| |
| |||||||
Log-Analyse und Auswertung: MFResident-20230328-55Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.04.2023, 11:12
| #16 |
 |  MFResident-20230328-55 alles klar, kommen hier... Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-04-2023
durchgeführt von Eltern (Administrator) auf SCHILLINGFAMILY (Gigabyte Technology Co., Ltd. GA-890GPA-UD3H) (10-04-2023 11:52:57)
Gestartet von C:\Users\Eltern\Downloads
Geladene Profile: Schilling Family & Eltern & Henrike & DefaultAppPool
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2728 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Users\Eltern\AppData\Local\Google\Chrome\Application\chrome.exe <12>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [BCU] => "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" (Keine Datei)
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmprph.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Roxio Central 4\Plugins\Launch.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\Setup_wm.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\VPREVIEW.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\ChessBase\ChessProgram12\ChessProgram12.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\MSACCESS.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Internet Explorer <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpsideshowgadget.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Sidebar <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\downloads\minecraft (1).exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnetwk.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\program files (x86)\adobe\reader 10.0\reader\eula.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Roxio Central 4\RoxioCentralFx.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmlaunch.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Media Import 11\MediaCapture11.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmprph.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpsideshowgadget.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\program files (x86)\java\jre7\bin\javaw.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\Wordconv.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\Setup_wm.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpconfig.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\downloads\minecraft.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\desktop\minecraft (1).exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\GRAPH.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpshare.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\XLICONS.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\PPTICO.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmplayer.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\WORDICON.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Creator Classic 11\Creator11.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Sidebar <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Retrieve 11\Launch_Retrieve.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmlaunch.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Retrieve 11\Retrieve11.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpconfig.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Defender <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpenc.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\OIS.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\desktop\minecraft.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Internet Explorer <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Users\Schilling Family\AppData\Local\Google\Chrome\Application\chrome.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpshare.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpenc.exe <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\Run: [Google Update] => C:\Users\Schilling Family\AppData\Local\Google\Update\1.3.36.202\GoogleUpdateCore.exe [223000 2023-04-08] (Google LLC -> Google LLC)
HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Run: [Google Update] => C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2022-08-29] (Google LLC -> Google LLC)
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Eltern\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] (Amazon Services LLC -> )
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Run: [MicrosoftEdgeAutoLaunch_EB8D6C06E991CEDBC9E4E65F13805E5D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4140496 2023-04-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-607273383-903765569-4108737559-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-607273383-903765569-4108737559-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM\...\Windows x64\Print Processors\Canon iP4300 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD86.DLL [27136 2006-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX520 series: C:\WINDOWS\system32\CNCALBO.DLL [303104 2012-09-21] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP4300: C:\WINDOWS\system32\CNMLM86.DLL [234496 2006-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX520 series: C:\WINDOWS\system32\CNMLMBO.DLL [390656 2012-09-20] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-07-31] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\Eltern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-01-04]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2014-04-08]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
GroupPolicyUsers\S-1-5-21-607273383-903765569-4108737559-1004\User: Beschränkung <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BBB9B25-3E0B-41C4-8417-BC0AA3E8469A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Keine Datei)
Task: {0D20E039-9151-46FD-B974-33451D8D8893} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Keine Datei)
Task: {0D32098A-3809-485B-B4B1-FB99532A9F8A} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {0F32F71B-0E80-453C-84AA-62B937EFC571} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Keine Datei)
Task: {16715D28-05B1-4839-82FC-3FBDE0233F64} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Keine Datei)
Task: {1C55A462-FD73-403B-A09F-984CB07A8C39} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003UA => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {22BE8BFB-1E32-4605-8FE7-032BE3370959} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Keine Datei)
Task: {2C9910E7-21E4-4BC3-A649-8476A15F8916} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {2C9A41E5-EAA4-47BD-A47C-649959DD4C96} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Keine Datei)
Task: {2D4F42E6-6553-4563-A4DA-5C64C00F3A24} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Keine Datei)
Task: {2F254FB2-238A-4DDD-BB1A-5CD7BD36CFB9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Keine Datei)
Task: {308E3245-B76B-4F4C-9420-DC711CD8B6AA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Keine Datei)
Task: {45381A70-9F15-40C7-9DAB-84FE23E9CA62} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Keine Datei)
Task: {479F023B-EDFA-4153-B8AB-686E66D34909} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Keine Datei)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {48A446E7-59BC-49E8-B070-033DCC730F02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2015-08-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4FEE6216-5B1C-4CCD-B930-8E7E961AED44} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001Core => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-07-14] (Google Inc -> Google Inc.)
Task: {5235F070-0423-4841-A880-4C5C6E95D792} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5288861F-AA80-42F5-965F-271A29651414} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {540F9B5D-6DB9-4419-8E0B-36E4220B76D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001UA => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-07-14] (Google Inc -> Google Inc.)
Task: {57B8B6B7-8B6E-4186-94DF-1155B3FB3CF1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Keine Datei)
Task: {57F6E612-D826-46E6-86F9-C9951328AFB3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {62AB03D9-9674-4F82-9B03-79854C0C4188} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {68A2DC77-4326-45B0-A2EB-FC0A3F784C40} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6CE9B4C3-7B27-4764-9B0A-152BBAECC232} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6F37C2F7-DADB-49AE-A204-2C9AD19C6CFE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {6F47A56B-CADB-4C5E-B30B-85487FC6CC88} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003Core => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {71C3C4D2-0F58-4A47-A69A-D46E959D7336} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Keine Datei)
Task: {71D74DD1-F182-473C-A98A-587C247548CF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {73A44D9D-5152-45D9-B5ED-09FE3C3EA042} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Keine Datei)
Task: {801268F4-4131-4543-95C3-8B78C47D63B5} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {84608AB1-FDFC-4CBE-9B6E-87A86EC99DCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Keine Datei)
Task: {88F5F492-6208-4730-A9B2-F754D5D964BB} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {89AA7B43-6F43-4665-B455-35250B2775B6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001Core1d36619e3cf49df => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-07-14] (Google Inc -> Google Inc.)
Task: {A25CFF11-8701-4725-B4FF-B3E3A26322F7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001UA1d36619e3f56ec3 => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-07-14] (Google Inc -> Google Inc.)
Task: {A62B6259-A517-463A-87F7-5AC214BA12C1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003UA1d264fa72e45b7c => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {A644AF47-F72C-415B-87DA-AC26713AA924} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Keine Datei)
Task: {A764CB31-E10A-4748-87C2-78B1A074C2C5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AE3B097F-0458-44AD-B075-30716ECFED1E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B48C01BC-3898-4438-ACBC-3CBB676128C9} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Keine Datei)
Task: {BC82C7F7-E333-4612-B4DA-B144C7B04EC6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Keine Datei)
Task: {C81A5F30-FAB1-46FE-8C78-248273597C96} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C9CE2E2F-74C8-4420-A9A6-6C5270140972} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Keine Datei)
Task: {CC1E0B3B-991C-48FD-A12D-87AD1C6A5AB4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CEC66727-43C2-4046-877F-5E52D2579E6A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Keine Datei)
Task: {D4B27E49-E70B-42CF-9F59-391892C74007} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D8373EC5-C2D0-47AA-A6E5-134DB4404626} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Keine Datei)
Task: {D8BBE133-E46B-46C1-91B4-19BE93F6CB55} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Keine Datei)
Task: {E32C8471-92F1-4FDE-B901-8FB47EC87899} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E9EB6BC0-96CB-4A0D-888D-CE6AD2CFAA11} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {EEF562D5-1A49-4011-9839-10FE2C739B33} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003Core1d264fa72b23a21 => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {FCAE2C9E-7790-484C-B719-C3622CADC1D6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Keine Datei)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001Core.job => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001UA.job => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003Core.job => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003UA.job => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1533b570-916a-43ef-a95f-2771cf3347c2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{63e8b743-5869-48f3-b34a-8f4038bdaffe}: [NameServer] 10.74.210.210 10.74.210.211
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Eltern\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-10]
FireFox:
========
FF ProfilePath: C:\Users\Eltern\AppData\Roaming\Nvu\Profiles\l9ncqul6.default [2012-11-29]
FF ProfilePath: C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default [2019-03-30]
FF user.js: detected! => C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default\user.js [2015-09-30]
FF Extension: (Telemetry coverage) - C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default\features\{8be4ee0a-5a7c-4dfc-b1a8-b23c5451a190}\telemetry-coverage-bug1487578@mozilla.org.xpi [2019-03-30] []
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-03-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.) [Datei ist nicht signiert]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC) [Datei ist nicht signiert]
FF Plugin HKU\S-1-5-21-607273383-903765569-4108737559-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll [2012-12-07] (Amazon.com, Inc.) [Datei ist nicht signiert]
FF Plugin HKU\S-1-5-21-607273383-903765569-4108737559-1003: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Eltern\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon Services LLC -> Amazon.com, Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-10-06] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-10-06] <==== ACHTUNG
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default [2023-04-10]
CHR Notifications: Default -> hxxp://kleinanzeigen.ebay.de; hxxps://de10.forgeofempires.com; hxxps://lichess.org; hxxps://www.ebay.de
CHR Extension: (FoE - Helfer) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkagcmloachflbbkfmfiggipaelfamdf [2023-03-26]
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-03-26]
CHR Extension: (Google Docs Offline) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR HKLM\...\Chrome\Extension: [doobfiogmfmpjnoofjhhgjehmlofngfp] - C:\Users\Schilling Family\AppData\Local\metacrawler-speeddial.crx <nicht gefunden>
CHR HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [doobfiogmfmpjnoofjhhgjehmlofngfp] - C:\Users\SCHILL~1\AppData\Local\metacrawler-speeddial.crx <nicht gefunden>
CHR HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\Schilling Family\AppData\Roaming\SpeedanAlysis\speedanalysis.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [doobfiogmfmpjnoofjhhgjehmlofngfp] - C:\Users\Schilling Family\AppData\Local\metacrawler-speeddial.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
StartMenuInternet: Google Chrome - C:\Users\Schilling Family\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.Eltern - C:\Users\Eltern\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2015-08-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-07-04] (Bayerisches Landesamt fuer Steuern -> )
S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] (Giga-Byte Technology -> )
S2 HWDeviceService64.exe; C:\Program Files (x86)\DatacardService\HWDeviceService64.exe [351888 2016-03-24] (Huawei Technologies Co.,Ltd. -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682072 2015-07-06] (Huawei Technologies Co.,Ltd. -> )
S2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] (JMicron Technology Corp. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9098608 2023-04-09] (Malwarebytes Inc. -> Malwarebytes)
S2 MFLocalService; C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe [54664 2022-04-28] (Shenzhen iMyFone Technology Co., Ltd -> )
S4 Roxio UPnP Renderer 11; C:\Program Files (x86)\Roxio WinOnCD 2009\Digital Home 11\RoxioUPnPRenderer11.exe [313840 2008-08-14] (Sonic Solutions -> Sonic Solutions)
S4 Roxio Upnp Server 11; C:\Program Files (x86)\Roxio WinOnCD 2009\Digital Home 11\RoxioUpnpService11.exe [367088 2008-08-14] (Sonic Solutions -> Sonic Solutions)
S4 RoxMediaDB11; C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [1122304 2009-01-09] (Sonic Solutions) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [226976 2023-03-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 gdrv; C:\Windows\gdrv.sys [25640 2023-04-09] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-02-08] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-04-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198584 2023-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-04-09] (Malwarebytes Inc. -> Malwarebytes)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49608 2023-03-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [495896 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-04-10 11:52 - 2023-04-10 11:52 - 000000000 ____D C:\Users\Eltern\Downloads\FRST-OlderVersion
