27 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-08-12 22:16 - 2025-08-12 22:16 - 000034314 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-08-12 22:16 - 2025-08-12 22:16 - 000034314 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-08-11 17:37 - 2025-08-11 17:37 - 004358203 _____ C:\Users\raine\Downloads\Mastermind Workbook- Session 5 Building Automations (Outskill).pdf
2025-08-11 17:36 - 2025-08-11 17:36 - 000344354 _____ C:\Users\raine\Downloads\Mastermind Workbook Session 4 - Building Bots and Agents Gemini Gems.pdf
2025-08-11 17:35 - 2025-08-11 17:35 - 004224337 _____ C:\Users\raine\Downloads\Mastermind Workbook- Session 2&3 (Outskill).pdf
2025-08-11 17:35 - 2025-08-11 17:35 - 001389366 _____ C:\Users\raine\Downloads\Mastermind Workbook- Session 1 (Outskill).pdf
2025-08-08 07:53 - 2025-08-22 08:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-08-02 15:11 - 2025-08-20 00:31 - 000028024 _____ C:\Users\raine\AppData\LocalLow\673a41ac63ab4a1472d4b377aa3c6dbd53f0d7ec350ea3bb6877bc04e17f0ffc
2025-08-02 15:11 - 2025-08-02 15:11 - 000000026 _____ C:\Users\raine\AppData\LocalLow\f2cd79e3939ad905c196f8a79a058fdcacb29dfe47b67eb828d9aa773aafe05f
2025-08-01 08:43 - 2025-08-01 08:43 - 000002264 _____ C:\Users\raine\AppData\LocalLow\DeviceId=7D55_DeviceRevisionId=0008_DevicePciAddr=0.2.0_AppName=StartMenuExperienceHost=_ApiClient=D3D12
2025-07-31 18:21 - 2025-07-31 18:21 - 000011204 _____ C:\Users\raine\AppData\LocalLow\9247946adebc388b331fefa88eb84cf7b67a930ec177b7296063ae88fa4862e7
2025-07-31 18:21 - 2025-07-31 18:21 - 000000026 _____ C:\Users\raine\AppData\LocalLow\b2254bee14a4e83916dfceffc60c5e806be2048c82d62709bb4f3f49bb8590e5
2025-07-31 17:45 - 2025-08-04 00:20 - 000000000 ____D C:\Users\raine\AppData\Roaming\Microsoft\PowerPoint
2025-07-31 16:44 - 2025-07-31 16:44 - 000109153 _____ C:\Users\raine\AppData\LocalLow\f496291d4d488faef3bbca21455cb9444ae9589e44bdd9c0bea2e0494a42d123
2025-07-31 16:44 - 2025-07-31 16:44 - 000000026 _____ C:\Users\raine\AppData\LocalLow\71025dea2f298e738e39b1155c09372de72489d6777b2e59b5cd8baad5dfa448
2025-07-31 16:17 - 2025-07-31 16:17 - 000002264 _____ C:\Users\raine\AppData\LocalLow\DeviceId=7D55_DeviceRevisionId=0008_DevicePciAddr=0.2.0_AppName=msedgewebview2=WebViewHost.exe_ApiClient=D3D12
2025-07-31 16:15 - 2025-08-02 15:14 - 000146887 _____ C:\Users\raine\AppData\LocalLow\c32d7f87da6bfc9fbaefd69266f5afab25f1a378e68f4df2987b36ef58da5741
2025-07-31 16:15 - 2025-07-31 16:15 - 000027109 _____ C:\Users\raine\AppData\LocalLow\07047bfbce1090b5e941c371ce0ebfa7a2039866c853c5b0d3fbe63889fb1bd8
2025-07-31 16:15 - 2025-07-31 16:15 - 000000026 _____ C:\Users\raine\AppData\LocalLow\c6ca78fc5865c6458685cbbdf8d910f42737f5cd401f9c6455dc84e086c3270d
2025-07-31 16:15 - 2025-07-31 16:15 - 000000026 _____ C:\Users\raine\AppData\LocalLow\b39386be1420dbe2fc218c648c4f2b0f720990a4138ebea1edf836a16b3692d6
2025-07-31 16:12 - 2025-08-19 13:24 - 000025589 _____ C:\Users\raine\AppData\LocalLow\f510960994312a39c99b747e60615b10806877d4d4bef11b325f096420c03cfd
2025-07-31 16:12 - 2025-07-31 16:12 - 000000026 _____ C:\Users\raine\AppData\LocalLow\94a0a9fb9268af879b8eae39a329082029bea29dc36c5da805b29c201d2c7f9a
2025-07-30 07:39 - 2025-07-30 07:39 - 000041775 _____ C:\Users\raine\AppData\LocalLow\9ef4b1a7e58db2172070109e5f5d76355652d34002517213242186b9f2ba0cc2
2025-07-30 07:39 - 2025-07-30 07:39 - 000000026 _____ C:\Users\raine\AppData\LocalLow\379c8b2115b17db079a29037ab386008f3a3d8923c7e24dd96e909727428b135
2025-07-30 07:38 - 2025-07-30 07:38 - 000055333 _____ C:\Users\raine\AppData\LocalLow\a54fb4b256a69c69090776b4652d82f28e0c8f99e851a08ae2474ee92875e152
2025-07-30 07:38 - 2025-07-30 07:38 - 000000026 _____ C:\Users\raine\AppData\LocalLow\56850bde1d8976ae7e369af477edf4e1befe77862383706230a5d67a883d2718
2025-07-28 17:50 - 2025-07-28 17:50 - 000000000 ____D C:\Users\raine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCut
2025-07-28 16:45 - 2025-07-28 16:46 - 007581742 _____ C:\Users\raine\Downloads\Sprache 250728_161354-verbessert-v2.wav
2025-07-28 16:06 - 2025-07-28 16:06 - 000452600 _____ C:\Users\raine\Downloads\WhatsApp Audio 2025-07-28 um 16.06.07_32c95f31.dat.unknown
2025-07-28 14:04 - 2025-07-28 14:04 - 004705178 _____ C:\Users\raine\Downloads\Mindvalley AI Summit Notes - drive-download-20250728T120425Z-1-001.zip
2025-07-28 14:02 - 2025-07-28 14:04 - 1782584242 _____ C:\Users\raine\Downloads\Mindvalley AI Summit 2025 Day 3.mp4
2025-07-28 13:57 - 2025-07-28 14:00 - 3082612386 _____ C:\Users\raine\Downloads\Mindvalley AI Summit 2025 Day 1.mp4
2025-07-28 13:04 - 2022-09-30 05:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2025-07-28 13:04 - 2022-09-30 05:24 - 000050720 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ss_conn_usb_driver2.sys
2025-07-28 11:33 - 2025-07-28 11:41 - 000000000 ____D C:\XboxGames
2025-07-28 11:33 - 2025-07-28 11:33 - 000000028 ____H C:\.GamingRoot
2025-07-27 17:24 - 2025-07-27 17:24 - 004299908 _____ C:\Users\raine\Downloads\italian food mix.mp4
2025-07-27 17:21 - 2025-07-27 17:21 - 010234596 _____ C:\Users\raine\Downloads\food pasta.mp4
2025-07-27 17:20 - 2025-07-27 17:20 - 008653770 _____ C:\Users\raine\Downloads\colosseum drone shot.mp4
2025-07-27 17:18 - 2025-07-27 17:18 - 021351955 _____ C:\Users\raine\Downloads\forum romana drone shot.mp4
2025-07-27 17:16 - 2025-07-27 17:16 - 004929216 _____ C:\Users\raine\Downloads\rom bei nacht.mp4
2025-07-27 17:14 - 2025-07-27 17:14 - 034258244 _____ C:\Users\raine\Downloads\Petersdom Fluss.mp4
2025-07-27 17:10 - 2025-07-27 17:10 - 015202781 _____ C:\Users\raine\Downloads\Trevi Brunnen.mp4
