Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
MFResident-20230328-55

MFResident-20230328-55


Log-Analyse und Auswertung: MFResident-20230328-55

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 08.04.2023, 20:15   #4
Skipper39
 
MFResident-20230328-55 - Standard

MFResident-20230328-55


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-04-2023
Ran by Schilling Family (08-04-2023 21:00:43)
Running from C:\Users\Eltern\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.2728 (X64) (2021-06-21 09:41:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-607273383-903765569-4108737559-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-607273383-903765569-4108737559-503 - Limited - Disabled)
Eltern (S-1-5-21-607273383-903765569-4108737559-1003 - Limited - Enabled) => C:\Users\Eltern
Gast (S-1-5-21-607273383-903765569-4108737559-501 - Limited - Disabled)
Henrike (S-1-5-21-607273383-903765569-4108737559-1004 - Limited - Enabled) => C:\Users\Henrike
HomeGroupUser$ (S-1-5-21-607273383-903765569-4108737559-1002 - Limited - Enabled)
Schilling Family (S-1-5-21-607273383-903765569-4108737559-1001 - Administrator - Enabled) => C:\Users\Schilling Family
WDAGUtilityAccount (S-1-5-21-607273383-903765569-4108737559-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Total Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.001.20093 - Adobe)
Adobe AIR (HKLM-x32\...\{10166660-0C51-4355-BD74-D4700EFDB83B}) (Version: 28.0.0.127 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced IP Scanner 2.5 (HKLM-x32\...\{804CED37-7CED-45A5-AEC8-0F1F0FEE17E1}) (Version: 2.5.3784 - Famatech)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Drag and Drop Transcoding (HKLM\...\{203DE003-C392-FF19-BCA2-3F775477BC94}) (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Applian FLV Player (HKLM-x32\...\Applian FLV Player2.0.24) (Version: 2.0.24 - Applian Technologies Inc.)
ATI AVIVO64 Codecs (HKLM\...\{33A49BF2-CB4F-5E54-D7F5-25502CAB6B70}) (Version: 11.6.0.50706 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{397878FC-1B1B-EED7-04A8-3184CE494A3B}) (Version: 3.0.782.0 - ATI Technologies, Inc.)
Auto Clicker v6.1 (HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 6.1 - MurGee.com)
AutoGreen B10.0517.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
BlueStacks X (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\BlueStacks X) (Version: 0.18.30.9 - BlueStack Systems, Inc.)
Bonanza Deals (remove only) (HKLM-x32\...\Bonanza Deals) (Version: 5.0.1.0 - Bonanza Deals)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Configuration Utility (HKLM-x32\...\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}) (Version: 1.1.18.0 - DeviceVM Inc.)
BUDNI Fotowelt (HKLM-x32\...\BUDNI Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.7.0.6 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.5.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.6.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.3.0.6 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM-x32\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.9 (HKLM-x32\...\DPP) (Version: 3.9.0.3 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.1.0.4 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (HKLM-x32\...\{87323561-58BA-4D5B-BADA-A791B69D1705}) (Version: 1.00.0000 - ATI) Hidden
ChessBase Reader (HKLM-x32\...\{52A3CA50-6E19-40B2-AD6D-2B7B2D89A8E4}) (Version: 12.44.0.0 - ChessBase)
Complitly (HKLM-x32\...\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1) (Version:  - Complitly)
DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
Easy Tune 6 B10.0516.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
EasySaver B9.1214.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 21.3 - Thüringer Landesfinanzdirektion)
EMC 11 Content (HKLM-x32\...\{21ABEA96-CCAB-4C40-8699-6BDFEC5FD63C}) (Version: 1.1.019 - Ihr Firmenname) Hidden
FastImageResizer (remove only) (HKLM-x32\...\FastImageResizer) (Version:  - )
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
FileZilla Client 3.10.1.1 (HKLM-x32\...\FileZilla Client) (Version: 3.10.1.1 - Tim Kosse)
FLV Runner Toolbar (HKLM-x32\...\FLV_Runner Toolbar) (Version: 6.9.0.16 - FLV Runner)
Fotobuchexpress24 Bestellsoftware (HKLM-x32\...\Fotobuchexpress24) (Version: 4.0 - )
fotofoto Software (HKLM-x32\...\fotofotoSoftware) (Version: 4.0 - )
Free Video Dub version 2.0.21.827 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.827 - DVDVideoSoft Ltd.)