2023-04-10 11:38 - 2023-04-10 11:38 - 000000000 ____D C:\Users\Eltern\AppData\LocalLow\IGDump
2023-04-09 22:27 - 2023-04-09 22:27 - 000004358 _____ C:\Users\Eltern\Desktop\EEK.txt
2023-04-09 21:44 - 2023-04-09 21:44 - 000000000 ____D C:\ProgramData\Emsisoft
2023-04-09 21:43 - 2023-04-09 23:27 - 000000000 ____D C:\EEK
2023-04-09 21:29 - 2023-04-09 21:42 - 336252264 _____ C:\Users\Eltern\Downloads\EmsisoftEmergencyKit.exe
2023-04-09 21:22 - 2023-04-09 21:22 - 000007270 _____ C:\Users\Eltern\Desktop\AdwCleaner[C00].txt
2023-04-09 21:18 - 2023-04-09 21:20 - 000000000 ____D C:\AdwCleaner
2023-04-09 21:18 - 2023-04-09 21:18 - 008791352 _____ (Malwarebytes) C:\Users\Eltern\Downloads\adwcleaner.exe
2023-04-09 21:00 - 2023-04-09 21:00 - 000244497 _____ C:\Users\Eltern\Desktop\MBAM.txt
2023-04-09 20:24 - 2023-04-09 20:24 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-04-09 18:14 - 2023-04-09 18:14 - 000000000 ____D C:\Users\Eltern\AppData\Local\mbam
2023-04-09 18:13 - 2023-04-09 18:13 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-04-09 18:13 - 2023-04-09 18:13 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-04-09 18:11 - 2023-04-09 18:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-04-09 18:11 - 2023-04-09 18:11 - 000000000 ____D C:\Program Files\Malwarebytes
2023-04-09 18:10 - 2023-04-09 18:10 - 002649088 _____ (Malwarebytes) C:\Users\Eltern\Downloads\MBSetup.exe
2023-04-09 13:03 - 2023-04-09 13:03 - 000000000 ____D C:\Users\Eltern\AppData\Local\PeerDistRepub
2023-04-09 00:21 - 2023-04-09 00:21 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\PlaceholderTileLogoFolder
2023-04-08 22:37 - 2023-04-08 22:37 - 000000000 ____D C:\Users\Schilling Family\AppData\Roaming\com.adobe.dunamis
2023-04-08 22:37 - 2023-04-08 22:37 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\SolidDocuments
2023-04-08 22:37 - 2023-04-08 22:37 - 000000000 ____D C:\Users\Schilling Family\.ms-ad
2023-04-08 22:14 - 2023-04-08 22:14 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\D3DSCache
2023-04-08 19:09 - 2023-04-08 22:48 - 000078441 _____ C:\Users\Eltern\Downloads\Addition.txt
2023-04-08 19:04 - 2023-04-10 11:56 - 000040022 _____ C:\Users\Eltern\Downloads\FRST.txt
2023-04-08 19:03 - 2023-04-10 11:55 - 000000000 ____D C:\FRST
2023-04-08 19:01 - 2023-04-10 11:52 - 002379776 _____ (Farbar) C:\Users\Eltern\Downloads\FRST64.exe
2023-04-08 00:27 - 2023-04-09 20:23 - 114819072 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-04-08 00:11 - 2023-04-08 00:27 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-03-18 17:05 - 2023-03-18 17:05 - 000000000 ___HD C:\$WinREAgent
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-04-10 11:53 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-10 11:25 - 2021-06-21 11:40 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{7B8873E7-2F6A-4D04-BC4D-C1178DC4E0A8}
2023-04-10 00:05 - 2017-12-28 22:49 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-10 00:04 - 2021-06-21 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-09 20:23 - 2021-06-21 11:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-09 20:23 - 2012-05-05 21:40 - 000025640 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2023-04-09 20:22 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-04-09 20:21 - 2021-06-21 10:59 - 000000000 ____D C:\Users\Schilling Family
2023-04-09 20:21 - 2021-06-21 10:59 - 000000000 ____D C:\Users\Henrike
2023-04-09 18:13 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-04-09 11:40 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-09 11:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-09 11:34 - 2023-01-24 22:03 - 000000000 ____D C:\Users\Eltern\AppData\Local\CrashDumps
2023-04-09 00:27 - 2021-06-21 11:40 - 000004190 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{715B1F11-FA8F-4631-820D-9B3102438278}
2023-04-09 00:21 - 2017-12-29 01:39 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\Packages
2023-04-08 23:26 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-04-08 23:05 - 2019-08-11 23:25 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\ElevatedDiagnostics
2023-04-08 22:39 - 2016-07-14 19:02 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\Publishers
2023-04-08 22:39 - 2012-05-05 20:54 - 000002590 _____ C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-08 22:39 - 2012-05-05 20:54 - 000002553 _____ C:\Users\Schilling Family\Desktop\Google Chrome.lnk
2023-04-08 22:37 - 2012-05-05 20:55 - 000000000 ____D C:\Users\Schilling Family\AppData\Roaming\Adobe
2023-04-08 22:33 - 2014-10-16 21:51 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\Adobe
2023-04-08 22:31 - 2021-06-21 11:40 - 000004234 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001UA1d36619e3f56ec3
2023-04-08 22:31 - 2021-06-21 11:40 - 000003966 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001Core1d36619e3cf49df
2023-04-08 22:24 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-04-08 22:18 - 2021-06-21 11:40 - 000003398 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-607273383-903765569-4108737559-1001
2023-04-08 22:18 - 2021-06-21 10:59 - 000002457 _____ C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-08 22:18 - 2016-07-14 19:09 - 000000000 ___RD C:\Users\Schilling Family\OneDrive
2023-04-08 22:13 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-08 22:12 - 2018-01-01 16:22 - 000000000 ___RD C:\Users\Schilling Family\3D Objects
2023-04-08 22:12 - 2017-11-25 20:14 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\ConnectedDevicesPlatform
2023-04-08 22:12 - 2015-09-10 07:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-04-08 20:49 - 2014-03-03 21:44 - 000000000 ____D C:\Program Files (x86)\Motorola Mobility
2023-04-08 20:49 - 2012-05-05 21:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-04-08 20:21 - 2012-06-14 08:40 - 000000000 ____D C:\Users\Schilling Family\AppData\Roaming\DVDVideoSoft
2023-04-07 22:32 - 2021-06-21 10:56 - 000002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-07 22:32 - 2021-06-21 10:56 - 000002234 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-04-07 22:28 - 2012-05-06 09:23 - 000002540 _____ C:\Users\Eltern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-07 22:28 - 2012-05-06 09:23 - 000002503 _____ C:\Users\Eltern\Desktop\Google Chrome.lnk
2023-04-07 22:26 - 2021-12-11 16:19 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-607273383-903765569-4108737559-1003
2023-04-07 22:26 - 2021-06-21 11:40 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-607273383-903765569-4108737559-1003
2023-04-07 22:26 - 2021-06-21 10:59 - 000002443 _____ C:\Users\Eltern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-04 21:51 - 2021-06-24 07:57 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-04 21:51 - 2021-06-24 07:57 - 000003662 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7667dcba7b542
2023-04-02 11:37 - 2021-06-21 11:15 - 001917326 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-02 11:37 - 2019-12-07 16:51 - 000820884 _____ C:\WINDOWS\system32\perfh007.dat
2023-04-02 11:37 - 2019-12-07 16:51 - 000177416 _____ C:\WINDOWS\system32\perfc007.dat
2023-03-28 01:10 - 2018-05-27 22:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-25 15:07 - 2021-06-21 11:40 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-03-25 15:06 - 2023-03-07 09:26 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-03-25 15:06 - 2023-03-07 09:26 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-03-19 01:32 - 2021-06-21 10:50 - 000523208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-19 01:28 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-19 01:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-19 01:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-19 01:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-19 01:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-18 17:41 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-18 17:29 - 2021-06-21 10:55 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-03-18 16:56 - 2013-08-03 13:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-18 16:35 - 2012-05-05 17:39 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2015-07-14 15:52 - 2013-06-26 13:51 - 000884736 _____ () C:\Program Files (x86)\vkaraoke.exe
2020-05-12 20:16 - 2020-05-12 20:16 - 000000008 _____ () C:\Users\Eltern\AppData\Roaming\com.silhouettesoftware.id
2012-06-09 15:54 - 2012-06-09 15:54 - 000000000 _____ () C:\Users\Eltern\AppData\Local\rx_image32.Cache
2012-06-02 17:13 - 2012-06-02 17:13 - 000017408 _____ () C:\Users\Eltern\AppData\Local\WebpageIcons.db
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
10.04.2023, 11:13
| #17 |
| | MFResident-20230328-55Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-04-2023
durchgeführt von Eltern (10-04-2023 11:58:36)
Gestartet von C:\Users\Eltern\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.2728 (X64) (2021-06-21 09:41:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-607273383-903765569-4108737559-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-607273383-903765569-4108737559-503 - Limited - Disabled)
Eltern (S-1-5-21-607273383-903765569-4108737559-1003 - Administrator - Enabled) => C:\Users\Eltern
Gast (S-1-5-21-607273383-903765569-4108737559-501 - Limited - Disabled)
Henrike (S-1-5-21-607273383-903765569-4108737559-1004 - Limited - Enabled) => C:\Users\Henrike
HomeGroupUser$ (S-1-5-21-607273383-903765569-4108737559-1002 - Limited - Enabled)
Schilling Family (S-1-5-21-607273383-903765569-4108737559-1001 - Administrator - Enabled) => C:\Users\Schilling Family
WDAGUtilityAccount (S-1-5-21-607273383-903765569-4108737559-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Total Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.001.20093 - Adobe)
Adobe AIR (HKLM-x32\...\{10166660-0C51-4355-BD74-D4700EFDB83B}) (Version: 28.0.0.127 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced IP Scanner 2.5 (HKLM-x32\...\{804CED37-7CED-45A5-AEC8-0F1F0FEE17E1}) (Version: 2.5.3784 - Famatech)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Drag and Drop Transcoding (HKLM\...\{203DE003-C392-FF19-BCA2-3F775477BC94}) (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
ATI AVIVO64 Codecs (HKLM\...\{33A49BF2-CB4F-5E54-D7F5-25502CAB6B70}) (Version: 11.6.0.50706 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{397878FC-1B1B-EED7-04A8-3184CE494A3B}) (Version: 3.0.782.0 - ATI Technologies, Inc.)
Auto Clicker v6.1 (HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 6.1 - MurGee.com)
AutoGreen B10.0517.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
BlueStacks X (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\BlueStacks X) (Version: 0.18.30.9 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Configuration Utility (HKLM-x32\...\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}) (Version: 1.1.18.0 - DeviceVM Inc.)
BUDNI Fotowelt (HKLM-x32\...\BUDNI Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.7.0.6 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.5.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.6.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.3.0.6 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM-x32\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.9 (HKLM-x32\...\DPP) (Version: 3.9.0.3 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.1.0.4 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (HKLM-x32\...\{87323561-58BA-4D5B-BADA-A791B69D1705}) (Version: 1.00.0000 - ATI) Hidden
ChessBase Reader (HKLM-x32\...\{52A3CA50-6E19-40B2-AD6D-2B7B2D89A8E4}) (Version: 12.44.0.0 - ChessBase)
DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
Easy Tune 6 B10.0516.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
EasySaver B9.1214.1 (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 21.3 - Thüringer Landesfinanzdirektion)
EMC 11 Content (HKLM-x32\...\{21ABEA96-CCAB-4C40-8699-6BDFEC5FD63C}) (Version: 1.1.019 - Ihr Firmenname) Hidden
FastImageResizer (remove only) (HKLM-x32\...\FastImageResizer) (Version: - )
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
FileZilla Client 3.10.1.1 (HKLM-x32\...\FileZilla Client) (Version: 3.10.1.1 - Tim Kosse)
FLV Runner Toolbar (HKLM-x32\...\FLV_Runner Toolbar) (Version: 6.9.0.16 - FLV Runner) <==== ACHTUNG
Fotobuchexpress24 Bestellsoftware (HKLM-x32\...\Fotobuchexpress24) (Version: 4.0 - )
fotofoto Software (HKLM-x32\...\fotofotoSoftware) (Version: 4.0 - )
Free Video Dub version 2.0.21.827 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.827 - DVDVideoSoft Ltd.)
Freecorder 5 (HKLM-x32\...\Freecorder5.11) (Version: 5.11 - Applian Technologies Inc.)
Fritz 12 (HKLM-x32\...\{4F4182DA-3D58-41E3-913D-480F8DA5C863}) (Version: 12.0.0 - ChessBase)
Fritz und Fertig 3 (HKLM-x32\...\Fritz und Fertig 3) (Version: - )
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Google Chrome (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\Google Chrome) (Version: 112.0.5615.49 - Google LLC)
Google Chrome (HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Google Chrome) (Version: 112.0.5615.49 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.23.0 - BonanzaDeals) Hidden
Houdini 4 64-bit (HKLM\...\{BD221DF2-6078-42BE-9C09-EF1213E6DEAD}) (Version: 14.2.0.0 - ChessBase)
HydraVision (HKLM-x32\...\{D5134D14-A38D-A217-4310-5C8B6DFA08D0}) (Version: 4.2.174.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.18.55 - Huawei Technologies Co.,Ltd)
Java 8 Update 321 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Malwarebytes version 4.5.26.259 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.26.259 - Malwarebytes)
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
Media Go Video Playback Engine 1.116.101.02020 (HKLM-x32\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.101.02020 - Sony)
Microsoft .NET Framework 4.5.1 (DEU) (HKLM\...\{C513739C-5F16-37B5-9ACF-99925FF1C1F3}) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) (HKLM\...\{25E80DAA-FD87-DCE5-202C-CC02F6673002}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.34 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.34 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (HKLM\...\{90140000-002A-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\OneDriveSetup.exe) (Version: 23.061.0319.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-607273383-903765569-4108737559-1004\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (HKLM\...\{680EDA59-9266-44B4-949E-0C24F65DFF82}) (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (HKLM-x32\...\{E3B64CC5-C011-40C0-92BC-7316CD5E5688}) (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 62.0.2 (x64 de) (HKLM\...\Mozilla Firefox 62.0.2 (x64 de)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Reader (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\PDF Reader) (Version: - )
PDF Reader Packages (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\PDF Reader Packages) (Version: - ) <==== ACHTUNG
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
Roxio Activation Module (HKLM-x32\...\{1D53B6F9-E66E-42D8-A221-4FF8AC134FD7}) (Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (HKLM-x32\...\{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}) (Version: 1.3.1 - Roxio) Hidden
Roxio CinePlayer (HKLM-x32\...\{AA749D64-3741-4D5F-B804-B0BC05D179D1}) (Version: 5.0 - Roxio) Hidden
Roxio CinePlayer Decoder Pack (HKLM-x32\...\{C0FE37FA-0886-4B66-B01B-76CF70FB77AB}) (Version: 4.3.0 - Roxio) Hidden
Roxio File Backup (HKLM-x32\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.0 - Roxio) Hidden
Roxio Update Manager (HKLM-x32\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio)
Roxio WinOnCD 2009 (HKLM-x32\...\{3383136B-4F86-4F05-8612-DD4BB16A1EAE}) (Version: 4.5.0 - Roxio) Hidden
Roxio WinOnCD 2009 (HKLM-x32\...\{7919D8D9-69FB-4E94-B330-04C4AF251867}) (Version: 11.0 - Roxio)