2025-07-27 17:02 - 2025-07-27 17:02 - 014861617 _____ C:\Users\raine\Downloads\spanische treppe video.mp4
2025-07-27 16:32 - 2025-07-27 16:32 - 000000000 ____D C:\Users\raine\AppData\Local\NEO
2025-07-27 14:40 - 2025-07-27 14:40 - 000177739 _____ C:\Users\raine\Downloads\Trevi Brunnen.avif
2025-07-25 11:23 - 2025-07-25 11:23 - 002483267 _____ C:\Users\raine\Downloads\20250514-greenpeace-studie-umweltauswirkungen-ki.pdf
2025-07-25 11:21 - 2025-07-25 11:21 - 003205087 _____ C:\Users\raine\Downloads\Klimawandel_Migration_und_Konflikt.pdf
2025-07-25 11:20 - 2025-07-25 11:20 - 005272706 _____ C:\Users\raine\Downloads\20250502-greenpeace-studie-ccs-risiken-nordsee.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-08-22 11:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-08-22 11:07 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2025-08-22 11:05 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-08-22 11:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-08-22 11:03 - 2025-04-29 13:47 - 000000000 ____D C:\Users\raine\AppData\Local\LogiOptionsPlus
2025-08-22 11:01 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-08-22 08:39 - 2025-04-19 04:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-08-22 08:39 - 2024-05-15 10:22 - 000000000 ____D C:\ProgramData\Package Cache
2025-08-22 00:24 - 2025-02-27 15:22 - 000000000 ____D C:\Users\raine\AppData\Local\OGH
2025-08-21 23:24 - 2025-05-03 18:09 - 000783108 _____ C:\Users\raine\AppData\LocalLow\7c30a26fdf3b4d4974a98a6d5a9d8daf71c85bea38099c0952cffab2beb76880
2025-08-21 23:22 - 2025-02-27 14:54 - 000000000 ____D C:\Users\raine\AppData\Local\CrashDumps
2025-08-21 23:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-08-21 18:13 - 2025-04-26 01:23 - 001366401 _____ C:\Users\raine\AppData\LocalLow\4c0e1115599f1e75f306d7de9ba3e53152fb4f0822db670a3c8fb4c40c7d64c5
2025-08-21 14:36 - 2024-05-15 10:21 - 000000000 ____D C:\ProgramData\NVIDIA
2025-08-21 14:35 - 2025-04-19 04:19 - 001749518 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-08-21 14:35 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-08-21 14:33 - 2025-03-11 09:22 - 000000000 ____D C:\Users\raine\AppData\Roaming\Dropbox
2025-08-21 14:33 - 2025-03-11 09:22 - 000000000 ____D C:\Users\raine\AppData\Local\Dropbox
2025-08-21 14:29 - 2025-04-29 10:47 - 000000000 ____D C:\Users\raine\AppData\Roaming\Evernote
2025-08-21 14:29 - 2025-04-19 04:17 - 000004484 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitorCustomEvent-sid-S-1-5-21-2735172248-1304287514-1941203570-1001
2025-08-21 14:29 - 2025-04-19 04:17 - 000004420 _____ C:\WINDOWS\system32\Tasks\OmenOverlayCustomEvent-sid-S-1-5-21-2735172248-1304287514-1941203570-1001
2025-08-21 14:29 - 2025-04-19 04:17 - 000004082 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitor-sid-S-1-5-21-2735172248-1304287514-1941203570-1001
2025-08-21 14:29 - 2025-04-19 04:17 - 000004022 _____ C:\WINDOWS\system32\Tasks\OmenOverlay-sid-S-1-5-21-2735172248-1304287514-1941203570-1001
2025-08-21 14:29 - 2025-02-27 15:20 - 000000000 ___RD C:\Users\raine\OneDrive
2025-08-21 14:28 - 2025-05-05 23:49 - 000004066 _____ C:\WINDOWS\system32\Tasks\KeyboardRemap-sid-S-1-5-21-2735172248-1304287514-1941203570-1001
2025-08-21 14:28 - 2025-04-19 04:17 - 000004460 _____ C:\WINDOWS\system32\Tasks\SystemOptimizerCustomEvent-sid-S-1-5-21-2735172248-1304287514-1941203570-1001
2025-08-21 14:28 - 2025-04-19 04:17 - 000004058 _____ C:\WINDOWS\system32\Tasks\SystemOptimizer-sid-S-1-5-21-2735172248-1304287514-1941203570-1001
2025-08-21 14:28 - 2025-04-19 04:16 - 000003358 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-08-21 14:28 - 2024-03-01 12:30 - 000000000 ____D C:\Program Files\HP
2025-08-21 14:27 - 2025-04-29 10:39 - 000000000 ____D C:\Users\_ashbackuppb_
2025-08-21 14:27 - 2025-04-19 04:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-08-21 14:27 - 2025-04-19 04:13 - 000000000 ____D C:\Users\raine
2025-08-21 14:27 - 2025-02-27 14:45 - 000000000 ____D C:\Users\raine\AppData\Local\Packages
2025-08-21 14:27 - 2022-11-03 06:35 - 000000000 ____D C:\ProgramData\Packages
2025-08-21 14:27 - 2022-11-03 06:32 - 000012288 ___SH C:\DumpStack.log.tmp
2025-08-21 14:26 - 2025-04-19 04:12 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-08-21 07:58 - 2025-04-30 02:39 - 000000000 ____D C:\Users\raine\Outlook
2025-08-20 18:28 - 2025-04-29 13:47 - 000000000 ____D C:\Program Files\Logi
2025-08-20 10:18 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-08-20 00:31 - 2025-05-15 07:10 - 000000000 ____D C:\Users\raine\AppData\Local\Ashampoo Backup PB
2025-08-20 00:30 - 2024-04-01 09:21 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2025-08-19 23:43 - 2025-03-10 18:04 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-08-19 16:22 - 2025-04-27 18:07 - 000134694 _____ C:\Users\raine\AppData\LocalLow\7e34d1b5d040c6f93f3bb25d4ad1b643afc645eb277833fca71d4248b4e71dfb
2025-08-19 13:47 - 2025-02-27 15:19 - 000000000 ____D C:\Users\raine\AppData\Local\D3DSCache
2025-08-18 21:09 - 2025-04-29 13:49 - 000000000 ____D C:\Users\raine\AppData\Roaming\Microsoft\Word
2025-08-18 20:45 - 2025-04-29 12:23 - 000000000 ___RD C:\Users\raine\OneDrive\Dokumente\Camtasia
2025-08-18 20:08 - 2025-04-16 08:25 - 000000000 ____D C:\Users\raine\AppData\Roaming\Telegram Desktop
2025-08-17 15:27 - 2024-03-01 12:32 - 000000000 ____D C:\Program Files\Microsoft Office
2025-08-17 13:58 - 2022-11-03 06:32 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-08-16 16:28 - 2025-02-27 15:21 - 000000000 ____D C:\Users\raine\OneDrive\Dokumente\My Kindle Content