Freecorder 5 (HKLM-x32\...\Freecorder5.11) (Version: 5.11 - Applian Technologies Inc.)
Fritz 12 (HKLM-x32\...\{4F4182DA-3D58-41E3-913D-480F8DA5C863}) (Version: 12.0.0 - ChessBase)
Fritz und Fertig 3 (HKLM-x32\...\Fritz und Fertig 3) (Version:  - )
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Google Chrome (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Chrome (HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Google Chrome) (Version: 112.0.5615.49 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.23.0 - BonanzaDeals) Hidden
Houdini 4 64-bit (HKLM\...\{BD221DF2-6078-42BE-9C09-EF1213E6DEAD}) (Version: 14.2.0.0 - ChessBase)
HydraVision (HKLM-x32\...\{D5134D14-A38D-A217-4310-5C8B6DFA08D0}) (Version: 4.2.174.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.18.55 - Huawei Technologies Co.,Ltd)
Java 8 Update 321 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
jZip (HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\jZip) (Version: 2.0.0.134914 - Bandoo Media Inc)
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
Media Go Video Playback Engine 1.116.101.02020 (HKLM-x32\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.101.02020 - Sony)
Microsoft .NET Framework 4.5.1 (DEU) (HKLM\...\{C513739C-5F16-37B5-9ACF-99925FF1C1F3}) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) (HKLM\...\{25E80DAA-FD87-DCE5-202C-CC02F6673002}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.34 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.34 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (HKLM\...\{90140000-002A-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\OneDriveSetup.exe) (Version: 23.061.0319.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-607273383-903765569-4108737559-1004\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (HKLM\...\{680EDA59-9266-44B4-949E-0C24F65DFF82}) (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (HKLM-x32\...\{E3B64CC5-C011-40C0-92BC-7316CD5E5688}) (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 62.0.2 (x64 de) (HKLM\...\Mozilla Firefox 62.0.2 (x64 de)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC Speed Maximizer v3.2 (HKLM-x32\...\PC Speed Maximizer_is1) (Version: 3.2 - Smart PC Solutions) <==== ATTENTION
PDF Reader (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\PDF Reader) (Version:  - )
PDF Reader Packages (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\PDF Reader Packages) (Version:  - ) <==== ATTENTION
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
Roxio Activation Module (HKLM-x32\...\{1D53B6F9-E66E-42D8-A221-4FF8AC134FD7}) (Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (HKLM-x32\...\{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}) (Version: 1.3.1 - Roxio) Hidden
Roxio CinePlayer (HKLM-x32\...\{AA749D64-3741-4D5F-B804-B0BC05D179D1}) (Version: 5.0 - Roxio) Hidden
Roxio CinePlayer Decoder Pack (HKLM-x32\...\{C0FE37FA-0886-4B66-B01B-76CF70FB77AB}) (Version: 4.3.0 - Roxio) Hidden
Roxio File Backup (HKLM-x32\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.0 - Roxio) Hidden
Roxio Update Manager (HKLM-x32\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio)
Roxio WinOnCD 2009 (HKLM-x32\...\{3383136B-4F86-4F05-8612-DD4BB16A1EAE}) (Version: 4.5.0 - Roxio) Hidden
Roxio WinOnCD 2009 (HKLM-x32\...\{7919D8D9-69FB-4E94-B330-04C4AF251867}) (Version: 11.0 - Roxio)
Roxio WinOnCD 2009 (HKLM-x32\...\{9F8C7AAF-CF7E-4FC9-ADD6-9EAE4304A161}) (Version: 1.1.110 - Roxio) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{97099817-53F1-4CA1-ACEA-DA6D74371689}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{996096F8-956B-41C9-A7E3-9BA1E801014F}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{D505EC85-885F-4BE3-8A89-3EFE4F855692}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version:  - Microsoft) Hidden
Silhouette Link (HKLM-x32\...\{C2136C80-F9D4-4096-86D4-C641BB36DFF3}) (Version: 1.0.096 - Silhouette America)
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.8.0 - SmartSound Software Inc)
Update for PDF Reader (HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\DigitalSite) (Version:  - ) <==== ATTENTION
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSDC Free Video Editor Version 6.4.2.102 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.4.2.102 - Flash-Integro LLC)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
YTD Video Downloader 5.9.13 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.9.13 - GreenTree Applications SRL) <==== ATTENTION