Roxio WinOnCD 2009 (HKLM-x32\...\{9F8C7AAF-CF7E-4FC9-ADD6-9EAE4304A161}) (Version: 1.1.110 - Roxio) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{97099817-53F1-4CA1-ACEA-DA6D74371689}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{996096F8-956B-41C9-A7E3-9BA1E801014F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{D505EC85-885F-4BE3-8A89-3EFE4F855692}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.8.0 - SmartSound Software Inc)
Update for PDF Reader (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\DigitalSite) (Version: - ) <==== ACHTUNG
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSDC Free Video Editor Version 6.4.2.102 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.4.2.102 - Flash-Integro LLC)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Packages:
=========
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-31] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-22] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-04-08] (Microsoft Studios) [MS Ad]
Unpacker -> C:\Program Files\WindowsApps\AFF540DC.Unpacker_1.1.14.24_x64__v7353qx4kg3sa [2017-08-08] (Jujuba Software) [MS Ad]
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2015-11-12] (Microsoft Corporation)
Zip RAR 7Z -> C:\Program Files\WindowsApps\E7F9CCC0.ZipRAR7Z_1.5.0.0_neutral__58whwn0mv7c6y [2017-08-07] (D and V Limited)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\ChromeHTML: -> C:\Users\Eltern\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{1F9E0710-2073-435F-9C1B-F29946205947}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Eltern\AppData\Local\Google\Chrome\Application\112.0.5615.49\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.83\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-04-26] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-09] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Eltern\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7b8281b05742e423\Google Chrome.lnk -> C:\Users\Eltern\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-09-20 16:47 - 2012-09-21 06:00 - 000303104 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNCALBO.DLL
2015-09-20 16:47 - 2012-09-20 06:00 - 000390656 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMLMBO.DLL
2014-02-08 16:03 - 2012-07-31 11:18 - 000359936 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Eltern\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [140]
AlternateDataStreams: C:\Users\Eltern\Downloads\EmsisoftEmergencyKit.exe:MBAM.Zone.Identifier [123]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKU\S-1-5-21-607273383-903765569-4108737559-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=fe28521d0000000000001c6f653e2346
HKU\S-1-5-21-607273383-903765569-4108737559-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-607273383-903765569-4108737559-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
HKU\S-1-5-21-607273383-903765569-4108737559-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-607273383-903765569-4108737559-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com
HKU\S-1-5-21-607273383-903765569-4108737559-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
URLSearchHook: HKU\S-1-5-21-607273383-903765569-4108737559-1001 - (Kein Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - Keine Datei
URLSearchHook: HKU\S-1-5-21-607273383-903765569-4108737559-1001 - (Kein Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Keine Datei
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> DefaultScope {122F3846-0AE4-492e-81DE-906A0C4A482E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> {122F3846-0AE4-492e-81DE-906A0C4A482E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> {80C392F7-933D-4333-97C9-6836482FE614} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=fe28521d0000000000001c6f653e2346&r=378
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> DefaultScope {F81C3B13-EB13-4784-AD06-5308BBD978DA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> {F81C3B13-EB13-4784-AD06-5308BBD978DA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (Canon Inc. -> CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (Canon Inc. -> CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> Kein Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\DLLShared\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-607273383-903765569-4108737559-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
HKU\S-1-5-21-607273383-903765569-4108737559-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
HKU\S-1-5-21-607273383-903765569-4108737559-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Motorola Device Manager => 2
MSCONFIG\Services: Roxio UPnP Renderer 11 => 3
MSCONFIG\Services: Roxio Upnp Server 11 => 2
MSCONFIG\Services: RoxLiveShare11 => 2
MSCONFIG\Services: RoxMediaDB11 => 3
MSCONFIG\Services: RoxWatch11 => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: Sony PC Companion => 3
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{547E83B5-1313-4049-8C6C-7FEFCE3032C8}C:\users\eltern\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\eltern\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{39484926-44D0-4DAF-B0F8-866441E6D21A}C:\users\eltern\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\eltern\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{25FC2CF9-26C7-4801-865C-540B37D8F053}C:\users\eltern\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eltern\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{AF857C3D-3AD8-4EF9-85EA-8449CCA07F0B}C:\users\eltern\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eltern\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{73C5997B-A60F-4423-ABB7-310B58259BC2}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{6E0F8CA7-3119-4E34-8D0F-457FE24884BF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{79C30040-27F1-41BA-9061-5E6863DD79EF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{63D3CFC8-E445-4908-92DE-C1EF9B169D01}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{7AA2976B-1696-433C-951B-3638144151F5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{56DA2F88-0B42-4F5C-9AD1-87CECFB8F21A}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{0427B960-2364-4061-8D5A-B5D5238E0652}] => (Allow) C:\Users\Schilling Family\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{55CD2498-99BC-4878-9393-A93EEEF53276}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe => Keine Datei
FirewallRules: [{34FBCA88-D993-4E7D-AE9D-F75335CF1BD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe => Keine Datei
FirewallRules: [{75721B46-B736-4981-A30C-9C4A7DFA293F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{25ABFAB1-10A6-4C85-9498-4465BA7A8D25}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{32F2A2BD-95DF-41FB-86E2-E4FA4F05F363}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Keine Datei
FirewallRules: [{22EAF1AB-1A96-40C1-8142-3CEBDF58A647}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Keine Datei
FirewallRules: [{2D4667B5-F3E5-4885-882A-680251907CC5}] => (Allow) F:\o2CD.exe => Keine Datei
FirewallRules: [{A1F82616-54EE-4B24-BAF1-9FC9A59E06C9}] => (Allow) F:\o2CD.exe => Keine Datei
FirewallRules: [{BC62CBD5-D590-40D7-B254-2F6B63EA0A51}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3207EC1A-AC96-41C7-A43B-E0449E4CFD8C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BB65DA61-3AEF-4723-839F-8614B4B2DCE6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CEF21CCF-81CB-46AF-BF32-D50B57107806}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E7D017EE-5A08-4B83-8ABD-0E231E05E21A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{97EEE3EA-74AC-4C81-A147-4062BE737487}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{27AA07D2-29F9-4C0A-8FA7-D5ACDA31A49C}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe => Keine Datei
FirewallRules: [{25F5F1FF-2414-4F37-8B6A-27EAF4331A0D}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe => Keine Datei
FirewallRules: [{64711767-0BEA-4E26-93C0-E7067F35F510}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6267537C-2A47-4D0A-855E-11982B6C2CE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{19C62B83-B546-4D25-84EC-CF4188C945BE}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{847E80AE-8076-4540-9C12-38B8CED2229E}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{2C96EF38-3E0E-4B56-BE5F-66C94FBA7BF4}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{DCAE0FD6-BE9F-423F-9A44-CF663BE220E3}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe => Keine Datei
FirewallRules: [{13F44943-2753-4C2C-A854-B02E880FD681}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{1DE1C6EB-EC9E-4562-BAD8-1EF4A6F74758}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{CED1E8BF-8A0D-46A0-8671-8FBC100F75E8}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Keine Datei
FirewallRules: [{31A42FDB-DD04-4C37-A8F1-4208EE877C44}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{76B60587-7B61-4637-BEA2-7CAB8A4B0CB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{189FA84B-B945-43A6-893F-CC12EAE178B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{0E12E48C-5C80-40A2-BA71-1905CEF567CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{9AAB57D9-E18D-48FA-9EF4-83B52D7B34A8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:107.89 GB) (Free:23.9 GB) (22%)
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Kaspersky Security Data Escort Adapter #2
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SAMSUNG Electronics Co., Ltd.
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (04/09/2023 11:33:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MFResident.exe, Version: 1.2.0.1, Zeitstempel: 0x640aff06
Name des fehlerhaften Moduls: MFResident.exe, Version: 1.2.0.1, Zeitstempel: 0x640aff06
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001f4d9
ID des fehlerhaften Prozesses: 0x3150
Startzeit der fehlerhaften Anwendung: 0x01d96ac62f75b7b0
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\MFResident.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\MFResident.exe
Berichtskennung: 08d05093-2455-45b3-88d4-e500bef0bdaa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/08/2023 11:05:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf (D:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Error: (04/08/2023 11:05:31 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf System (G:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Error: (04/08/2023 11:05:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf System-reserviert nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Error: (04/08/2023 05:47:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.19041.2673, Zeitstempel: 0x4aa1ce82
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.19041.546, Zeitstempel: 0x564f9f39
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000000ae22
ID des fehlerhaften Prozesses: 0x21e4
Startzeit der fehlerhaften Anwendung: 0x01d96a3116ba964b
Pfad der fehlerhaften Anwendung: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\msvcrt.dll
Berichtskennung: 32924120-d70a-4eee-85c7-e9792f980003
Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel
Error: (04/03/2023 12:37:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31125
Error: (04/03/2023 12:37:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31125
Error: (04/03/2023 12:37:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (04/10/2023 11:21:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "MessagingService_d5bcab" wurde mit folgendem Fehler beendet:
Das Gerät ist nicht bereit.
Error: (04/09/2023 09:20:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MFLocalService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/09/2023 09:20:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/09/2023 09:20:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/09/2023 09:20:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Browser Configuration Utility Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/09/2023 09:20:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "JMB36X" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/09/2023 09:20:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/09/2023 09:20:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Windows Defender:
================
Date: 2023-04-09 13:03:54
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {122DEDBD-110C-43C7-92AA-54D865EFE49F}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Date: 2023-04-09 13:03:24
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {67E00F2C-F549-4C8F-96C0-452C8FDF1581}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-04-08 23:24:36
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {ED9C28EE-EF47-4E1E-ADB0-25B09DB6323E}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-04-08 23:10:44
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {7F618021-4600-4C04-868F-85D3F3C7A89D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-04-08 22:40:52
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/DownloadSponsor&threatid=311978&enterprise=0
Name: PUADlManager:Win32/DownloadSponsor
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Eltern\Downloads\FastStone Image Viewer - CHIP-Installer (1).exe; file:_C:\Users\Eltern\Downloads\FastStone Image Viewer - CHIP-Installer.exe; file:_C:\Users\Eltern\Downloads\VSDC Free Video Editor - CHIP-Installer (1).exe; file:_C:\Users\Eltern\Downloads\VSDC Free Video Editor - CHIP-Installer.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer:
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.387.403.0, AS: 1.387.403.0, NIS: 1.387.403.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4
Event[0]:
Date: 2023-02-14 22:12:26
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.381.3589.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x8050a003
Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support".
Date: 2023-02-14 22:12:26
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.381.3589.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x8050a003
Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support".
Date: 2023-02-14 22:12:26
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.381.3589.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x8050a003
Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support".
Date: 2023-02-14 22:10:52
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.381.3495.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x80070102
Fehlerbeschreibung: Der Wartevorgang wurde abgebrochen.
Date: 2023-02-14 22:10:52
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.381.3495.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x80070102
Fehlerbeschreibung: Der Wartevorgang wurde abgebrochen.
CodeIntegrity:
===============
Date: 2023-04-10 11:52:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Eltern\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Award Software International, Inc. FD 07/23/2010
Hauptplatine: Gigabyte Technology Co., Ltd. GA-890GPA-UD3H
Prozessor: AMD Phenom(tm) II X4 955 Processor
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 8189.55 MB
Verfügbarer physikalischer RAM: 4205.72 MB
Summe virtueller Speicher: 16381.55 MB
Verfügbarer virtueller Speicher: 11651.05 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:107.89 GB) (Free:23.9 GB) (Model: WDC WD6400AAKS-65A7B2 ATA Device) NTFS
Drive d: () (Fixed) (Total:97.56 GB) (Free:25.19 GB) (Model: WDC WD6400AAKS-65A7B2 ATA Device) NTFS
Drive e: () (Fixed) (Total:0 GB) (Free:0 GB) (Model: WDC WD6400AAKS-65A7B2 ATA Device)
Drive f: (ELM327 software) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
Drive g: (System) (Fixed) (Total:232.88 GB) (Free:44.68 GB) (Model: ST3250823AS ATA Device) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
\\?\Volume{dbb0575c-96c5-11e1-b743-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: E419C3C7)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=0F Extended)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 973E7CF0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=390.6 GB) - (Type=06)
Partition 4: (Not Active) - (Size=107.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
10.04.2023, 11:36
| #18 |
| /// TB-Ausbilder   | MFResident-20230328-55 Vielen Dank.