2025-08-15 19:56 - 2025-04-29 13:50 - 000000000 ____D C:\Users\raine\AppData\Roaming\Microsoft\Excel
2025-08-15 16:13 - 2024-05-15 10:36 - 000078088 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfesec.sys
2025-08-15 16:13 - 2024-05-15 10:36 - 000019536 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeelam.sys
2025-08-14 17:03 - 2025-04-19 04:17 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2735172248-1304287514-1941203570-1001
2025-08-14 17:03 - 2025-04-19 04:17 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2735172248-1304287514-1941203570-1001
2025-08-14 17:03 - 2025-04-19 04:17 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2735172248-1304287514-1941203570-1001
2025-08-14 17:03 - 2025-02-27 15:20 - 000002406 _____ C:\Users\raine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-08-14 07:05 - 2025-03-24 17:24 - 000000000 ____D C:\Users\raine\dwhelper
2025-08-14 07:05 - 2025-03-11 09:22 - 000000000 ____D C:\Program Files (x86)\Dropbox
2025-08-13 21:18 - 2025-04-29 13:27 - 000000000 ____D C:\Users\raine\AppData\Roaming\vlc
2025-08-13 11:38 - 2025-04-24 14:24 - 000075032 _____ C:\Users\raine\AppData\LocalLow\aaa3e82b0d09c0740287e32be34d2356e94d8b90797e2a41adf3b3641962e527
2025-08-13 11:17 - 2025-02-27 15:21 - 000333093 _____ C:\Users\raine\AppData\LocalLow\c218b245afe7d66a12f3bfc733c3e7f0dda2657a57f6e25c839c94d4bf51f8a0
2025-08-13 03:22 - 2025-04-29 16:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-08-13 03:22 - 2025-04-19 04:13 - 000735336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-08-13 03:21 - 2024-04-01 18:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-08-13 03:21 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-08-13 03:21 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-08-13 02:26 - 2025-02-27 17:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-08-13 02:23 - 2025-02-27 17:32 - 223939376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-08-12 22:16 - 2025-04-19 04:16 - 003389952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-08-12 10:36 - 2025-05-03 16:30 - 000000000 ____D C:\Users\raine\Downloads\FireShot
2025-08-10 19:56 - 2025-06-14 20:43 - 000000000 ___RD C:\Users\raine\OneDrive\Dokumente\Zoom
2025-08-08 14:53 - 2025-04-29 16:53 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-08-06 14:14 - 2025-04-19 04:17 - 000003846 _____ C:\WINDOWS\system32\Tasks\HPOneAgentRepairTask
2025-08-05 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-08-02 16:23 - 2025-04-29 13:37 - 000000000 ____D C:\ProgramData\CanonIJPLM
2025-08-02 15:19 - 2025-02-27 15:29 - 000000000 ____D C:\Users\raine\AppData\Roaming\Microsoft\Office
2025-08-02 09:36 - 2025-04-19 04:17 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-08-02 09:36 - 2025-04-19 04:17 - 000003630 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-07-28 17:50 - 2025-04-30 03:43 - 000001390 _____ C:\Users\raine\OneDrive\Desktop\CapCut.lnk
2025-07-28 11:33 - 2025-02-27 14:46 - 000000000 ____D C:\Users\raine\AppData\Local\PlaceholderTileLogoFolder
2025-07-27 17:37 - 2025-04-30 03:43 - 000000000 ____D C:\Users\raine\AppData\Local\CapCut
2025-07-23 11:35 - 2025-04-29 16:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
Gestern, 11:03
| #2 |
| | Riskware mit Pop-up Fenstern und Weiterleitung auf Stonifient.com - Teil 2Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-08-2025
durchgeführt von raine (22-08-2025 11:26:34)
Gestartet von C:\Users\raine\Downloads
Microsoft Windows 11 Home Version 24H2 26100.4946 (X64) (2025-04-19 02:18:04)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-2735172248-1304287514-1941203570-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2735172248-1304287514-1941203570-503 - Limited - Disabled)
Gast (S-1-5-21-2735172248-1304287514-1941203570-501 - Limited - Disabled)
raine (S-1-5-21-2735172248-1304287514-1941203570-1001 - Administrator - Enabled) => C:\Users\raine
WDAGUtilityAccount (S-1-5-21-2735172248-1304287514-1941203570-504 - Limited - Disabled)
_ashbackuppb_ (S-1-5-21-2735172248-1304287514-1941203570-1002 - Administrator - Enabled) => C:\Users\_ashbackuppb_
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee (Enabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6}
AV: TotalAV (Enabled - Up to date) {D44577B7-C2F8-0D38-B6A2-0E05894EB777}
FW: McAfee (Enabled) {33DABA11-0345-2098-851C-6841DCAA8BCD}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.20577 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\Amazon Kindle) (Version: 2.7.1.70978 - Amazon)
Ashampoo Backup Pro 25 (HKLM\...\{91B33C97-4DF6-313E-7BC4-BB89CF1606D7}_is1) (Version: 25.06 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 15 (HKLM\...\{0A11EA01-7CAC-87D7-5641-D61A11726754}_is1) (Version: 15.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 17 (HKLM\...\{0A11EA01-431A-C5D3-A204-7595A68055F7}_is1) (Version: 17.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 26 (HKLM-x32\...\{4209F371-5FA3-6A34-60CD-BCE116E212FF}_is1) (Version: 26.00.24 - Ashampoo GmbH & Co. KG)
calibre 64bit (HKLM\...\{D0CEDA32-335E-4B5A-804B-E07A3B1011C1}) (Version: 8.3.0 - Kovid Goyal)
Camtasia 2022 (HKLM\...\{5AEBE1F0-E3E2-4037-AB39-B2DCA83559CA}) (Version: 22.5.7.278 - TechSmith Corporation) Hidden
Camtasia 2022 (HKLM-x32\...\{1095651e-e286-4ae4-b7dd-5c3819bdad8b}) (Version: 22.5.7.278 - TechSmith Corporation)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.90.3.30 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.6.0 - Canon Inc.)