Packages:
=========
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2015-11-12] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\ChromeHTML: -> C:\Users\Schilling Family\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Schilling Family\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Schilling Family\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Schilling Family\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Schilling Family\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc -> Google Inc.)
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\ChromeHTML: -> C:\Users\Eltern\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{1F9E0710-2073-435F-9C1B-F29946205947}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Eltern\AppData\Local\Google\Chrome\Application\112.0.5615.49\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.83\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-607273383-903765569-4108737559-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Eltern\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-04-26] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Schilling Family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Games.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c "start hxxp://socialgames.splashtop.com/gbsp/mb/?p=w"

==================== Loaded Modules (Whitelisted) =============

2009-06-27 10:11 - 2009-06-27 10:11 - 000503202 _____ () [File not signed] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 17:43 - 2015-11-04 17:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-09-20 16:47 - 2012-09-21 06:00 - 000303104 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCALBO.DLL
2015-09-20 16:47 - 2012-09-20 06:00 - 000390656 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMBO.DLL
2014-02-08 16:03 - 2012-07-31 11:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2022-09-17 13:49 - 2022-09-16 17:05 - 000036352 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qdds.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000381952 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qjp2.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000218624 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qmng.dll
2022-09-17 13:51 - 2022-04-12 12:17 - 001269760 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LIBEAY32.dll
2022-09-17 13:51 - 2022-04-12 12:17 - 000276480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\SSLEAY32.dll
2022-09-17 13:51 - 2017-09-14 08:45 - 000037888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\bearer\qgenericbearer.dll
2022-09-17 13:51 - 2017-09-14 08:45 - 000039424 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\bearer\qnativewifibearer.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\iconengines\qsvgicon.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qgif.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000030720 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qicns.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qico.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000243200 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qjpeg.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000018944 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qsvg.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qtga.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000313344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qtiff.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qwbmp.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 000324608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\imageformats\qwebp.dll
2022-09-17 13:49 - 2022-09-16 17:05 - 001012224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\platforms\qwindows.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-607273383-903765569-4108737559-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=fe28521d0000000000001c6f653e2346
HKU\S-1-5-21-607273383-903765569-4108737559-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-607273383-903765569-4108737559-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
HKU\S-1-5-21-607273383-903765569-4108737559-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-607273383-903765569-4108737559-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com
HKU\S-1-5-21-607273383-903765569-4108737559-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
URLSearchHook: HKLM-x32 - (No Name) - {3bbd3c14-4c16-4989-8366-95bc9179779d} - No File
URLSearchHook: HKU\S-1-5-21-607273383-903765569-4108737559-1001 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM Inc. -> DeviceVM, Inc.)
URLSearchHook: HKU\S-1-5-21-607273383-903765569-4108737559-1001 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM Inc. -> DeviceVM, Inc.)
URLSearchHook: HKU\S-1-5-21-607273383-903765569-4108737559-1001 - (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
URLSearchHook: HKU\S-1-5-21-607273383-903765569-4108737559-1001 - (No Name) - {3bbd3c14-4c16-4989-8366-95bc9179779d} - No File
URLSearchHook: HKU\S-1-5-21-607273383-903765569-4108737559-1003 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM Inc. -> DeviceVM, Inc.)
URLSearchHook: HKU\S-1-5-21-607273383-903765569-4108737559-1003 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM Inc. -> DeviceVM, Inc.)
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> DefaultScope {122F3846-0AE4-492e-81DE-906A0C4A482E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> {122F3846-0AE4-492e-81DE-906A0C4A482E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> {80C392F7-933D-4333-97C9-6836482FE614} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=fe28521d0000000000001c6f653e2346&r=378
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> {A000C9A9-4946-4842-88A3-E552A02BCA8E} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3201318
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> DefaultScope {F81C3B13-EB13-4784-AD06-5308BBD978DA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> {CAFC8535-FC41-4BE5-849D-E5224432519B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3201318