__________________Aufgrund der großen Menge an Schadsoftware müssen wir zuerst noch eine Spezialsuche mit FRST starten, damit wir auch möglichst alles mit der nächsten Bereinigungswelle heute Abend erwischen.  Schritt 1
|
|
10.04.2023, 13:09
| #19 |
| | MFResident-20230328-55Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version: 09-04-2023
durchgeführt von Eltern (10-04-2023 12:58:44)
Gestartet von C:\Users\Eltern\Downloads
Start-Modus: Normal
================== Datei-Suche: "SearchAll: Conduit;DeviceVM;FLV Player;FLVPlayer;MetaCrawler;ytd video downloader;Performersoft;Softonic;PC Speed Maximizer;speeddial;jZip;Tarma;Complitly;PriceGong;SUGGESTMEYES;FLV_Runner;BonanzaDeals;DigitalSite;PDF Reader Packages;{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" =============
Datei:
========
C:\Windows\Applian FLV Player Setup Log.txt
[2012-05-27 22:30][2012-05-28 11:47] 000007820 _____ () 22FA916CB648847E36EBDE44960085CF [Datei ist nicht signiert]
C:\Windows\Applian FLV Player Uninstall Log.txt
[2012-05-28 11:43][2012-05-28 11:43] 000003126 _____ () F40BA608DBEA31798790B0D10695B08E [Datei ist nicht signiert]
C:\Windows\System32\Tasks_Migrated\BonanzaDealsUpdate
[2019-08-11 19:29][2019-08-11 19:29] 000002590 _____ () 5F5B9424CAA4FDA71A2967583E070F44 [Datei ist nicht signiert]
C:\Users\Schilling Family\Desktop\Applian FLV Player.lnk
[2012-05-28 11:45][2012-05-28 11:45] 000001910 _____ () DB63E5A05795D15979E4581C7427C272 [Datei ist nicht signiert]
C:\Users\Schilling Family\Desktop\FLVPlayerSetup-2.0.25.exe
[2012-05-27 22:29][2012-05-27 22:29] 002569112 _____ () 59F2396FCD8E4910A64D962C1305477F [Datei ist nicht signiert]
C:\Users\Schilling Family\Desktop\FLVPlayerSetup-2.0.25[1].exe
[2012-05-28 11:45][2012-05-28 11:45] 002569112 _____ () 59F2396FCD8E4910A64D962C1305477F [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian FLV Player.lnk
[2012-05-28 11:45][2012-05-28 11:45] 000001940 _____ () A28AD0210DE6557D4D2AA4E9DA45FAA8 [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\http___support_bonanzadeals_net_
[2023-04-08 22:17][2023-04-08 22:17] 000037014 _____ () 62F6AB8EDE31921DF75FC3D53BC15722 [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\http___www_bonanzadeals_net_
[2023-04-08 22:17][2023-04-08 22:17] 000037014 _____ () 62F6AB8EDE31921DF75FC3D53BC15722 [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_BonanzaDeals_uninst_exe
[2023-04-08 22:17][2023-04-08 22:17] 000037014 _____ () 62F6AB8EDE31921DF75FC3D53BC15722 [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_FLV Player_FLVPlayer_exe
[2023-04-08 22:17][2023-04-08 22:17] 000037014 _____ () 89B545BF81BDDB00E4D6DDFCD2B40C80 [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_GreenTree Applications_YTD Video Downloader_Uninstall_exe
[2023-04-08 22:18][2023-04-08 22:18] 000037014 _____ () 787B57C0C3059EE7B4369DFD6AED251A [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_PC Speed Maximizer_HomePage_url
[2023-04-08 22:18][2023-04-08 22:18] 000037014 _____ () BAD093419BE1135CFE9694EA77088C78 [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_PC Speed Maximizer_PCSpeedMaximizer_chm
[2023-04-08 22:18][2023-04-08 22:18] 000037014 _____ () A62D519BE58C4EC079CD825E04C1F4BF [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Microsoft\Internet Explorer\DOMStore\RO9AAJR2\groupon.conduitapps[1].xml
[2012-12-23 14:41][2012-12-23 14:41] 000000013 _____ () C1DDEA3EF6BBEF3E7060A1A9AD89E4C5 [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Microsoft\Internet Explorer\DOMStore\RO9AAJR2\storage.conduit[1].xml
[2012-12-23 14:41][2012-12-23 14:41] 000000013 _____ () C1DDEA3EF6BBEF3E7060A1A9AD89E4C5 [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.performersoft.com_0.localstorage
[2013-04-02 21:10][2013-04-03 08:14] 000003072 _____ () D0AA470AC5CF9039976BAF92440701F2 [Datei ist nicht signiert]
C:\Users\Schilling Family\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.performersoft.com_0.localstorage-journal
[2013-04-02 21:10][2013-04-03 08:14] 000003608 _____ () 3D79EE59A9785DDFF1928D60C92336C3 [Datei ist nicht signiert]
C:\Users\Henrike\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\ZDDYRCXD\app.mam.conduit[1].xml
[2013-10-26 16:37][2013-10-26 16:37] 000000133 _____ () 7C4D89F4E51A1CCA3EE0228A726FCF96 [Datei ist nicht signiert]
C:\Users\Henrike\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\ZDDYRCXD\bday.conduitapps[1].xml
[2014-04-24 16:10][2014-04-24 16:10] 000000013 _____ () C1DDEA3EF6BBEF3E7060A1A9AD89E4C5 [Datei ist nicht signiert]
C:\Users\Henrike\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\YM7JEBPV\facebook.conduitapps[1].xml
[2013-10-26 16:37][2013-10-26 16:37] 000000013 _____ () C1DDEA3EF6BBEF3E7060A1A9AD89E4C5 [Datei ist nicht signiert]
C:\Users\Henrike\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\YM7JEBPV\facebook.conduitapps[2].xml
[2014-04-24 16:10][2014-04-24 16:10] 000000013 _____ () C1DDEA3EF6BBEF3E7060A1A9AD89E4C5 [Datei ist nicht signiert]
C:\Users\Henrike\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\YM7JEBPV\storage.conduit[1].xml
[2014-12-16 16:13][2014-12-16 16:13] 000000013 _____ () C1DDEA3EF6BBEF3E7060A1A9AD89E4C5 [Datei ist nicht signiert]
C:\Users\Henrike\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\MUUO5CWR\bday.conduitapps[1].xml
[2013-10-26 16:37][2013-10-26 16:37] 000000013 _____ () C1DDEA3EF6BBEF3E7060A1A9AD89E4C5 [Datei ist nicht signiert]
C:\Users\Henrike\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_GreenTree Applications_YTD Video Downloader_Uninstall_exe
[2020-03-09 20:19][2020-03-09 20:23] 000037014 _____ () 787B57C0C3059EE7B4369DFD6AED251A [Datei ist nicht signiert]
C:\Users\Henrike\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_GreenTree Applications_YTD Video Downloader_ytd_exe
[2019-10-06 20:31][2020-03-09 20:23] 000037014 _____ () 787B57C0C3059EE7B4369DFD6AED251A [Datei ist nicht signiert]
C:\Users\Henrike\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_PC Speed Maximizer_HomePage_url
[2019-10-06 20:18][2020-03-09 20:23] 000037014 _____ () BAD093419BE1135CFE9694EA77088C78 [Datei ist nicht signiert]
C:\Users\Henrike\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_PC Speed Maximizer_PCSpeedMaximizer_chm
[2020-03-09 20:25][2020-03-09 20:25] 000037014 _____ () A62D519BE58C4EC079CD825E04C1F4BF [Datei ist nicht signiert]
C:\Users\Henrike\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_PC Speed Maximizer_PCSpeedMaximizer_exe
[2020-03-09 20:25][2020-03-09 20:25] 000037014 _____ () D503527684378EB182675DA9730A3CCA [Datei ist nicht signiert]
C:\Users\Eltern\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\A9VZDFUB\localhost\FLVPlayerdata.Settings.sol
[2021-06-21 08:46][2022-10-13 11:06] 000000315 _____ () 0079FED33BC81DFB16E65DFE2D92294C [Datei ist nicht signiert]
C:\Users\Eltern\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\NPK6084L\storage.conduit[1].xml
[2012-12-31 00:55][2012-12-31 00:55] 000000013 _____ () C1DDEA3EF6BBEF3E7060A1A9AD89E4C5 [Datei ist nicht signiert]
C:\Users\Eltern\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\JRNS150J\groupon.conduitapps[1].xml
[2012-12-31 00:55][2012-12-31 00:55] 000000013 _____ () C1DDEA3EF6BBEF3E7060A1A9AD89E4C5 [Datei ist nicht signiert]
C:\Users\Eltern\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_GreenTree Applications_YTD Video Downloader_Uninstall_exe
[2023-04-04 21:56][2023-04-04 21:56] 000037014 _____ () 787B57C0C3059EE7B4369DFD6AED251A [Datei ist nicht signiert]
C:\Users\Eltern\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_PC Speed Maximizer_HomePage_url
[2023-04-04 21:56][2023-04-04 21:56] 000037014 _____ () BAD093419BE1135CFE9694EA77088C78 [Datei ist nicht signiert]
C:\Users\Eltern\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_PC Speed Maximizer_PCSpeedMaximizer_chm
[2023-04-04 21:54][2023-04-04 21:54] 000037014 _____ () A62D519BE58C4EC079CD825E04C1F4BF [Datei ist nicht signiert]
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iSyncConduit.dll
[2021-08-20 03:09][2021-08-20 03:09] 001791776 _____ (Apple Inc.) B0E574635E54B3B06512FD815BF46A3B [Datei ist digital signiert]
C:\Program Files (x86)\Canon\Quick Menu\AppInfo\Icon\MENU_SPEEDDIAL_SETTINGS_N.png
[2014-02-08 16:05][2012-04-24 17:40] 000002632 _____ () 64A71B67743D3A1FE8CCFB14F8F5B581 [Datei ist nicht signiert]
C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.240.400.0_x64__kgqvnymyfvs32\res_output\shared\diorama\common\tex\gui_elements\repeat\starman_icon_striped_fill.webp
[2023-04-09 11:43][2023-04-09 11:43] 000000000 _____ () D41D8CD98F00B204E9800998ECF8427E [Datei ist nicht signiert]
C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.208.400.0_x86__kgqvnymyfvs32\res_output\shared\diorama\common\tex\gui_elements\repeat\starman_icon_striped_fill.webp
[2021-06-22 10:12][2021-06-22 10:17] 000000176 _____ () D35EE82A617A37DC965A883A24A72DBE [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20230409.212049\65\FLV Player\FLVPlayer.exe#7D50AE93B422AA85
[2007-11-28 20:45][2008-03-04 01:08] 001926844 _____ () 42C1B697DAA6D19C139BE60F25985D89 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20230409.212049\64\FLV Player\Applian FLV Player.lnk#CCF27DB05EC9C92C
[2012-05-28 11:45][2012-05-28 11:45] 000001946 _____ () FCD795938324D7DB30889ADABBEDDCF5 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20230409.212049\64\FLV Player\Uninstall Applian FLV Player.lnk#50C435AF3C577DBB
[2012-05-28 11:45][2012-05-28 11:45] 000002028 _____ () 9A96854D23D8CCFE88776D1572914F22 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20230409.212049\32\metacrawler-speeddial.crx#3F5B680EC0538DAF
[2023-04-09 21:20][2013-11-16 13:11] 000356766 _____ () 7555E915880B615933C1A24E400BC68B [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20230409.212049\26\METACRAWLER.JOB#0231B20FC9E00C2F
[2023-04-09 21:20][2015-09-20 15:11] 000000320 _____ () 8A8114B08507F78C09EEAA003161CB31 [Datei ist nicht signiert]
Ordner:
========
2012-05-27 22:30 - 2012-05-27 22:30 _____ C:\Windows\Applian FLV Player
2017-11-25 21:48 - 2017-11-25 21:48 _____ C:\Users\Schilling Family\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_de.softonic.com_0.indexeddb.leveldb
2017-10-24 15:25 - 2017-10-24 15:25 _____ C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default\storage\default\https+++de.softonic.com
2014-05-29 12:21 - 2014-05-29 12:21 _____ C:\Users\Eltern\AppData\Local\VirtualStore\Program Files (x86)\jZip
2012-05-28 11:45 - 2023-04-09 21:20 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\65\FLV Player
2012-05-28 11:45 - 2023-04-09 21:20 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\64\FLV Player
2013-11-16 13:16 - 2023-04-09 21:20 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\62\PC Speed Maximizer
2012-08-27 08:44 - 2023-04-09 21:20 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\58\ytd video downloader
2019-11-30 19:22 - 2023-04-09 21:20 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\57\ytd video downloader
2012-05-28 11:47 - 2023-04-09 20:21 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\56\Conduit
2013-04-03 08:09 - 2023-04-09 20:16 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\55\Performersoft
2013-11-16 13:11 - 2013-11-16 13:11 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\54\MetaCrawler
2013-11-16 13:11 - 2013-11-16 13:11 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\53\MetaCrawler
2014-05-29 12:21 - 2023-04-09 21:20 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\52\jZip
2012-08-27 08:44 - 2023-04-09 21:20 ____A C:\AdwCleaner\Quarantine\v1\20230409.212049\48\GreenTree Applications\YTD Video Downloader
2012-05-05 21:20 - 2012-05-05 21:20 ____H C:\AdwCleaner\Quarantine\v1\20230409.212049\47\DeviceVM
2013-04-02 21:09 - 2013-04-04 20:59 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\46\Tarma Installer
2013-12-03 10:56 - 2013-12-03 10:56 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\35\Softonic
2013-12-03 10:56 - 2013-12-03 10:56 _____ C:\AdwCleaner\Quarantine\v1\20230409.212049\35\Softonic\Softonic
Registry:
========
===================== Suchergebnis für "Conduit" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966]
"902DD72566A8F28478977C3BABCC8A1F"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iSyncConduit.dll"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar]
"Server"="users.conduit.com"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar]
"GroupingServerURL"="hxxp://grouping.services.conduit.com/"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar]
"PrivacyPageURL"="hxxp://www.conduit.com/privacy/Default.aspx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar]
"DisplayTrusteSeal"="hxxp://trust.conduit.com/EB_ORIGINAL_CTID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar]
"UsageURL"="hxxp://usage.users.conduit.com/UsersWebService.asmx/UsersRequests"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar]
"ClientLogURL"="hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar]
"UninstallURL"="hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar]
"AppsDetectionUrlPattern"="hxxp://appdownload.conduit.com/"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Login]
"users.conduit.com Last Login TB Version:6.8.10.403"="1338199182"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\AppRegisterUsage]
"ServiceUrl"="hxxp://apps.usage.conduit-services.com/AppOperations/AppRegistration.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\AppsMetaData]
"ServiceUrl"="hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\AppsSettings]
"ServiceUrl"="hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_COMP_ID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\AppTrackingFirstTime]
"ServiceUrl"="hxxp://tracking.usage.app.conduit-services.com/FirstTime.ashx?current=EB_APPTRACKING_CURRENT_STATE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\AppTrackingUsage]
"ServiceUrl"="hxxp://tracking.usage.app.conduit-services.com/Usage.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\AppUninstallUsage]
"ServiceUrl"="hxxp://apps.usage.conduit-services.com/AppOperations/AppUninstall.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\BrowserToolbarsInfo]
"ServiceUrl"="hxxp://counting.usage.toolbar.conduit-services.com/usage.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ClientErrorLog]
"ServiceUrl"="hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\DynamicDialogs]
"ServiceUrl"="hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=EB_TOOLBAR_VERSION"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\GottenAppsContextMenu]
"ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=EB_LOCALE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\HostingUsage]
"ServiceUrl"="hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\LocationService]
"ServiceUrl"="hxxp://ip2location.conduit-services.com/ip/"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\OtherAppsContextMenu]
"ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=EB_LOCALE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\RecoveryService]
"ServiceUrl"="hxxp://recovery.conduit-services.com/toolbar"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\SearchInNewTabBlank]
"ServiceUrl"="hxxp://storage.conduit.com/SearchInNewTab/SearchInNewTabBlank.html"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\SearchSettings]
"ServiceUrl"="hxxp://API.search.conduit.com/Settings/?ctid=EB_TOOLBAR_ID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\SharedAppsContextMenu]
"ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=EB_LOCALE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarAppComponentUsage]
"ServiceUrl"="hxxp://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarAppUsage]
"ServiceUrl"="hxxp://usage.toolbar.conduit-services.com/ToolbarUsage.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarComponentUsage]
"ServiceUrl"="hxxp://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarContextMenu]
"ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=EB_LOCALE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarGrouping]
"ServiceUrl"="hxxp://grouping.services.conduit.com/GroupingRequest.ctp?type=GetGroup&ctid=EB_ORIGINAL_CTID&lut=0&locale=EB_OS_LOCALE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarHiddenLogin]
"ServiceUrl"="hxxp://login.hiddentoolbar.conduit-services.com/Login.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarHiddenSettings]
"ServiceUrl"="hxxp://Settings.toolbar.search.conduit.com/root/EB_TOOLBAR_ID/EB_ORIGINAL_CTID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarLogin]
"ServiceUrl"="hxxp://login.toolbar.conduit-services.com/Login.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarSettings]
"ServiceUrl"="hxxp://Settings.toolbar.search.conduit.com/root/EB_TOOLBAR_ID/EB_ORIGINAL_CTID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarSettingsForPublisher]
"ServiceUrl"="hxxp://settings.publisher.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarSettingsForSB]
"ServiceUrl"="hxxp://settings.smartbar.conduit-services.com/settings/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&protocolVersion=EB_PROTOCOL_VERSION"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarSettingsPublisherForSB]
"ServiceUrl"="hxxp://settings.publisher.smartbar.conduit-services.com/settings/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&protocolVersion=EB_PROTOCOL_VERSION"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarTranslation]
"ServiceUrl"="hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarUninstall]
"ServiceUrl"="hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\ToolbarUsage]
"ServiceUrl"="hxxp://usage.toolbar.conduit-services.com/ToolbarUsage.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\UninstallDialog]
"ServiceUrl"="hxxp://UninstallDialog.conduit-services.com/view/view.aspx?ctid=EB_TOOLBAR_ID&version=EB_TOOLBAR_VERSION"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933\UninstallDialogUsage]
"ServiceUrl"="hxxp://uninstalldialogusage.toolbar.conduit-services.com/Usage.ashx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933_CT1060933]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\conduit_CT1060933_en-us]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\MetaData\1799117118]
"dbname"="conduit_CT1060933_en-us"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\MetaData\1891374845]
"dbname"="conduit_CT1060933_CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\MetaData\2301643798]
"dbname"="conduit_CT1060933_CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\MetaData\256770867]
"dbname"="conduit_CT1060933_CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\MetaData\2596824318]
"dbname"="conduit_CT1060933_CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\MetaData\2965554788]
"dbname"="conduit_CT1060933_CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\MetaData\3214577502]
"dbname"="conduit_CT1060933_CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\MetaData\38143507]
"dbname"="conduit_CT1060933_CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\MetaData\4082133043]
"dbname"="conduit_CT1060933_CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\Repository\MetaData\869225793]
"dbname"="conduit_CT1060933_CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings]
"APITrustedDomains"="conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCityToolbar.com,MyCollegeToolbar.com,MyFamilyToolbar.com,MyForumToolbar.com,MyLibraryToolbar.com,MyRadioToolbar.com,MyStoreToolbar.com,MyTownToolbar.com,MyUniversityToolbar.com,OurChurchToolbar.com,MyXangaToolbar.com,Media-Toolbar.com,LoyaltyToolbar.com,MyTeamToolbar.com,GreatToolbars.com,OurOrganizationToolbar.com,OurBusinessToolbar.com,Toolbar.fm"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings]
"SocialDomains"="social.conduit.com;apps.conduit.com;services.apps.conduit.com"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\BackHandStorage\http___cdn1_certified-apps_com_scripts_publishers_conduit_autoapprovedist_htmlcomponent_htm]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\BackHandStorage\http___cdn_printitgreen_com_conduit_app_html]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\BackHandStorage\http___storage_conduit_com_PS_ShoppingApp_V1_pgcb1_2_html_ctid=CT1060933]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\ExternalComponent]
"hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us"="1338199179"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\ExternalComponent]
"hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us"="1338199179"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\ExternalComponent]
"hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us"="1338199179"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\ExternalComponent]
"hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us"="1338199179"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\FeatureProtector\BrowserSearch]
"URLFromService"="hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\FeatureProtector\BrowserSearch]
"ConduitEnabled"="TRUE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\FeatureProtector\HomePage]
"URLFromService"="hxxp://search.conduit.com?SearchSource=10&ctid=CT1060933"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\FeatureProtector\HomePage]
"ConduitEnabled"="TRUE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\MyStuff]