Canon TS6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS6300_series) (Version: 1.03 - Canon Inc.)
CapCut (HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\CapCut) (Version: 6.7.0.2661 - Bytedance Pte. Ltd.)
DownloadHelper CoApp (HKLM-x32\...\DownloadHelper CoApp) (Version: 2.0.19.0 - ACLAP)
Dropbox (HKLM-x32\...\Dropbox) (Version: 230.4.8797 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.983.1 - Dropbox, Inc.) Hidden
Druckerregistrierung (HKLM-x32\...\Canon EISRegistration) (Version: 1.9.2 - Canon Inc.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2505.5640 - Avira Operations GmbH) Hidden
Evernote 10.150.1 (HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.150.1 - Evernote Corporation)
Fortect (HKLM\...\Fortect) (Version: 7.3.0.4 - Fortect)
FreeCommander XE Build 921 32-bit (HKLM-x32\...\{D3C705DC-9743-4FEF-8358-E1AC9FA69C73}_is1) (Version: 2025.0.0.921 - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 139.0.7258.129 - Google LLC)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.20.0 - HP Inc)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP One Agent (HKLM\...\{38EBE077-6B9B-4E51-BE50-8F272A7853DB}) (Version: 1.1.912.0346 - HP Inc.)
HP One Agent (HKLM\...\{D18ABC54-8A7A-41A2-A5B9-F7B2AE263195}) (Version: 1.1.912.346 - HP Inc.) Hidden
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.94.762104 - Logitech)
Logi Plugin Service (HKLM\...\{6431C541-CF1A-4EC6-931C-16F9963BFBA1}) (Version: 6.2.0.492 - Logitech)
Logi RightSightForWebcams 1.1.179 (HKLM\...\{88D41995-0077-47CC-A2C0-149AD515C76A}) (Version: 1.1.179.0 - Logitech) Hidden
Malwarebytes version 5.3.6.205 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.3.6.205 - Malwarebytes)
McAfee (HKLM\...\McAfee.WPS) (Version: 1.32.165.1 - McAfee, LLC)
Microsoft .NET Host - 6.0.23 (x64) (HKLM\...\{1870DD0E-1583-44FF-8265-A9D1692CD89C}) (Version: 48.92.2594 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.0 (x64) (HKLM\...\{D44822A8-FC28-42FC-8B1D-21A78579FC79}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.23 (x64) (HKLM\...\{995CC82C-E3E8-4BB5-9AB8-2B95C611D59D}) (Version: 48.92.2594 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.0 (x64) (HKLM\...\{3A706840-2882-423C-90EB-B31545E2BC7A}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.23 (x64) (HKLM\...\{7C0437DA-6703-47F1-A116-CD138B0768AD}) (Version: 48.92.2594 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.0 (x64) (HKLM\...\{76DEEAB3-122F-4231-83C7-0C35363D02F9}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.19029.20184 - Microsoft Corporation)
Microsoft 365 - en-gb (HKLM\...\O365HomePremRetail - en-gb) (Version: 16.0.19029.20184 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 139.0.3405.102 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 139.0.3405.102 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\OneDriveSetup.exe) (Version: 25.140.0720.0001 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.19029.20184 - Microsoft Corporation)
Microsoft OneNote - en-gb (HKLM\...\OneNoteFreeRetail - en-gb) (Version: 16.0.19029.20184 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.23 (x64) (HKLM\...\{AA393199-374C-4AD1-9245-6CBB254D8146}) (Version: 48.92.2594 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.23 (x64) (HKLM-x32\...\{fbe8ac13-7063-40e6-81dd-7ddcc3781ecd}) (Version: 6.0.23.32930 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.0 (x64) (HKLM\...\{113C0ADC-B9BD-4F95-9653-4F5BC540ED03}) (Version: 64.0.5329 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.0 (x64) (HKLM-x32\...\{17316079-d65a-4f25-a9f3-56c32781b15d}) (Version: 8.0.0.33101 - Microsoft Corporation)
Momentum 3.0.1 (HKLM\...\64954139-9cf6-59bf-952e-0637eb939033) (Version: 3.0.1 - Holmez Softsolutions LLC)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 141.0.3 (x64 de)) (Version: 141.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 138.0 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 566.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.43 - NVIDIA Corporation)
NVIDIA Omniverse Launcher 1.9.8 (HKLM\...\ddd216ee-cf6c-55b0-9ca8-733b2ef622a0) (Version: 1.9.8 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.19029.20184 - Microsoft Corporation) Hidden
Outlook Google Calendar Sync (HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\OutlookGoogleCalendarSync) (Version: 2.11.0-beta - Paul Woolcock)
Paint.NET (HKLM\...\{DF138AE3-E8C3-41DD-B121-E33132198D0A}) (Version: 5.1.8 - dotPDN LLC)
PDF24 Creator 11.25.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.25.1 - geek software GmbH)
Telegram Desktop (HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 6.0.2 - Telegram FZ-LLC)
TotalAV (HKLM-x32\...\TotalAV) (Version: 6.4.248 - Total Security Limited) <==== ACHTUNG
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WebAdvisor von McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1063 - McAfee, LLC)
Zoom Workplace (HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\...\ZoomUMX) (Version: 6.4.12 (64384) - Zoom Communications, Inc.)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-13] ()
A278AB0D.MarchofEmpires -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_9.1.1.0_x86__h6adky7gbf63m [2025-08-22] (Gameloft SE)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2025-07-20] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2025-03-26] (INTEL CORP) [Startup Task]
Canon PRINT -> C:\Program Files\WindowsApps\34791E63.CanonInkjetSmartConnect_1.10.2.0_x64__6e5tt8cgb93ep [2025-06-14] (Canon Inc.) [Startup Task]
ChatGPT -> C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2025.224.0_x64__2p2nqsd0c76g0 [2025-08-15] (OpenAI) [Startup Task]
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2025-08-14] (Dropbox Inc.)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2025.2.42.0_x64__t5j2fzbtdg37r [2025-07-04] (DTS, Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2025-03-11] (HP Inc.)
Fotos-Legacy -> C:\Program Files\WindowsApps\Microsoft.PhotosLegacy_2024.11090.26001.0_x64__8wekyb3d8bbwe [2025-03-26] (Microsoft Corporation)
HP -> C:\Program Files\WindowsApps\AD2F1837.myHP_47.52530.5546.0_x64__v10z8vjag6ke6 [2025-08-01] (HP Inc.) [Startup Task]
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.8.0.0_x64__v10z8vjag6ke6 [2025-07-12] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2025-03-26] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_160.1.1192.0_x64__v10z8vjag6ke6 [2025-07-09] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.46.17.0_x64__v10z8vjag6ke6 [2025-07-04] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.46.0_x64__v10z8vjag6ke6 [2025-08-01] (HP Inc.)
HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.33.0.0_x64__0a78dr3hq0pvt [2025-08-20] (HP Inc.) [Startup Task]
Intel® Connectivity Performance Suite -> C:\Program Files\WindowsApps\AppUp.IntelConnectivityPerformanceSuite_3.1023.830.0_x64__8j3eq9eme6ctt [2025-02-27] (INTEL CORP) [Startup Task]
Intel® Unison™ -> C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.33.12413.0_x64__8j3eq9eme6ctt [2025-08-11] (INTEL CORP)
Local Artificial Intelligence Manager -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-08-17] ()
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2025-08-18] ()
March of Empires -> C:\Program Files\WindowsApps\A278AB0D.59409702A30C3_9.0.3.0_x64__h6adky7gbf63m [2025-07-28] (Gameloft SE)
McAfee -> C:\Program Files\McAfee\WPS\1.32.165.1 [2025-08-15] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12002.0_x64__8wekyb3d8bbwe [2025-03-10] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-02-27] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20610.576.0_x64__8wekyb3d8bbwe [2025-08-09] (Microsoft Corporation)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-08-17] ()
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-07-04] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-08-17] ()
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6 [2025-08-20] (HP Inc.) [Startup Task]
OneNote Virtual Printer -> C:\Program Files\WindowsApps\Microsoft.Office.OneNoteVirtualPrinter_1.0.0.0_x64__8wekyb3d8bbwe [2025-04-29] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2025-04-29] (Adobe Systems Incorporated)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2532.3.0_x64__cv1g1gvanyjgm [2025-08-13] (WhatsApp Inc.) [Startup Task]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2735172248-1304287514-1941203570-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2735172248-1304287514-1941203570-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2735172248-1304287514-1941203570-1001_Classes\CLSID\{52198ba3-aef2-4fea-a304-b2b2edc7cdb1}\localserver32 -> C:\Program Files\TechSmith\Camtasia 2022\CamtasiaStudio.exe (TechSmith Corporation -> TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2735172248-1304287514-1941203570-1001_Classes\CLSID\{75B3B961-CA4F-4EFE-BF05-DB2099352C9C} -> [S23 Ultra von Rainer] => C:\Users\raine\CrossDevice\S23 Ultra von Rainer [2025-03-11 09:20]
CustomCLSID: HKU\S-1-5-21-2735172248-1304287514-1941203570-1001_Classes\CLSID\{7d043d4e-4259-f459-3630-7b434fd7752c}\localserver32 -> C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe (HP Inc. -> HP Inc.)
CustomCLSID: HKU\S-1-5-21-2735172248-1304287514-1941203570-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\raine\Dropbox [2025-03-11 09:24]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-07-15] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.32.165.1\mc-ctxmnu.dll [2025-08-15] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-08-18] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.84.0.dll [2025-08-12] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_373d1c272c00666b\nvshext.dll [2025-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-08-18] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.32.165.1\mc-ctxmnu.dll [2025-08-15] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk -> C:\Program Files (x86)\Online Services\Amazon\WizLink.exe () -> hxxp://www.amazon.com/gp/ubp/oneButton/config/redirectHome?tagbase=hpga1-ubpl&ref=aagateway-taskbar-hp
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2025-08-13 11:18 - 2025-08-08 03:05 - 000123904 _____ () [Datei ist nicht signiert] \\?\C:\Users\raine\AppData\Local\Programs\Evernote\resources\app.asar.unpacked\node_modules\@ronomon\opened\binding.node
2025-08-13 11:18 - 2025-08-08 03:05 - 001720320 _____ () [Datei ist nicht signiert] \\?\C:\Users\raine\AppData\Local\Programs\Evernote\resources\app.asar.unpacked\node_modules\better-sqlite3\build\Release\better_sqlite3.node
2025-08-13 11:18 - 2025-08-08 03:05 - 000636928 _____ () [Datei ist nicht signiert] \\?\C:\Users\raine\AppData\Local\Programs\Evernote\resources\app.asar.unpacked\node_modules\electron-clipboard-ex\prebuilds\win32-x64\node.napi.node
2025-08-13 11:18 - 2025-08-08 03:05 - 000139264 _____ () [Datei ist nicht signiert] \\?\C:\Users\raine\AppData\Local\Programs\Evernote\resources\app.asar.unpacked\node_modules\electron-native-auth\build\Release\electron_native_auth.node
2025-08-13 11:18 - 2025-08-08 03:05 - 000133120 _____ () [Datei ist nicht signiert] \\?\C:\Users\raine\AppData\Local\Programs\Evernote\resources\app.asar.unpacked\node_modules\fswin\electron\x64\fswin.node
2025-08-13 11:18 - 2025-08-08 03:05 - 000161792 _____ () [Datei ist nicht signiert] \\?\C:\Users\raine\AppData\Local\Programs\Evernote\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2025-08-13 11:18 - 2025-08-08 03:05 - 000159232 _____ () [Datei ist nicht signiert] \\?\C:\Users\raine\AppData\Local\Programs\Evernote\resources\app.asar.unpacked\node_modules\native-reg\prebuilds\win32-x64\node.napi.node
2025-04-29 10:47 - 2025-08-08 03:05 - 002976768 _____ () [Datei ist nicht signiert] C:\Users\raine\AppData\Local\Programs\Evernote\ffmpeg.dll
2025-04-29 10:47 - 2025-08-08 03:05 - 000491008 _____ () [Datei ist nicht signiert] C:\Users\raine\AppData\Local\Programs\Evernote\libegl.dll
2025-04-29 10:47 - 2025-08-08 03:05 - 008110592 _____ () [Datei ist nicht signiert] C:\Users\raine\AppData\Local\Programs\Evernote\libglesv2.dll
2025-04-29 10:47 - 2025-08-08 03:05 - 005506560 _____ () [Datei ist nicht signiert] C:\Users\raine\AppData\Local\Programs\Evernote\vk_swiftshader.dll
2024-08-29 21:06 - 2024-08-29 21:06 - 000218624 _____ (.NET Foundation and Contributors) [Datei ist nicht signiert] C:\Program Files (x86)\TotalAV\RestSharp.dll
2024-08-29 21:06 - 2024-08-29 21:06 - 000009216 _____ (.NET Foundation and Contributors) [Datei ist nicht signiert] C:\Program Files (x86)\TotalAV\RestSharp.Serializers.NewtonsoftJson.dll
2025-08-13 11:55 - 2025-08-13 11:55 - 000869376 _____ (.NET Foundation) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.T417b639d#\b62d0206f30af95e99e6953f0ce4fdfa\Microsoft.Toolkit.Uwp.Notifications.ni.dll
2025-04-29 13:43 - 2017-11-02 15:36 - 000008704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_DEU.DLL
2025-04-29 13:43 - 2017-11-02 15:36 - 000104960 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2024-08-13 03:50 - 2024-08-13 03:50 - 000148480 _____ (Elinam LLC, Japan) [Datei ist nicht signiert] C:\Program Files (x86)\TotalAV\SharpVectors.Converters.Wpf.dll
2024-08-13 03:50 - 2024-08-13 03:50 - 000187392 _____ (Elinam LLC, Japan) [Datei ist nicht signiert] C:\Program Files (x86)\TotalAV\SharpVectors.Core.dll
2024-08-13 03:50 - 2024-08-13 03:50 - 000093696 _____ (Elinam LLC, Japan) [Datei ist nicht signiert] C:\Program Files (x86)\TotalAV\SharpVectors.Css.dll