SearchScopes: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> {F81C3B13-EB13-4784-AD06-5308BBD978DA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (Canon Inc. -> CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (Canon Inc. -> CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-607273383-903765569-4108737559-1001 -> No Name - {3BBD3C14-4C16-4989-8366-95BC9179779D} -  No File
Toolbar: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} -  No File
Toolbar: HKU\S-1-5-21-607273383-903765569-4108737559-1003 -> No Name - {3BBD3C14-4C16-4989-8366-95BC9179779D} -  No File
Toolbar: HKU\S-1-5-21-607273383-903765569-4108737559-1004 -> No Name - {3BBD3C14-4C16-4989-8366-95BC9179779D} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\DLLShared\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-607273383-903765569-4108737559-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
HKU\S-1-5-21-607273383-903765569-4108737559-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
HKU\S-1-5-21-607273383-903765569-4108737559-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Motorola Device Manager => 2
MSCONFIG\Services: Roxio UPnP Renderer 11 => 3
MSCONFIG\Services: Roxio Upnp Server 11 => 2
MSCONFIG\Services: RoxLiveShare11 => 2
MSCONFIG\Services: RoxMediaDB11 => 3
MSCONFIG\Services: RoxWatch11 => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: Sony PC Companion => 3
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{547E83B5-1313-4049-8C6C-7FEFCE3032C8}C:\users\eltern\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\eltern\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{39484926-44D0-4DAF-B0F8-866441E6D21A}C:\users\eltern\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\eltern\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{25FC2CF9-26C7-4801-865C-540B37D8F053}C:\users\eltern\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eltern\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{AF857C3D-3AD8-4EF9-85EA-8449CCA07F0B}C:\users\eltern\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\eltern\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2967DE4D-3ECD-4166-834C-BAA04DC11964}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe (Silhouette Research & Technology Ltd -> )
FirewallRules: [{DCC44E91-DA96-404D-9C1F-EE280941DD29}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\SilhouetteLinkConsole.exe (Silhouette Research & Technology Ltd -> )
FirewallRules: [{73C5997B-A60F-4423-ABB7-310B58259BC2}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{6E0F8CA7-3119-4E34-8D0F-457FE24884BF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{79C30040-27F1-41BA-9061-5E6863DD79EF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{63D3CFC8-E445-4908-92DE-C1EF9B169D01}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{7AA2976B-1696-433C-951B-3638144151F5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{56DA2F88-0B42-4F5C-9AD1-87CECFB8F21A}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{0427B960-2364-4061-8D5A-B5D5238E0652}] => (Allow) C:\Users\Schilling Family\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{55CD2498-99BC-4878-9393-A93EEEF53276}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe => No File
FirewallRules: [{34FBCA88-D993-4E7D-AE9D-F75335CF1BD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe => No File
FirewallRules: [{75721B46-B736-4981-A30C-9C4A7DFA293F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{25ABFAB1-10A6-4C85-9498-4465BA7A8D25}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{32F2A2BD-95DF-41FB-86E2-E4FA4F05F363}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{22EAF1AB-1A96-40C1-8142-3CEBDF58A647}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{2D4667B5-F3E5-4885-882A-680251907CC5}] => (Allow) F:\o2CD.exe => No File
FirewallRules: [{A1F82616-54EE-4B24-BAF1-9FC9A59E06C9}] => (Allow) F:\o2CD.exe => No File
FirewallRules: [{BC62CBD5-D590-40D7-B254-2F6B63EA0A51}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3207EC1A-AC96-41C7-A43B-E0449E4CFD8C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BB65DA61-3AEF-4723-839F-8614B4B2DCE6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CEF21CCF-81CB-46AF-BF32-D50B57107806}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E7D017EE-5A08-4B83-8ABD-0E231E05E21A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{97EEE3EA-74AC-4C81-A147-4062BE737487}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{27AA07D2-29F9-4C0A-8FA7-D5ACDA31A49C}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe => No File
FirewallRules: [{25F5F1FF-2414-4F37-8B6A-27EAF4331A0D}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe => No File
FirewallRules: [{64711767-0BEA-4E26-93C0-E7067F35F510}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6267537C-2A47-4D0A-855E-11982B6C2CE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{19C62B83-B546-4D25-84EC-CF4188C945BE}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{847E80AE-8076-4540-9C12-38B8CED2229E}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{2C96EF38-3E0E-4B56-BE5F-66C94FBA7BF4}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe => No File
FirewallRules: [UDP Query User{DCAE0FD6-BE9F-423F-9A44-CF663BE220E3}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe => No File
FirewallRules: [{13F44943-2753-4C2C-A854-B02E880FD681}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{1DE1C6EB-EC9E-4562-BAD8-1EF4A6F74758}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{CED1E8BF-8A0D-46A0-8671-8FBC100F75E8}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{23C90C72-420C-4C0A-85BA-B2D6AE6C60ED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{82195564-A0F6-465D-8DB4-102C09B6763D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{BCC5757C-BEA8-4EEF-90D5-F7581CFB61CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{B602402A-086F-4281-B5D3-5862449D5F53}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{31A42FDB-DD04-4C37-A8F1-4208EE877C44}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{76B60587-7B61-4637-BEA2-7CAB8A4B0CB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{189FA84B-B945-43A6-893F-CC12EAE178B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{0E12E48C-5C80-40A2-BA71-1905CEF567CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{9AAB57D9-E18D-48FA-9EF4-83B52D7B34A8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:107.89 GB) (Free:24.31 GB) (23%)