"AddStuffLink"="hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\MyStuff]
"ConduitEnable"="TRUE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\RadioPlayer]
"ServerUrl"="hxxp://radio.services.conduit.com/RadioRequest.ctp"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\Search\Settings]
"ContextMenuSearchUrl"="hxxp://search.conduit.com/ResultsExt.aspx?q=MYSEARCHTERM&ctid=EB_CTID&octid=EB_ORIGINAL_CTID&SearchSource=8"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\SearchInNewTab]
"AboutTabsDataUrlConduit"="hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\SearchInNewTab]
"AboutTabsEnabledByConduit"="TRUE"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\SearchInNewTab]
"AboutTabsUsageUrl"="hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\Update]
"ModuleURL"="hxxp://ieupdate.conduit.com/ver6.8.5.1/tbedrs.dll"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder\toolbar\settings\Upgrade]
"ModuleURL"="hxxp://ieupgrade.conduit-download.com/IEUpgrade/ver6.8.5.1/tbedrs.dll"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Wow6432Node\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}]
""="Conduit Community Alerts"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Wow6432Node\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}\InprocServer32]
""="C:\Users\Eltern\AppData\Local\Conduit\Community Alerts\Aler0.dll"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com]
===================== Suchergebnis für "DeviceVM" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\template\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\icon\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-AE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-BH\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-DZ\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-EG\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-IQ\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-JO\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-KW\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-LB\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-LY\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-MA\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-OM\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-QA\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-SA\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-SY\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-TN\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-YE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\cs-CZ\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\da-DK\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\de-AT\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\de-CH\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\de-DE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\de-LI\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\de-LU\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\el-GR\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-029\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-AU\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-BZ\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-CA\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-GB\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-IE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-IN\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-JM\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-MY\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-NZ\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-PH\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-SG\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-TT\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-US\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-ZA\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-ZW\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-AR\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-BO\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-CL\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-CO\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-CR\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-DO\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-EC\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-ES\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-ES_tradnl\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-GT\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-HN\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-MX\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-NI\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-PA\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-PE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-PR\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-PY\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-SV\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-US\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-UY\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-VE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fi-FI\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-BE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-CA\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-CH\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-FR\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-LU\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-MC\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\he-IL\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\hr-BA\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\hr-HR\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\hu-HU\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\it-CH\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\it-IT\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ja-JP\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ko-KR\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\nb-NO\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\nl-BE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\nl-NL\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\pl-PL\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\pt-BR\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\pt-PT\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ru-RU\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\sk-SK\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\sl-SI\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\sv-FI\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\sv-SE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\tr-TR\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\zh-CN\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\zh-HK\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\zh-MO\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\zh-SG\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\zh-TW\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\016DE60871C0A029749F021E17ED1EAE]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-NZ\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\03B668FC3B60B39DA984A227C2474F83]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-US\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\069D15A1025068A4F74959C0B869E104]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\it-IT\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0775BA6C9950EED25FD45CD9A3D53A59]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-MY\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\087C72201E909E33C96F2F2C1731BC07]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-DZ\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BB42A1AAE90B3DF8CA5613AC5E5A4FE]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-PA\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\135497E2CA6B21049BF4D0A9FB71E3BC]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14028CE02A6151D102129D084BA15B45]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-SA\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14FC15876B91B7B0DA514247BC6F2098]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ru-RU\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\166BF09269D172D2996631A726512A4B]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\pl-PL\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\172BC29F4571CB010C26D9C9F930909A]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\hr-HR\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18051FFF7B117602FB56C0323EEF692A]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\sv-FI\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18274E1F7E614121623895532262A466]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-ZA\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C767F16AE911D6CED419A4D1885FEB1]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\pt-BR\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DFD7A65F6F166DB63A7CAE9FF6AC341]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-MC\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E1AB1162CC154C37A51A19B7A60BDB3]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\sl-SI\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1FF088BA88115FC47315EC7763CFEAC1]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\zh-HK\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\200E9645BF6285775EF8ACA103C176B3]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-LY\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23ACC1C1C0E2A141D6261EA8FD83F197]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-BH\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\25B875297F82A5FD601C9FFFE46DFDC8]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\cs-CZ\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27514FE5C842463B4B5C10DC1466B028]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-VE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2D39D9CBCB629BDF8A512E704F63BC65]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\hr-BA\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2FC0F4457FD2CC0D83A5449A1863327E]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\tr-TR\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32C27756CC131BC4D368EDC078E09C4F]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-ES_tradnl\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\36BFB502A3330C7D65EB5C2E77EBD7D9]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-SG\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\36F57B7CEDF39E1E1592499968D726C7]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-YE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4353B66D21A423EC3E1EB8D53C4B54E4]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-ZW\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A90A7B19B84CDDBE46517DD3191AB9D]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-IQ\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CC07B602EF4C3D0E31C350BF5BC6472]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-CR\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\534823CBD445A3870C8DB26430FE0599]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-TT\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\55369B7DFB356889BDDFEE543EA217B5]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-KW\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5782CA5DB615C9E8486F574AE6D4493E]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-GB\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\57A00E5958F5A7F56DE7B3692DA0889B]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-DO\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\57B254E3BBF5228CC7D5A3DFC02CCB1B]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\hu-HU\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C072A98191FC1644A2B9670D4659B10]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\template\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D5F40A331353A0ECACF08D71FD69822]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-IN\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60224FAFE4D672F68AD2D1AEDC48039D]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-JM\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60AD9C479D36A89D8134C6CEAF2986FF]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-CA\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60BEA5E48DF6933852FB810993A9CAA2]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-LU\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618683B5D85686E14D9A26B7A4B92B38]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\nl-BE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\686BDE8470523844FAFE17C06449F40F]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\694892306EB6D6A51518DDB208A8015E]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-LB\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6992648F0AC667F84B6B741AEB4F5579]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-NI\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6CA937E03ECC19840AD9DDA2F31F2A77]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\icon\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6FB28499F5D657F4416DA4003BD0FDA7]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-MX\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\70D624E5A77741CE6AF24B97D8747783]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-CH\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71CB853A5837BFCE27A1161984A0BF4D]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\he-IL\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73C62BD769B7E008F941A42603659903]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-CO\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\763DA14889F7E9262CB8E5A46FBC70C0]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ja-JP\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DEF4E4B364444C4C9931EA5D2E97934]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8585CE53A898839E3DAB38EEB3C0726B]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-PY\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8923E54EA758649270DE55DA8E9A71CD]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\de-LU\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C2A9A239518FAD005D71597F624A73F]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\da-DK\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90AFA4959469D3F240D9FDBEEA7ECD10]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\sv-SE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\91A5A7FE180983A0E7FF1F04A03CFFE5]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-HN\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94895A51F709F47004661275F9D1D235]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-AU\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\963ED69F4C79AD9E14403614B2EDD2F7]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\nl-NL\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CA0AEDE43B9AD9B229D3424CB8BB164]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-SY\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CC022C4A7E9CF8DBA70B5BC329379A8]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-PE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D735316EA59F4D28D21247417A7A523]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-FR\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A222092FDE0ABEF1DB2B9A369493C89E]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-AR\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A29F8ED2620AEAAE60A5CB577BE78E7B]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\de-AT\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2BA9FC5B15A77D08DEE7E7C106B85CB]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-TN\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A3394FC14B2A62EAA838B5A6455690D5]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-ES\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A831FFEC4A2AEFB4EF14908F467C5D46]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\de-DE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9A9EAC3370AFABF390E0F9CF54ABAAC]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-PR\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA7B9C3AE4FA8A34268E0436F3094068]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\it-CH\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D3898267AB73C333A1CD2A75B280B4]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-GT\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5AA0F83DAEB9A47452F9464D18E9934]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\de-LI\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B67CED5287BBFB729E370EBB216810C4]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fr-BE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6DDBE90017B82D3D292DFCC54C217D9]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-BZ\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BBA97FFBD11BFD368E84ADDE62C9C098]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-CA\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C167984857CCE006FD3AB3C76994A94F]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-EC\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C7AF105B175CEF95890BAE22AF0ECB48]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-EG\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C8C04FE9565C70BE9D006734892DCAAF]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-QA\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA109E2F661CC4CAC80D0CE0ED399610]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\zh-TW\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CD2803CC49FC0C2F198C1E2EA48353DF]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ko-KR\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEBB4FC36BC027F5955FED7D4EFBD6A]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\el-GR\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D23BB04796BDC2295262416CBDB997BB]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-OM\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2E95630ABAD781C6ED14AF9638451E0]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-AE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2FEBBAFACDD2E23A78336177AA3B385]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\nb-NO\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D49E8B83607DDF4C78E66F6CA6719060]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-US\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D9609D942EADB1C043FDB0151159D8F4]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\fi-FI\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDE5F6ABA74D2C08C7051511430325F8]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\zh-MO\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEB7CEE016DDD1A45420283F6817FBF0]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\zh-CN\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E2E6EEBA988EB23E5148536D2B82E794]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-029\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4EB5897ACBE36AD5ABD1BA7BEA71E30]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-UY\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5BCEEC50B1EF2440C62F261C3B86A36]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-MA\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F41F083262EFE7A8B8DCD33C1802876F]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-IE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F42C42D7773F50B34D289AED72F035DC]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ZyngaGamesRes.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F651E3208D5F9747937AA52BC32B5FC2]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\en-PH\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F78A8348FF4F9805CF59E55AD68C7EB1]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\zh-SG\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7FCBA0AD07FFBF48A846517789BEEDC]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-BO\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F98294260C9FC7F83343830A43875124]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\sk-SK\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F99405CD706FD4B40A30F686D2A6E72D]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-CL\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F994857C047FD36DE27C4E9A6797628C]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ar-JO\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FCD5B6B047EF368312A1C0E5F0EB6F9C]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\es-SV\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDD4F941B37F73E288BE00CD201C5CE5]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\pt-PT\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFFE1A0D3F7F98F0BA3DEE415915598F]
"7E199F2ADCDD7B24FACE7487A990F9CD"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\de-CH\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E199F2ADCDD7B24FACE7487A990F9CD\InstallProperties]
"InstallLocation"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E199F2ADCDD7B24FACE7487A990F9CD\InstallProperties]
"Publisher"="DeviceVM Inc."