2024-08-13 03:50 - 2024-08-13 03:50 - 000034304 _____ (Elinam LLC, Japan) [Datei ist nicht signiert] C:\Program Files (x86)\TotalAV\SharpVectors.Dom.dll
2024-08-13 03:50 - 2024-08-13 03:50 - 001073152 _____ (Elinam LLC, Japan) [Datei ist nicht signiert] C:\Program Files (x86)\TotalAV\SharpVectors.Model.dll
2024-08-13 03:50 - 2024-08-13 03:50 - 000231424 _____ (Elinam LLC, Japan) [Datei ist nicht signiert] C:\Program Files (x86)\TotalAV\SharpVectors.Rendering.Wpf.dll
2024-08-13 03:50 - 2024-08-13 03:50 - 000073216 _____ (Elinam LLC, Japan) [Datei ist nicht signiert] C:\Program Files (x86)\TotalAV\SharpVectors.Runtime.Wpf.dll
2025-08-04 12:14 - 2025-08-04 12:14 - 000058880 _____ (HP Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\HP.SEU.Localization\a3a8677bc914fe9d68ad327c160dbba1\HP.SEU.Localization.ni.dll
2025-07-11 04:21 - 2025-07-11 04:21 - 000440320 _____ (HP Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LauncherSDK\2d70a2d044f21be30baf78121199320f\LauncherSDK.ni.dll
2025-07-11 04:21 - 2025-07-11 04:21 - 000038400 _____ (HP Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Logging\4f7984a4c26efbf55f686da8b16aa462\Logging.ni.dll
2025-07-11 04:21 - 2025-07-11 04:21 - 000153600 _____ (HP Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RpcClient\d28337c50ce6e833c97e1b1d1306d515\RpcClient.ni.dll
2025-07-11 04:21 - 2025-07-11 04:21 - 000125440 _____ (HP Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\WMISDK\7ee85863f17382e151bf1244a7da66d2\WMISDK.ni.dll
2023-07-21 14:29 - 2023-07-21 14:29 - 000488960 _____ (Maurício David) [Datei ist nicht signiert] C:\Program Files (x86)\TotalAV\LiteDB.dll
2024-03-01 12:33 - 2024-03-01 12:33 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2024-03-01 12:33 - 2024-03-01 12:33 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2025-07-11 04:21 - 2025-07-11 04:21 - 003884544 _____ (Newtonsoft) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\d0bc9039722cdf7f534582c5140e55a8\Newtonsoft.Json.ni.dll
2025-04-29 10:39 - 2018-06-27 09:58 - 002135040 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\ash_libcurl.dll
2025-04-29 10:39 - 2024-12-12 11:38 - 000436736 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libcurl.dll
2025-04-29 10:39 - 2024-12-12 10:49 - 003469824 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libcrypto-1_1-x64.dll
2025-04-29 10:39 - 2024-12-12 10:49 - 000692224 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libssl-1_1-x64.dll
2025-04-29 10:39 - 2024-12-12 10:49 - 000150528 _____ (wxWidgets development team) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_net_vc_ox.dll
2025-04-29 10:39 - 2024-12-12 10:49 - 002107392 _____ (wxWidgets development team) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_vc_ox.dll
2025-04-29 10:39 - 2024-12-12 10:49 - 000168448 _____ (wxWidgets development team) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_xml_vc_ox.dll
2025-04-29 10:39 - 2024-12-12 10:49 - 001379328 _____ (wxWidgets development team) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_adv_vc_ox.dll
2025-04-29 10:39 - 2024-12-12 10:49 - 004959232 _____ (wxWidgets development team) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_core_vc_ox.dll
2025-04-29 10:39 - 2024-12-12 10:49 - 000644608 _____ (wxWidgets development team) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_html_vc_ox.dll
2025-04-29 10:39 - 2024-12-12 10:49 - 000108032 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_webview_vc_ox.dll
2025-04-29 10:39 - 2024-12-12 10:49 - 000764928 _____ (wxWidgets development team) [Datei ist nicht signiert] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_xrc_vc_ox.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\raine\Downloads\Fortect.exe:MBAM.Zone.Identifier [147]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2025-05-26] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-07-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2025-05-26] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-08-03] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2022-05-07 07:24 - 2025-08-17 15:24 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
DNS Servers: 192.168.178.1
ist aktiviert.
Network Binding:
=============
WLAN: Intel(R) Wi-Fi 7 BE200 320MHz -> Netwaw16.sys
Ethernet 3: Lenovo USB Ethernet #2 -> rtu53cx22x64.sys
WLAN 4: Intel(R) Wi-Fi 7 BE200 320MHz -> Netwaw16.sys
WLAN 2: Intel(R) Wi-Fi 7 BE200 320MHz -> Netwaw16.sys
WLAN 5: Intel(R) Wi-Fi 7 BE200 320MHz -> Netwaw16.sys
McAfee VPN: TAP-Windows Adapter V9 -> tap0901.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
nt_rtf64: Realtek LightWeight Filter (NDIS6.40)
vms_vsf: Erweiterungsfilter für virtuellen Hyper-V-Switch
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Extension-Protokoll für virtuellen Hyper-V-Switch
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2735172248-1304287514-1941203570-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2735172248-1304287514-1941203570-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7D4867B5-CFE1-41EC-BDE7-A8AD964A1E7B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25031.702.3408.1909_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6DBB26FB-D4B9-4E9F-8D1F-E3D967463AF7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25031.702.3408.1909_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{143BEAD1-D2D5-4A7C-AE4B-323236369205}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E411E91D-2772-44BD-8362-3300B5722B07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FEC6D8F-77DC-40AC-93D3-C7D30F8C2CB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{36E0BED5-DAF9-472F-9984-0EE4EFDA99E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7130D948-6784-4904-B6B2-B396006E4FC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A6E7A6CA-EDED-4C07-8816-9129DA0919AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A99F158F-B515-48FE-AEDE-A88E46918381}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25031.702.3408.1909_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4C89262-B951-4C5D-B627-0301A2246A58}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25031.702.3408.1909_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6186EC9C-E138-46E1-9F51-49D753BBD98C}] => (Allow) LPort=80
FirewallRules: [{9E2CC8DE-85DB-4CB5-9129-026D1C2561FA}] => (Allow) LPort=80
FirewallRules: [{15AA404F-CE97-4BC1-9482-6CC1DF278EBF}] => (Allow) LPort=8323
FirewallRules: [{A2F30E21-76AF-4B6D-AD07-097F43CACE85}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{F60EC81E-9777-48D2-8BAA-229A78300F00}] => (Allow) C:\Program Files\LogiOptionsPlus\logivoice\logioptionsplus_logivoice => Keine Datei
FirewallRules: [{82116F64-CA34-41A8-A262-A0A493D185D7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E823401A-E9E8-412B-8951-4F33C42EBB43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B241AC6B-366F-4651-A95E-053B4468F066}] => (Allow) LPort=80
FirewallRules: [{CF33BB22-8BAE-434B-A5B0-FFA7F5E6321F}] => (Allow) LPort=80
FirewallRules: [{BA17DF49-C9C1-4AB6-9609-6A51BCFA59E6}] => (Allow) C:\Users\raine\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
FirewallRules: [{D4291B51-A120-41BA-AEE3-DB3FD7034475}] => (Allow) C:\Users\raine\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E55559D4-0ED2-48F0-9913-08950EE12CEE}] => (Allow) C:\Users\raine\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{CE5580B9-48F9-413A-8685-1C9F6B42A214}C:\users\raine\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\raine\appdata\local\programs\evernote\evernote.exe (Evernote Corporation -> Evernote Corporation)
FirewallRules: [UDP Query User{F149D841-7F2B-4781-B85E-F9036007617D}C:\users\raine\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\raine\appdata\local\programs\evernote\evernote.exe (Evernote Corporation -> Evernote Corporation)
FirewallRules: [{ADFE559A-51DE-469D-B04B-51770EEC6203}] => (Allow) LPort=80
FirewallRules: [{3F62CE39-FB2C-46DC-A77A-BD1C02BCF3C6}] => (Allow) LPort=80
FirewallRules: [TCP Query User{18183C5C-DAF1-4651-9BA7-E1119E83E54D}C:\program files\ashampoo\ashampoo snap 15\snap15.exe] => (Allow) C:\program files\ashampoo\ashampoo snap 15\snap15.exe (Ashampoo GmbH & Co. KG -> Ashampoo GmbH & Co. KG)
FirewallRules: [UDP Query User{B91D2192-0518-4A92-8AF2-325C575C1A80}C:\program files\ashampoo\ashampoo snap 15\snap15.exe] => (Allow) C:\program files\ashampoo\ashampoo snap 15\snap15.exe (Ashampoo GmbH & Co. KG -> Ashampoo GmbH & Co. KG)
FirewallRules: [{191E23D5-7437-4309-95E4-C1677CB5FABC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{340B0E8D-F84F-4D95-9D35-A599E69B42F7}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [UDP Query User{31CAF701-9C1C-48EB-8AA8-8923EF5090C8}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [{0A2AADF5-6207-4BB3-BE99-A07273CF3184}] => (Allow) C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.33.12413.0_x64__8j3eq9eme6ctt\IntelUnison.exe (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation)
FirewallRules: [{0962AA7E-FBB6-4186-A3E8-3B645AFB43F3}] => (Allow) C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.33.12413.0_x64__8j3eq9eme6ctt\IntelUnison.exe (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation)
FirewallRules: [{451BB089-E8B7-4ACD-8632-437E9F416C14}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{CA35A532-F155-475E-A273-415EFC0A00AF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{CA1E0B43-7575-4CAE-9988-52BB02897F0C}] => (Allow) C:\Program Files\Fortect\MainService.exe (Fortect LTD -> Fortect LTD.)
FirewallRules: [{D357428C-0274-442F-A6F6-4D9856BC905D}] => (Allow) C:\Program Files\Fortect\MainService.exe (Fortect LTD -> Fortect LTD.)
FirewallRules: [{E71682B2-D3B8-498A-900B-AF5E0D99E3D2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D603A5E4-1A30-40B6-B9F9-FA466C50D028}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B78D8BE5-2A82-4D08-B342-0FA65C2592D6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{E77C43FF-403B-4263-899F-1E02D8D487D9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{95C76173-BF5F-4818-8400-A9FDB026E08A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{20A8C2FB-526D-4C70-AA7A-3709AB22F90B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B46C9BE0-893B-4BA0-B76F-056D1CE1EB6A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{23FF9898-3505-4015-839C-1CA4CC09E910}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{4968317E-CB80-42F7-AF93-39628FA8872F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{5A24F0B4-275B-4FCD-9008-83CF02617D55}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{009B6F52-0DC3-4F10-A62E-E7B4C50707D2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{A1B1D4C2-B326-4028-AF1A-D0D33A7BF5E2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{70B97C23-2D88-4F70-BB92-26B8936727F4}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{6458AA62-A023-4B5B-A017-F4DBB05B753E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{79FC944A-0139-4FA9-A3FE-E508E767899E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{36ECBBE8-1817-4165-A30D-7C3BBCCAE369}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{174ECF25-7BEA-4CBA-85CC-364651E92EDE}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2508.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{7321B7A2-7883-40AB-8B22-7D15743EE9B7}] => (Allow) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe (Logitech Inc -> Logitech)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:1906.62 GB) (Free:428.99 GB) (23%)
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (08/22/2025 11:26:09 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 23196. Meldungs-ID: [0x2509].
Error: (08/21/2025 11:22:42 PM) (Source: Application Error) (EventID: 1000) (User: HPOMEN14RB)
Description: Fehlerhafter Anwendungsname: backgroundTaskHost.exe, Version: 10.0.26100.1, Zeitstempel: 0x5bc61463
Fehlerhafter Modulname: twinapi.appcore.dll, Version: 10.0.26100.4768, Zeitstempel: 0xac34b171
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000072d03
Fehlerhafte Prozess-ID: 0x5ebc
Fehlerhafte Anwendungsstartzeit: 0x1dc12e1b6ca9a3e
Fehlerhafter Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Fehlerhafter Modulpfad: C:\Windows\System32\twinapi.appcore.dll
Berichts-ID: e9e64e42-9779-419f-b2dc-b5469f60c162
Vollständiger Name des fehlerhaften Pakets: 34791E63.CanonInkjetSmartConnect_1.10.2.0_x64__6e5tt8cgb93ep
Fehlerhafte paketbezogene Anwendungs-ID: App
Error: (08/21/2025 11:22:38 PM) (Source: Application Error) (EventID: 1000) (User: HPOMEN14RB)
Description: Fehlerhafter Anwendungsname: AcrobatNotificationClient.exe, Version: 0.0.0.0, Zeitstempel: 0x5b98af46
Fehlerhafter Modulname: combase.dll, Version: 10.0.26100.4768, Zeitstempel: 0xb412414f
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0016a251
Fehlerhafte Prozess-ID: 0x7fec
Fehlerhafte Anwendungsstartzeit: 0x1dc1297413487b0
Fehlerhafter Anwendungspfad: C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
Fehlerhafter Modulpfad: C:\WINDOWS\System32\combase.dll
Berichts-ID: ced3bbd5-588b-4e1a-a808-d7a0aa2bee79
Vollständiger Name des fehlerhaften Pakets: ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r
Fehlerhafte paketbezogene Anwendungs-ID: App
Error: (08/21/2025 04:33:34 PM) (Source: Windows App Runtime) (EventID: 22) (User: )
Description: Event-ID 22
Error: (08/21/2025 04:27:31 PM) (Source: CertEnroll) (EventID: 57) (User: NT-AUTORITÄT)
Description: Der "Microsoft Pluton Cryptographic Provider"-Anbieter wurde aufgrund eines Initialisierungsfehlers nicht geladen.