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\DeviceVM]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\DeviceVM\Browser Configuration Utility]
"InstallPath"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\DeviceVM\Browser Configuration Utility\FF\Yahoo]
"AdsBar_URL"="hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=ytff-devicevm&type=IEBD"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\DeviceVM\Browser Configuration Utility\FF\Yahoo]
"Chrome_URL"="hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chrf-devicevm&type=IEBD"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\DeviceVM\Browser Configuration Utility\IE\Yahoo]
"AdsBar_URL"="hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\DeviceVM\Browser Configuration Utility\IE\Yahoo]
"Chrome_URL"="hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\DeviceVM\Browser Configuration Utility\Plugins\ZyngaGames]
""="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ZyngaGames.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=""C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}]
"InstallLocation"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}]
"Publisher"="DeviceVM Inc."
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\DeviceVM]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\DeviceVM\Browser Configuration Utility\IE]
"AddressBarSearchURL"="hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{122F3846-0AE4-492e-81DE-906A0C4A482E}]
"URL"="hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{122F3846-0AE4-492e-81DE-906A0C4A482E}]
"FaviconPath"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\icon\Yahoo.ico"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4B899C6A-EA48-45bb-AEB9-27AFF0DBD8AC}]
"FaviconPath"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\icon\Google.ico"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\DeviceVM]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\DeviceVM\Browser Configuration Utility\IE]
"AddressBarSearchURL"="hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F81C3B13-EB13-4784-AD06-5308BBD978DA}]
"URL"="hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F81C3B13-EB13-4784-AD06-5308BBD978DA}]
"FaviconPath"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\icon\Yahoo.ico"
===================== Suchergebnis für "FLV Player" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Flash.VideoFile\Shell\Open\Command]
""="C:\Program Files (x86)\FLV Player\flvplayer.exe "%1""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\UserSettings\S-1-5-21-607273383-903765569-4108737559-1003]
"\Device\HarddiskVolume4\Program Files (x86)\FLV Player\FLVPlayer.exe"="0x229F54EA0FAED30100000000000000000000000002000000"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"0"="C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian FLV Player.lnk
C:\Program Files (x86)\FLV Player\FLVPlayer.exe
"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"3"="C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Applian FLV Player.lnk
C:\Program Files (x86)\FLV Player\FLVPlayer.exe
"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"4"="C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall Applian FLV Player.lnk
C:\Windows\Applian FLV Player\uninstall.exe
"/U:C:\Program Files (x86)\FLV Player\Uninstall\uninstall.xml""
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\198b363e_0]
""="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0892&subsys_1458a102&rev_1003#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume5\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\295a639d_0]
""="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0892&subsys_1458a102&rev_1003#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\fb949d57_0]
""="{0.0.0.00000000}.{3bdadaf0-105d-4e12-aa62-e342f716db79}|\Device\HarddiskVolume5\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\FLV Player\FLVPlayer.exe"="252"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\ShowJumpView]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\FLV Player\FLVPlayer.exe"="3"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\FLV Player\FLVPlayer.exe"="0x5341435001000000000000000700000028000000BC661D00000000000100000000000000000000067120000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000005ED79C0000000000AF000000AF000000"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\FLV Player\flvplayer.exe.FriendlyAppName"="flvplayer.exe"
===================== Suchergebnis für "FLVPlayer" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Flash.VideoFile\Shell\Open\Command]
""="C:\Program Files (x86)\FLV Player\flvplayer.exe "%1""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\UserSettings\S-1-5-21-607273383-903765569-4108737559-1003]
"\Device\HarddiskVolume4\Program Files (x86)\FLV Player\FLVPlayer.exe"="0x229F54EA0FAED30100000000000000000000000002000000"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"0"="C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian FLV Player.lnk
C:\Program Files (x86)\FLV Player\FLVPlayer.exe
"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"3"="C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Applian FLV Player.lnk
C:\Program Files (x86)\FLV Player\FLVPlayer.exe
"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Binary Noise\mPlayer\FLVPlayer.exe]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\198b363e_0]
""="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0892&subsys_1458a102&rev_1003#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume5\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\295a639d_0]
""="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0892&subsys_1458a102&rev_1003#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\fb949d57_0]
""="{0.0.0.00000000}.{3bdadaf0-105d-4e12-aa62-e342f716db79}|\Device\HarddiskVolume5\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\FLV Player\FLVPlayer.exe"="252"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\ShowJumpView]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\FLV Player\FLVPlayer.exe"="3"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\OpenWithList]
"a"="flvplayer.exe"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\OpenWithList]
"d"="flvplayer.exe"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithList]
"a"="FLVPlayer.exe"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithList]
"l"="FLVPlayer.exe"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\FLV Player\FLVPlayer.exe"="0x5341435001000000000000000700000028000000BC661D00000000000100000000000000000000067120000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000005ED79C0000000000AF000000AF000000"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\FLV Player\flvplayer.exe.FriendlyAppName"="flvplayer.exe"
===================== Suchergebnis für "MetaCrawler" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp]
"path"="C:\Users\Schilling Family\AppData\Local\metacrawler-speeddial.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
"MetaCrawler.job"="0x4DF71C0C6367AD9317731D677353F8ADADEE6F1127EBC5390A40033DD74B7834F618A83C489E705A915067DBD50BA323A484E813CEA424F0DE8D02EDA65BEBB0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
"MetaCrawler.job.fp"="294459390"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp]
"path"="C:\Users\Schilling Family\AppData\Local\metacrawler-speeddial.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B73DC3B9-9E08-4781-BF75-12F6A54FBF89}]
"AppName"="metacrawlersrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B73DC3B9-9E08-4781-BF75-12F6A54FBF89}]
"AppPath"="C:\Program Files (x86)\metaCrawler\1.8.19.0\"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp]
"path"="C:\Users\SCHILL~1\AppData\Local\metacrawler-speeddial.crx"
===================== Suchergebnis für "ytd video downloader" ==========
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\GreenTree Applications\YTD]
""="C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dacc8e39_0]
""="{0.0.0.00000000}.{3bdadaf0-105d-4e12-aa62-e342f716db79}|\Device\HarddiskVolume5\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"103"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\Uninstall.lnk
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Uninstall.exe
"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\GreenTree Applications\YTD Video Downloader]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dacc8e39_0]
""="{0.0.0.00000000}.{3bdadaf0-105d-4e12-aa62-e342f716db79}|\Device\HarddiskVolume5\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\GreenTree Applications\YTD Video Downloader\ytd.exe"="5"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe"="0x5341435001000000000000000700000028000000A82B1A003D271B0001000000000000000000000A71220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000009EA01200000000000100000001000000"
===================== Suchergebnis für "Performersoft" ==========
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\PerformerSoft LLC]
===================== Suchergebnis für "Softonic" ==========
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=fe28521d0000000000001c6f653e2346"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80C392F7-933D-4333-97C9-6836482FE614}]
"DisplayName"="Search the web (Softonic)"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80C392F7-933D-4333-97C9-6836482FE614}]
"URL"="hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=fe28521d0000000000001c6f653e2346&r=378"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80C392F7-933D-4333-97C9-6836482FE614}]
"OSDFileURL"="file:///C:/Users/SCHILL~1/AppData/Local/Temp/Softonic/Softonic/1.8.21.14/Softonic.xml"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80C392F7-933D-4333-97C9-6836482FE614}]
"FaviconURL"="hxxp://search.softonic.com/favicon.ico"
===================== Suchergebnis für "PC Speed Maximizer" ==========
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe"="RUNASADMIN ELEVATECREATEPROCESS"
===================== Suchergebnis für "speeddial" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp]
"path"="C:\Users\Schilling Family\AppData\Local\metacrawler-speeddial.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp]
"path"="C:\Users\Schilling Family\AppData\Local\metacrawler-speeddial.crx"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp]
"path"="C:\Users\SCHILL~1\AppData\Local\metacrawler-speeddial.crx"
===================== Suchergebnis für "jZip" ==========
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\"Software\jZip]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\"Software\jZip\jZip"]
===================== Suchergebnis für "Tarma" ==========
===================== Suchergebnis für "Complitly" ==========
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-607273383-903765569-4108737559-1004\Software\Complitly]
===================== Suchergebnis für "PriceGong" ==========
===================== Suchergebnis für "SUGGESTMEYES" ==========
===================== Suchergebnis für "FLV_Runner" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6FD161C-99C2-4ED9-A337-EB9C5F9CBD83}]
"AppPath"="C:\Program Files (x86)\FLV_Runner"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6FD161C-99C2-4ED9-A337-EB9C5F9CBD83}]
"AppName"="FLV_RunnerToolbarHelper.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner Toolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner Toolbar]
"DisplayIcon"="C:\Program Files (x86)\FLV_Runner\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner Toolbar]
"UninstallString"="C:\Program Files (x86)\FLV_Runner\uninstall.exe toolbar"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-607273383-903765569-4108737559-1003\Software\FLV_Runner]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6FD161C-99C2-4ED9-A337-EB9C5F9CBD83}]
"AppPath"="C:\Program Files (x86)\FLV_Runner"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6FD161C-99C2-4ED9-A337-EB9C5F9CBD83}]
"AppName"="FLV_RunnerToolbarHelper.exe"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Users\Eltern\Downloads\FLV_Runner.exe"="1"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Wow6432Node\CLSID\{07CEA379-7178-4758-9C80-969876E32395}\InprocServer32]
""="C:\Users\Eltern\AppData\LocalLow\FLV_Runner\prxtbFLV2.dll"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Wow6432Node\CLSID\{3bbd3c14-4c16-4989-8366-95bc9179779d}\InprocServer32]
""="C:\Users\Eltern\AppData\LocalLow\FLV_Runner\prxtbFLV2.dll"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-607273383-903765569-4108737559-1004\Software\FLV_Runner]
===================== Suchergebnis für "BonanzaDeals" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E\SourceList]
"PackageName"="BonanzaDealsLiveHelper.msi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E\SourceList]
"LastUsedSource"="n;1;C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E\SourceList\Net]
"1"="C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E\InstallProperties]
"InstallSource"="C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E\InstallProperties]
"Publisher"="BonanzaDeals"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
"BonanzaDealsLiveUpdateTaskMachineCore.job"="0x3C2F4950E2264790D59060D8E227A50E0A14B12748FED877327D23F2705D49BD994EC2547B5A32705CE0B3314B2CB6502A83ED1D2AB5B3974276B07E50C99F49"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
"BonanzaDealsLiveUpdateTaskMachineCore.job.fp"="2740844538"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
"BonanzaDealsLiveUpdateTaskMachineUA.job"="0xCDA7C986DF3324A578419E5007405A094B6FF9D6A66CB41AF55AD78F59541023F2AB30CF9FAF4516850A7BDCE324968F549ECFD3F47D96411DBD0DD2DE998792"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
"BonanzaDealsLiveUpdateTaskMachineUA.job.fp"="2995067139"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
"InstallSource"="C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
"Publisher"="BonanzaDeals"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals\Uninstall Bonanza Deals.lnk
C:\Program Files (x86)\BonanzaDeals\uninst.exe
"
===================== Suchergebnis für "DigitalSite" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
"DigitalSite.job"="0x5BC96C3FD3EFBCE457CD007D746254E0402A618BD1E60266408091EE2A8F52BD5DBF5D99FF503987FAA6825B69F904D7D3820A687D2A0CD217A1F122201E3BC4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
"DigitalSite.job.fp"="191857599"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite]
"DisplayIcon"="C:\Users\Schilling Family\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite]
"UninstallString"="C:\Users\Schilling Family\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe /Uninstall"
===================== Suchergebnis für "PDF Reader Packages" ==========
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDF Reader Packages]
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDF Reader Packages]
"DisplayIcon"="C:\Users\Schilling Family\AppData\Roaming\0D0S1L2Z1P1B\PDF Reader Packages\uninstaller.exe"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDF Reader Packages]
"UninstallString"="C:\Users\Schilling Family\AppData\Roaming\0D0S1L2Z1P1B\PDF Reader Packages\uninstaller.exe /Uninstall /NM="PDF Reader Packages" /AN="0D0S1L2Z1P1B" /MBN="PDF Reader Packages""
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDF Reader Packages]
"DisplayName"="PDF Reader Packages"
[HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDF Reader Packages]
"UninstallerPath"="C:\Users\Schilling Family\AppData\Roaming\0D0S1L2Z1P1B\PDF Reader Packages"
===================== Suchergebnis für "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} " ==========
====== Ende von Suche ======
|
|
10.04.2023, 20:06
| #20 |
| /// TB-Ausbilder | MFResident-20230328-55 Wir entfernen noch einiges mit FRST. Die Bereinigung wird vermutlich einige Minuten dauern, bitte gedulde dich. Schritt 1 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Skript ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!