Error: (08/21/2025 04:27:30 PM) (Source: CertEnroll) (EventID: 57) (User: NT-AUTORITÄT)
Description: Der "Microsoft Pluton Cryptographic Provider"-Anbieter wurde aufgrund eines Initialisierungsfehlers nicht geladen.
Error: (08/21/2025 04:27:29 PM) (Source: CertEnroll) (EventID: 57) (User: NT-AUTORITÄT)
Description: Der "Microsoft Pluton Cryptographic Provider"-Anbieter wurde aufgrund eines Initialisierungsfehlers nicht geladen.
Error: (08/21/2025 02:30:29 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 32856. Meldungs-ID: [0x2509].
Systemfehler:
=============
Error: (08/22/2025 11:04:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NBLGGH33ZDV-A278AB0D.MARCHOFEMPIRES
Error: (08/22/2025 10:20:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice
Error: (08/22/2025 08:40:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NHT9RB2F4HD-Microsoft.Copilot
Error: (08/22/2025 08:39:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NHT9RB2F4HD-Microsoft.Copilot
Error: (08/22/2025 08:39:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Mozilla Maintenance Service" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
Error: (08/22/2025 05:08:28 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{354FF91B-5E49-4BDC-A8E6-1CB6C6877182}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/22/2025 05:06:28 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{354FF91B-5E49-4BDC-A8E6-1CB6C6877182}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/22/2025 05:04:28 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{354FF91B-5E49-4BDC-A8E6-1CB6C6877182}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===============
Date: 2025-08-22 11:27:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: AMI F.10 03/12/2025
Hauptplatine: HP 8C58
Prozessor: Intel(R) Core(TM) Ultra 9 185H
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 32153.22 MB
Verfügbarer physikalischer RAM: 16277.73 MB
Summe virtueller Speicher: 48025.22 MB
Verfügbarer virtueller Speicher: 23590.27 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:1906.62 GB) (Free:428.99 GB) (Model: SAMSUNG MZVL22T0HBLB-00BH1) (Protected) NTFS
Drive d: (Seagate Hub ) (Fixed) (Total:11175.8 GB) (Free:2187.03 GB) (Model: Seagate One Touch Hub SCSI Disk Device) NTFS
\\?\Volume{46a68e9f-a1c8-4643-8ccb-bd889d73f82e}\ () (Fixed) (Total:0.84 GB) (Free:0.14 GB) NTFS
\\?\Volume{24bf913e-32f4-4715-8c9f-3d5fb79a5009}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.12 GB) FAT32
\\?\Volume{13c3db11-039f-4fbc-abf1-9430b30f471f}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.19 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 1907.7 GB) (Disk ID: 4DEA1453)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 11176 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt =======================
Geändert von cosinus (Gestern um 12:37 Uhr) Grund: code tags |
|
Gestern, 12:42
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Riskware mit Pop-up Fenstern und Weiterleitung auf Stonifient.comZitat:
Bitte keine Prosa sondern die Logs von Malwarebytes posten.
__________________ |
|
Gestern, 12:54
| #4 |
| | Malwarebytes ScanberichtCode:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 22.08.2025
Scan-Zeit: 13:43
Protokolldatei: 3e332168-7f4d-11f0-9466-a0b339ef86ba.json
-Softwaredaten-
Version: 5.3.6.205
Komponentenversion: 138.0.5346
Version des Aktualisierungspakets: 1.0.102271
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 11 (Build 26100.4946)
CPU: x64
Dateisystem: NTFS
Benutzer: HPOmen14RB\raine
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 237397
Erkannte Bedrohungen: 2
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 2 Min., 45 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 2
PUP.Optional.TotalAV, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\TOTALAV.LNK, Keine Aktion durch Benutzer, 4300, 795103, 1.0.102271, , ame, , 1C40F4FF16E0BF7380274636CB2321FE, F3FFC4369FC67F27E1AE561528A341C090EA628BDFAC2E43E9665176D9688255
PUP.Optional.TotalAV, C:\USERS\PUBLIC\DESKTOP\TOTALAV.LNK, Keine Aktion durch Benutzer, 4300, 795103, 1.0.102271, , ame, , 610AADD0262F214D62120898C551269C, F1A92941E78904EE0E8C314759941976B121D8F7DB9FC20B69487F0209A67A7E
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Geändert von cosinus (Gestern um 13:21 Uhr) Grund: code tags |
|
Gestern, 13:20
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Riskware mit Pop-up Fenstern und Weiterleitung auf Stonifient.com Da steht aber nur was von PUP.Optional, da wurde doch noch mehr gefunden -> Riskware. Wo ist das Log dazu? Und Logs werden grundsätzlich in CODE-Tags gepostet.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
Gestern, 13:49
| #6 |
| | Riskware mit Pop-up Fenstern und Weiterleitung auf Stonifient.com Sorry - bin kein Spezialist. Googeln hatte das Problem teilweise so genannt. Was es genau ist, weiß ich ja nicht. |
|
Gestern, 14:15
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Riskware mit Pop-up Fenstern und Weiterleitung auf Stonifient.com Was soll das jetzt mit Google? Du hast den Fund mit der Riskware selbst hier reingeschrieben, sogar in den Titel. Und eben damit wir Helfer genau wissen was gefunden wurde sollst du alle Logs mit Funden posten. Mehr sollst du nicht machen und nach mehr oder was anderem fragte ich auch nicht.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
Gestern, 15:34
| #8 |
| | Riskware mit Pop-up Fenstern und Weiterleitung auf Stonifient.com Ok - da ich neu hier bin: ich weiß nicht was es ist. Nehme den Begriff Riskware zurück. Und die Logs, die ich habe, sind hier eingefügt. - Kann mir jemand helfen? |
|
Gestern, 15:40
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Riskware mit Pop-up Fenstern und Weiterleitung auf Stonifient.com Was soll das, du nimmst das zurück? Ist das so schwierig mal zu erklären, wie du auf diesen Begriff gekommen bist? Du musst den doch irgendwo gelesen haben. System aufräumen: unnötige und veraltete Programme deinstallieren Bitte über Einstellungen/Apps folgende Programme/Apps deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Riskware mit Pop-up Fenstern und Weiterleitung auf Stonifient.com |
| .com, .dll, administrator, adobe, alert, avira, blockiert, browser, computer, defender, desktop, downloader, explorer, firefox, firewall, geforce, google, home, homepage, internet, internet explorer, mozilla, performance, prozess, prozesse, realtek, registry, scan, security, services.exe, software, svchost.exe, system, tcp, udp, updates, usb, windows, wmi, öffnet |
Linear-Darstellung