|
|
10.04.2023, 20:57
| #21 |
| | MFResident-20230328-55 jupp, kommt hier Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-04-2023
durchgeführt von Eltern (10-04-2023 21:20:49) Run:1
Gestartet von C:\Users\Eltern\Downloads
Geladene Profile: Schilling Family & Eltern & Henrike & DefaultAppPool
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\APPDATALOW\SOFTWARE\CONDUIT
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\APPDATALOW\SOFTWARE\CONDUIT
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\CONDUIT
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003_CLASSES\WOW6432NODE\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SUGGESTMEYES.SUGGESTMEYESBHO
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SUGGESTMEYES.SUGGESTMEYESBHO.1
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\COMPLITLY
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\COMPLITLY
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\METACRAWLER
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\DOMSTORAGE\SUPERFISH.COM
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\DOMSTORAGE\WWW.SUPERFISH.COM
HKLM-x32\...\Run: [BCU] => "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" (Keine Datei)
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmprph.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Roxio Central 4\Plugins\Launch.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\Setup_wm.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\VPREVIEW.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\ChessBase\ChessProgram12\ChessProgram12.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\MSACCESS.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Internet Explorer <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpsideshowgadget.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Sidebar <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\downloads\minecraft (1).exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnetwk.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\program files (x86)\adobe\reader 10.0\reader\eula.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Roxio Central 4\RoxioCentralFx.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmlaunch.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Media Import 11\MediaCapture11.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmprph.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpsideshowgadget.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\program files (x86)\java\jre7\bin\javaw.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\Wordconv.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\Setup_wm.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpconfig.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\downloads\minecraft.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\desktop\minecraft (1).exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\GRAPH.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpshare.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\XLICONS.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\PPTICO.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmplayer.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\WORDICON.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Creator Classic 11\Creator11.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Sidebar <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Retrieve 11\Launch_Retrieve.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmlaunch.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Retrieve 11\Retrieve11.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpconfig.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Defender <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpenc.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\OIS.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\desktop\minecraft.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Internet Explorer <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Users\Schilling Family\AppData\Local\Google\Chrome\Application\chrome.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpshare.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpenc.exe <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
GroupPolicyUsers\S-1-5-21-607273383-903765569-4108737559-1004\User: Beschränkung <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
Task: {0BBB9B25-3E0B-41C4-8417-BC0AA3E8469A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Keine Datei)
Task: {0D20E039-9151-46FD-B974-33451D8D8893} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Keine Datei)
Task: {0D32098A-3809-485B-B4B1-FB99532A9F8A} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {0F32F71B-0E80-453C-84AA-62B937EFC571} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Keine Datei)
Task: {16715D28-05B1-4839-82FC-3FBDE0233F64} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Keine Datei)
Task: {22BE8BFB-1E32-4605-8FE7-032BE3370959} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Keine Datei)
Task: {2C9910E7-21E4-4BC3-A649-8476A15F8916} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {2C9A41E5-EAA4-47BD-A47C-649959DD4C96} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Keine Datei)
Task: {2D4F42E6-6553-4563-A4DA-5C64C00F3A24} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Keine Datei)
Task: {2F254FB2-238A-4DDD-BB1A-5CD7BD36CFB9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Keine Datei)
Task: {308E3245-B76B-4F4C-9420-DC711CD8B6AA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Keine Datei)
Task: {45381A70-9F15-40C7-9DAB-84FE23E9CA62} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Keine Datei)
Task: {479F023B-EDFA-4153-B8AB-686E66D34909} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Keine Datei)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {48A446E7-59BC-49E8-B070-033DCC730F02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2015-08-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5288861F-AA80-42F5-965F-271A29651414} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {57B8B6B7-8B6E-4186-94DF-1155B3FB3CF1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Keine Datei)
Task: {57F6E612-D826-46E6-86F9-C9951328AFB3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {62AB03D9-9674-4F82-9B03-79854C0C4188} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {68A2DC77-4326-45B0-A2EB-FC0A3F784C40} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6CE9B4C3-7B27-4764-9B0A-152BBAECC232} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6F37C2F7-DADB-49AE-A204-2C9AD19C6CFE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {71C3C4D2-0F58-4A47-A69A-D46E959D7336} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Keine Datei)
Task: {71D74DD1-F182-473C-A98A-587C247548CF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {73A44D9D-5152-45D9-B5ED-09FE3C3EA042} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Keine Datei)
Task: {801268F4-4131-4543-95C3-8B78C47D63B5} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {84608AB1-FDFC-4CBE-9B6E-87A86EC99DCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Keine Datei)
Task: {88F5F492-6208-4730-A9B2-F754D5D964BB} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A644AF47-F72C-415B-87DA-AC26713AA924} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Keine Datei)
Task: {A764CB31-E10A-4748-87C2-78B1A074C2C5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AE3B097F-0458-44AD-B075-30716ECFED1E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B48C01BC-3898-4438-ACBC-3CBB676128C9} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Keine Datei)
Task: {BC82C7F7-E333-4612-B4DA-B144C7B04EC6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Keine Datei)
Task: {C81A5F30-FAB1-46FE-8C78-248273597C96} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C9CE2E2F-74C8-4420-A9A6-6C5270140972} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Keine Datei)
Task: {CC1E0B3B-991C-48FD-A12D-87AD1C6A5AB4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CEC66727-43C2-4046-877F-5E52D2579E6A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Keine Datei)
Task: {D4B27E49-E70B-42CF-9F59-391892C74007} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D8373EC5-C2D0-47AA-A6E5-134DB4404626} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Keine Datei)
Task: {D8BBE133-E46B-46C1-91B4-19BE93F6CB55} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Keine Datei)
Task: {E32C8471-92F1-4FDE-B901-8FB47EC87899} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FCAE2C9E-7790-484C-B719-C3622CADC1D6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Keine Datei)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
FF user.js: detected! => C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default\user.js [2015-09-30]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
CHR HKLM\...\Chrome\Extension: [doobfiogmfmpjnoofjhhgjehmlofngfp] - C:\Users\Schilling Family\AppData\Local\metacrawler-speeddial.crx <nicht gefunden>
CHR HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [doobfiogmfmpjnoofjhhgjehmlofngfp] - C:\Users\SCHILL~1\AppData\Local\metacrawler-speeddial.crx <nicht gefunden>
CHR HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\Schilling Family\AppData\Roaming\SpeedanAlysis\speedanalysis.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [doobfiogmfmpjnoofjhhgjehmlofngfp] - C:\Users\Schilling Family\AppData\Local\metacrawler-speeddial.crx <nicht gefunden>
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2015-08-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 MFLocalService; C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe [54664 2022-04-28] (Shenzhen iMyFone Technology Co., Ltd -> )
VirusTotal: C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
U3 idsvc; kein ImagePath
2015-07-14 15:52 - 2013-06-26 13:51 - 000884736 _____ () C:\Program Files (x86)\vkaraoke.exe
2020-05-12 20:16 - 2020-05-12 20:16 - 000000008 _____ () C:\Users\Eltern\AppData\Roaming\com.silhouettesoftware.id
AV: Kaspersky Total Security (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Total Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\ChromeHTML: -> C:\Users\Eltern\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.83\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Eltern\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7b8281b05742e423\Google Chrome.lnk -> C:\Users\Eltern\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
HKU\S-1-5-21-607273383-903765569-4108737559-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=fe28521d0000000000001c6f653e2346
HKU\S-1-5-21-607273383-903765569-4108737559-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-607273383-903765569-4108737559-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
HKU\S-1-5-21-607273383-903765569-4108737559-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-607273383-903765569-4108737559-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com
HKU\S-1-5-21-607273383-903765569-4108737559-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
URLSearchHook: HKU\S-1-5-21-607273383-903765569-4108737559-1001 - (Kein Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - Keine Datei
URLSearchHook: HKU\S-1-5-21-607273383-903765569-4108737559-1001 - (Kein Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Keine Datei
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> DefaultScope {122F3846-0AE4-492e-81DE-906A0C4A482E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> {122F3846-0AE4-492e-81DE-906A0C4A482E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> {80C392F7-933D-4333-97C9-6836482FE614} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=fe28521d0000000000001c6f653e2346&r=378
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> DefaultScope {F81C3B13-EB13-4784-AD06-5308BBD978DA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> {F81C3B13-EB13-4784-AD06-5308BBD978DA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
Toolbar: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> Kein Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
C:\Users\AllUserName\Downloads\*CHIP-Installer*.exe
C:\Windows\Applian FLV Player Setup Log.txt
C:\Windows\Applian FLV Player Uninstall Log.txt
C:\Windows\System32\Tasks_Migrated\BonanzaDealsUpdate
C:\Users\Schilling Family\Desktop\Applian FLV Player.lnk
C:\Users\Schilling Family\Desktop\FLVPlayer*.exe
C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian FLV Player.lnk
C:\Windows\Applian FLV Player
C:\Users\Schilling Family\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_de.softonic.com_0.indexeddb.leveldb
C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default\storage\default\https+++de.softonic.com
C:\Users\Eltern\AppData\Local\VirtualStore\Program Files (x86)\jZip
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Wow6432Node\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E199F2ADCDD7B24FACE7487A990F9CD
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\DeviceVM
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\DeviceVM
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\DeviceVM
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\GreenTree Applications
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\GreenTree Applications
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\"Software\jZip
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-607273383-903765569-4108737559-1004\Software\Complitly
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6FD161C-99C2-4ED9-A337-EB9C5F9CBD83}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner Toolbar
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-607273383-903765569-4108737559-1003\Software\FLV_Runner
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6FD161C-99C2-4ED9-A337-EB9C5F9CBD83}
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Wow6432Node\CLSID\{07CEA379-7178-4758-9C80-969876E32395}
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Wow6432Node\CLSID\{3bbd3c14-4c16-4989-8366-95bc9179779d}
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-607273383-903765569-4108737559-1004\Software\FLV_Runner
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite
DeleteKey: HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDF Reader Packages
C:\Users\Schilling Family\AppData\Roaming\0D0S1L2Z1P1B
startpowershell:
Function Remove-all-windefend-excludes {
$Paths=(Get-MpPreference).ExclusionPath
$Extensions=(Get-MpPreference).ExclusionExtension
$Processes=(Get-MpPreference).ExclusionProcess
foreach ($Path in $Paths) { Remove-MpPreference -ExclusionPath $Path -force}
foreach ($Extension in $Extensions) { Remove-MpPreference -ExclusionExtension $Extension -force}
foreach ($Process in $Processes) { Remove-MpPreference -ExclusionProcess $Process -force}
}
Set-MpPreference -DisableAutoExclusions $true -Force
Remove-all-windefend-excludes
endpowershell:
CMD: netsh winsock reset
CMD: netsh int ip reset
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winhttp reset proxy
CMD: Bitsadmin /Reset /Allusers
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
Hosts:
RemoveProxy:
EmptyTemp:
End::
*****************
SystemRestore: On => abgeschlossen
Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozesse erfolgreich geschlossen.
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} => nicht gefunden
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\APPDATALOW\SOFTWARE\CONDUIT => nicht gefunden
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\APPDATALOW\SOFTWARE\CONDUIT => nicht gefunden
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\CONDUIT => nicht gefunden
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003_CLASSES\WOW6432NODE\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SUGGESTMEYES.SUGGESTMEYESBHO => nicht gefunden
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SUGGESTMEYES.SUGGESTMEYESBHO.1 => nicht gefunden
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\COMPLITLY => nicht gefunden
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\COMPLITLY => nicht gefunden
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\METACRAWLER => nicht gefunden
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\DOMSTORAGE\SUPERFISH.COM => nicht gefunden
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\DOMSTORAGE\WWW.SUPERFISH.COM => nicht gefunden
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCU" => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmprph.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Roxio Central 4\Plugins\Launch.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\Setup_wm.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\VPREVIEW.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\ChessBase\ChessProgram12\ChessProgram12.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnscfg.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\MSACCESS.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Internet Explorer <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpsideshowgadget.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Sidebar <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\downloads\minecraft (1).exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnetwk.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\program files (x86)\adobe\reader 10.0\reader\eula.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Roxio Central 4\RoxioCentralFx.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmlaunch.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Media Import 11\MediaCapture11.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmprph.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpsideshowgadget.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\program files (x86)\java\jre7\bin\javaw.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\Wordconv.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\Setup_wm.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpconfig.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnscfg.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\downloads\minecraft.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\desktop\minecraft (1).exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\GRAPH.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpshare.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\XLICONS.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\PPTICO.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmplayer.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\WORDICON.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Creator Classic 11\Creator11.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Sidebar <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnscfg.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Retrieve 11\Launch_Retrieve.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmlaunch.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnscfg.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Retrieve 11\Retrieve11.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpconfig.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Defender <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpenc.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\OIS.EXE <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\desktop\minecraft.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Internet Explorer <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Users\Schilling Family\AppData\Local\Google\Chrome\Application\chrome.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpshare.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpenc.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => Wert erfolgreich wiederhergestellt
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => Wert erfolgreich wiederhergestellt
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => erfolgreich entfernt
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\User => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-607273383-903765569-4108737559-1004\User => erfolgreich verschoben
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BBB9B25-3E0B-41C4-8417-BC0AA3E8469A}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BBB9B25-3E0B-41C4-8417-BC0AA3E8469A}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D20E039-9151-46FD-B974-33451D8D8893}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D20E039-9151-46FD-B974-33451D8D8893}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D32098A-3809-485B-B4B1-FB99532A9F8A}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D32098A-3809-485B-B4B1-FB99532A9F8A}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => nicht gefunden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F32F71B-0E80-453C-84AA-62B937EFC571}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F32F71B-0E80-453C-84AA-62B937EFC571}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16715D28-05B1-4839-82FC-3FBDE0233F64}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16715D28-05B1-4839-82FC-3FBDE0233F64}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\StartRecording => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22BE8BFB-1E32-4605-8FE7-032BE3370959}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22BE8BFB-1E32-4605-8FE7-032BE3370959}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C9910E7-21E4-4BC3-A649-8476A15F8916}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9910E7-21E4-4BC3-A649-8476A15F8916}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2C9A41E5-EAA4-47BD-A47C-649959DD4C96}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9A41E5-EAA4-47BD-A47C-649959DD4C96}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D4F42E6-6553-4563-A4DA-5C64C00F3A24}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D4F42E6-6553-4563-A4DA-5C64C00F3A24}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F254FB2-238A-4DDD-BB1A-5CD7BD36CFB9}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F254FB2-238A-4DDD-BB1A-5CD7BD36CFB9}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{308E3245-B76B-4F4C-9420-DC711CD8B6AA}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{308E3245-B76B-4F4C-9420-DC711CD8B6AA}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45381A70-9F15-40C7-9DAB-84FE23E9CA62}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45381A70-9F15-40C7-9DAB-84FE23E9CA62}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{479F023B-EDFA-4153-B8AB-686E66D34909}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{479F023B-EDFA-4153-B8AB-686E66D34909}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControlsMigration" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48A446E7-59BC-49E8-B070-033DCC730F02}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48A446E7-59BC-49E8-B070-033DCC730F02}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5288861F-AA80-42F5-965F-271A29651414}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5288861F-AA80-42F5-965F-271A29651414}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57B8B6B7-8B6E-4186-94DF-1155B3FB3CF1}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57B8B6B7-8B6E-4186-94DF-1155B3FB3CF1}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57F6E612-D826-46E6-86F9-C9951328AFB3}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57F6E612-D826-46E6-86F9-C9951328AFB3}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControls" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{62AB03D9-9674-4F82-9B03-79854C0C4188}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62AB03D9-9674-4F82-9B03-79854C0C4188}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68A2DC77-4326-45B0-A2EB-FC0A3F784C40}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68A2DC77-4326-45B0-A2EB-FC0A3F784C40}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CE9B4C3-7B27-4764-9B0A-152BBAECC232}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CE9B4C3-7B27-4764-9B0A-152BBAECC232}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F37C2F7-DADB-49AE-A204-2C9AD19C6CFE}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F37C2F7-DADB-49AE-A204-2C9AD19C6CFE}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71C3C4D2-0F58-4A47-A69A-D46E959D7336}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71C3C4D2-0F58-4A47-A69A-D46E959D7336}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71D74DD1-F182-473C-A98A-587C247548CF}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71D74DD1-F182-473C-A98A-587C247548CF}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73A44D9D-5152-45D9-B5ED-09FE3C3EA042}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73A44D9D-5152-45D9-B5ED-09FE3C3EA042}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{801268F4-4131-4543-95C3-8B78C47D63B5}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{801268F4-4131-4543-95C3-8B78C47D63B5}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\MobilePC\HotStart => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84608AB1-FDFC-4CBE-9B6E-87A86EC99DCE}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84608AB1-FDFC-4CBE-9B6E-87A86EC99DCE}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88F5F492-6208-4730-A9B2-F754D5D964BB}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88F5F492-6208-4730-A9B2-F754D5D964BB}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A644AF47-F72C-415B-87DA-AC26713AA924}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A644AF47-F72C-415B-87DA-AC26713AA924}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A764CB31-E10A-4748-87C2-78B1A074C2C5}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A764CB31-E10A-4748-87C2-78B1A074C2C5}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\AutoWake => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE3B097F-0458-44AD-B075-30716ECFED1E}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE3B097F-0458-44AD-B075-30716ECFED1E}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B48C01BC-3898-4438-ACBC-3CBB676128C9}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B48C01BC-3898-4438-ACBC-3CBB676128C9}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC82C7F7-E333-4612-B4DA-B144C7B04EC6}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC82C7F7-E333-4612-B4DA-B144C7B04EC6}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C81A5F30-FAB1-46FE-8C78-248273597C96}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C81A5F30-FAB1-46FE-8C78-248273597C96}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9CE2E2F-74C8-4420-A9A6-6C5270140972}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9CE2E2F-74C8-4420-A9A6-6C5270140972}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC1E0B3B-991C-48FD-A12D-87AD1C6A5AB4}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC1E0B3B-991C-48FD-A12D-87AD1C6A5AB4}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEC66727-43C2-4046-877F-5E52D2579E6A}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEC66727-43C2-4046-877F-5E52D2579E6A}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4B27E49-E70B-42CF-9F59-391892C74007}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4B27E49-E70B-42CF-9F59-391892C74007}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8373EC5-C2D0-47AA-A6E5-134DB4404626}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8373EC5-C2D0-47AA-A6E5-134DB4404626}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8BBE133-E46B-46C1-91B4-19BE93F6CB55}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8BBE133-E46B-46C1-91B4-19BE93F6CB55}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E32C8471-92F1-4FDE-B901-8FB47EC87899}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E32C8471-92F1-4FDE-B901-8FB47EC87899}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCAE2C9E-7790-484C-B719-C3622CADC1D6}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCAE2C9E-7790-484C-B719-C3622CADC1D6}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => erfolgreich entfernt
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => erfolgreich verschoben
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => erfolgreich entfernt
C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default\user.js => erfolgreich verschoben
"HKLM\Software\Mozilla\Firefox\Extensions\\light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com" => erfolgreich entfernt
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru" => erfolgreich entfernt
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com" => erfolgreich entfernt
HKLM\SOFTWARE\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp => erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon => erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\doobfiogmfmpjnoofjhhgjehmlofngfp => erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\AdobeFlashPlayerUpdateSvc => erfolgreich entfernt
AdobeFlashPlayerUpdateSvc => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\MFLocalService => erfolgreich entfernt
MFLocalService => Dienst erfolgreich entfernt
VirusTotal: C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe => https://www.virustotal.com/gui/file/fdb9fec2a2809b72c4897955eaa4b960bbc46c183ee15ed706f66db4e3d46484/detection/f-fdb9fec2a2809b72c4897955eaa4b960bbc46c183ee15ed706f66db4e3d46484-1680756022
HKLM\System\CurrentControlSet\Services\epp => erfolgreich entfernt
epp => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\idsvc => erfolgreich entfernt
idsvc => Dienst erfolgreich entfernt
C:\Program Files (x86)\vkaraoke.exe => erfolgreich verschoben
C:\Users\Eltern\AppData\Roaming\com.silhouettesoftware.id => erfolgreich verschoben
"AV: Kaspersky Total Security (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}" => erfolgreich entfernt
"AV: Kaspersky Total Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}" => erfolgreich entfernt
"AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}" => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\ChromeHTML => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E} => erfolgreich entfernt
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => erfolgreich entfernt
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => erfolgreich entfernt
"BVTFilter" => erfolgreich entfernt
"BVTConsumer" => erfolgreich entfernt
C:\Users\Eltern\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7b8281b05742e423\Google Chrome.lnk => Verknüpfung Eigenschaft erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" => Wert erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" => Wert erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1003\Software\Microsoft\Internet Explorer\Main\\"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" => Wert erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1003\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" => Wert erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004\Software\Microsoft\Internet Explorer\Main\\"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" => Wert erfolgreich wiederhergestellt
HKU\S-1-5-21-607273383-903765569-4108737559-1004\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" => Wert erfolgreich wiederhergestellt
"HKU\S-1-5-21-607273383-903765569-4108737559-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}" => erfolgreich entfernt
"HKU\S-1-5-21-607273383-903765569-4108737559-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{1392b8d2-5c05-419f-a8f6-b9f15a596612}" => erfolgreich entfernt
"HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{122F3846-0AE4-492e-81DE-906A0C4A482E} => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80C392F7-933D-4333-97C9-6836482FE614} => erfolgreich entfernt
"HKU\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => erfolgreich entfernt
HKU\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F81C3B13-EB13-4784-AD06-5308BBD978DA} => erfolgreich entfernt
"HKU\S-1-5-21-607273383-903765569-4108737559-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1392B8D2-5C05-419F-A8F6-B9F15A596612}" => erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000} => erfolgreich entfernt
=========== "C:\Users\ProgramData\Downloads\*CHIP-Installer*.exe" ==========
nicht gefunden
========= Ende -> "C:\Users\ProgramData\Downloads\*CHIP-Installer*.exe" ========
=========== "C:\Users\Default\Downloads\*CHIP-Installer*.exe" ==========
nicht gefunden
========= Ende -> "C:\Users\Default\Downloads\*CHIP-Installer*.exe" ========
=========== "C:\Users\Default.migrated\Downloads\*CHIP-Installer*.exe" ==========
nicht gefunden
========= Ende -> "C:\Users\Default.migrated\Downloads\*CHIP-Installer*.exe" ========
=========== "C:\Users\DefaultAppPool\Downloads\*CHIP-Installer*.exe" ==========
nicht gefunden
========= Ende -> "C:\Users\DefaultAppPool\Downloads\*CHIP-Installer*.exe" ========
=========== "C:\Users\Eltern\Downloads\*CHIP-Installer*.exe" ==========
nicht gefunden
========= Ende -> "C:\Users\Eltern\Downloads\*CHIP-Installer*.exe" ========
=========== "C:\Users\Henrike\Downloads\*CHIP-Installer*.exe" ==========
nicht gefunden
========= Ende -> "C:\Users\Henrike\Downloads\*CHIP-Installer*.exe" ========
=========== "C:\Users\Public\Downloads\*CHIP-Installer*.exe" ==========
nicht gefunden
========= Ende -> "C:\Users\Public\Downloads\*CHIP-Installer*.exe" ========
=========== "C:\Users\Schilling Family\Downloads\*CHIP-Installer*.exe" ==========
nicht gefunden
========= Ende -> "C:\Users\Schilling Family\Downloads\*CHIP-Installer*.exe" ========
C:\Windows\Applian FLV Player Setup Log.txt => erfolgreich verschoben
C:\Windows\Applian FLV Player Uninstall Log.txt => erfolgreich verschoben
C:\Windows\System32\Tasks_Migrated\BonanzaDealsUpdate => erfolgreich verschoben
C:\Users\Schilling Family\Desktop\Applian FLV Player.lnk => erfolgreich verschoben
=========== "C:\Users\Schilling Family\Desktop\FLVPlayer*.exe" ==========
C:\Users\Schilling Family\Desktop\FLVPlayerSetup-2.0.25.exe => erfolgreich verschoben
C:\Users\Schilling Family\Desktop\FLVPlayerSetup-2.0.25[1].exe => erfolgreich verschoben
========= Ende -> "C:\Users\Schilling Family\Desktop\FLVPlayer*.exe" ========
C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian FLV Player.lnk => erfolgreich verschoben
C:\Windows\Applian FLV Player => erfolgreich verschoben
C:\Users\Schilling Family\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_de.softonic.com_0.indexeddb.leveldb => erfolgreich verschoben
C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default\storage\default\https+++de.softonic.com => erfolgreich verschoben
C:\Users\Eltern\AppData\Local\VirtualStore\Program Files (x86)\jZip => erfolgreich verschoben
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\AppDataLow\Software\Freecorder => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Wow6432Node\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C} => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E199F2ADCDD7B24FACE7487A990F9CD => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\DeviceVM => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC} => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\DeviceVM => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\DeviceVM => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\GreenTree Applications => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\GreenTree Applications => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\"Software\jZip => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-607273383-903765569-4108737559-1004\Software\Complitly => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6FD161C-99C2-4ED9-A337-EB9C5F9CBD83} => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner Toolbar => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-607273383-903765569-4108737559-1003\Software\FLV_Runner => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6FD161C-99C2-4ED9-A337-EB9C5F9CBD83} => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Wow6432Node\CLSID\{07CEA379-7178-4758-9C80-969876E32395} => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Classes\Wow6432Node\CLSID\{3bbd3c14-4c16-4989-8366-95bc9179779d} => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-607273383-903765569-4108737559-1004\Software\FLV_Runner => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite => erfolgreich entfernt
HKEY_USERS\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDF Reader Packages => erfolgreich entfernt
"C:\Users\Schilling Family\AppData\Roaming\0D0S1L2Z1P1B" => nicht gefunden
========= Powershell: =========
Set-MpPreference : Fehler beim Vorgang: 0x800106ba. Vorgang: Set-MpPreference. Ziel: DisableAutoExclusions.
In C:\FRST\tmp000.ps1:9 Zeichen:1
+ Set-MpPreference -DisableAutoExclusions $true -Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],
CimException
+ FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
========= Ende von Powershell: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
========= netsh int ip reset =========
Depotweiterleitung wird zurckgesetzt... OK
Depot wird zurckgesetzt... OK
Steuerungsprotokoll wird zurckgesetzt... OK
Echosequenzanforderung wird zurckgesetzt... OK
Global wird zurckgesetzt... OK
Schnittstelle wird zurckgesetzt... OK
Anycastadresse wird zurckgesetzt... OK
Multicastadresse wird zurckgesetzt... OK
Unicastadresse wird zurckgesetzt... OK
Nachbar wird zurckgesetzt... OK
Pfad wird zurckgesetzt... OK
Potentiell wird zurckgesetzt... OK
Pr„fixrichtlinie wird zurckgesetzt... OK
Proxynachbar wird zurckgesetzt... OK
Route wird zurckgesetzt... OK
Standordpr„fix wird zurckgesetzt... OK
Unterschnittstelle wird zurckgesetzt... OK
Reaktivierungsmuster wird zurckgesetzt... OK
Nachbar aufl”sen wird zurckgesetzt... OK
wird zurckgesetzt... OK
wird zurckgesetzt... OK
wird zurckgesetzt... OK
wird zurckgesetzt... OK
wird zurckgesetzt... Fehler
Zugriff verweigert
wird zurckgesetzt... OK
wird zurckgesetzt... OK
wird zurckgesetzt... OK
wird zurckgesetzt... OK
wird zurckgesetzt... OK
wird zurckgesetzt... OK
wird zurckgesetzt... OK
wird zurckgesetzt... OK
Starten Sie den Computer neu, um die Aktion abzuschlieáen.
========= Ende von CMD: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh advfirewall reset =========
OK.
========= Ende von CMD: =========
========= netsh advfirewall set allprofiles state ON =========
OK.
========= Ende von CMD: =========
========= netsh winhttp reset proxy =========
Aktuelle WinHTTP-Proxyeinstellungen:
DirectAccess (kein Proxyserver).
========= Ende von CMD: =========
========= Bitsadmin /Reset /Allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
{7A0A5293-1993-402E-A26B-A33E5DE38040} canceled.
{AE1FD68E-B593-4B45-B17E-5B57A18CC756} canceled.
2 out of 2 jobs canceled.
========= Ende von CMD: =========
========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========
Fehler: Die Leistungsindikatoreinstellung konnte nicht aus dem Systemsicherungsspeicher neu erstellt werden. Fehlercode: 2.
========= Ende von CMD: =========
========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========
Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========
========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========
Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========
========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========
Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-607273383-903765569-4108737559-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-607273383-903765569-4108737559-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
========= Ende von RemoveProxy: =========
=========== EmptyTemp: ==========
FlushDNS => abgeschlossen
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 287472075 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 689506 B
Windows/system/drivers => 3640080 B
Edge => 5824319 B
Chrome => 1020445330 B
Firefox => 873015515 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 13848 B
ProgramData => 13848 B
Public => 13848 B
systemprofile => 13848 B
systemprofile32 => 13848 B
LocalService => 130206 B
NetworkService => 50449066 B
Schilling Family => 262511272 B
Eltern => 636411246 B
Henrike => 637025641 B
DefaultAppPool => 637039489 B
RecycleBin => 634413009 B
EmptyTemp: => 4.7 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 21:33:22 ====
|
|
11.04.2023, 09:51
| #22 |
| /// TB-Ausbilder | MFResident-20230328-55 Vielen Dank, das sieht gut aus.  Wie läuft das System? Gibt es noch Probleme mit "MFResident"? Schritt 1
Schritt 2 Führe SecurityCheck (SC) gemäß der bebilderten Anleitung aus und füge die Logdatei als Anhang hinzu. Bitte poste mit deiner nächsten Antwort:
|
Lesestoff:
Linear-Darstellung