==================== Faulty Device Manager Devices ============

Name: Kaspersky Security Data Escort Adapter #2
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SAMSUNG Electronics Co., Ltd. 
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/08/2023 05:47:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.19041.2673, Zeitstempel: 0x4aa1ce82
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.19041.546, Zeitstempel: 0x564f9f39
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000000ae22
ID des fehlerhaften Prozesses: 0x21e4
Startzeit der fehlerhaften Anwendung: 0x01d96a3116ba964b
Pfad der fehlerhaften Anwendung: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\msvcrt.dll
Berichtskennung: 32924120-d70a-4eee-85c7-e9792f980003
Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel

Error: (04/03/2023 12:37:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31125

Error: (04/03/2023 12:37:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31125

Error: (04/03/2023 12:37:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/03/2023 12:37:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15438

Error: (04/03/2023 12:37:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15438

Error: (04/03/2023 12:37:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2023 11:42:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_WaaSMedicSvc, Version: 10.0.19041.1806, Zeitstempel: 0x7dcad237
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.2130, Zeitstempel: 0xb5ced1c6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000000281da
ID des fehlerhaften Prozesses: 0x858
Startzeit der fehlerhaften Anwendung: 0x01d965462c926a07
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\svchost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: a925920e-ff58-4635-b132-3e66a692e988
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (04/08/2023 08:44:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Manager für heruntergeladene Karten" wurde nicht richtig gestartet.

Error: (04/08/2023 08:39:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Msmq-Listeneradapter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/08/2023 08:39:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Msmq-Listeneradapter erreicht.

Error: (04/08/2023 08:38:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/08/2023 08:38:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (04/08/2023 08:38:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/08/2023 08:38:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetTcpPortSharing" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/08/2023 08:38:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst NetTcpPortSharing erreicht.


Windows Defender:
================
Date: 2023-04-08 20:59:50
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/DownloadSponsor&threatid=311978&enterprise=0
Name: PUADlManager:Win32/DownloadSponsor
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Eltern\Downloads\FastStone Image Viewer - CHIP-Installer (1).exe; file:_C:\Users\Eltern\Downloads\FastStone Image Viewer - CHIP-Installer.exe; file:_C:\Users\Eltern\Downloads\VSDC Free Video Editor - CHIP-Installer (1).exe; file:_C:\Users\Eltern\Downloads\VSDC Free Video Editor - CHIP-Installer.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: SchillingFamily\Eltern
Prozessname: C:\Users\Eltern\Downloads\FRST64.exe
Sicherheitsversion: AV: 1.387.403.0, AS: 1.387.403.0, NIS: 1.387.403.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4

Date: 2023-04-08 20:59:49
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/DownloadSponsor&threatid=311978&enterprise=0
Name: PUADlManager:Win32/DownloadSponsor
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Eltern\Downloads\FastStone Image Viewer - CHIP-Installer (1).exe; file:_C:\Users\Eltern\Downloads\FastStone Image Viewer - CHIP-Installer.exe; file:_C:\Users\Eltern\Downloads\VSDC Free Video Editor - CHIP-Installer (1).exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: SchillingFamily\Eltern
Prozessname: C:\Users\Eltern\Downloads\FRST64.exe
Sicherheitsversion: AV: 1.387.403.0, AS: 1.387.403.0, NIS: 1.387.403.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4

Date: 2023-04-08 20:59:32
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/CandyOpen&threatid=311936&enterprise=0
Name: PUABundler:Win32/CandyOpen
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Eltern\Downloads\FreeAudioDub.exe; file:_C:\Users\Eltern\Downloads\FreeStudio.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: SchillingFamily\Eltern
Prozessname: C:\Users\Eltern\Downloads\FRST64.exe
Sicherheitsversion: AV: 1.387.403.0, AS: 1.387.403.0, NIS: 1.387.403.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4

Date: 2023-04-08 20:59:29
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/DownloadSponsor&threatid=311978&enterprise=0
Name: PUADlManager:Win32/DownloadSponsor
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Eltern\Downloads\FastStone Image Viewer - CHIP-Installer (1).exe; file:_C:\Users\Eltern\Downloads\FastStone Image Viewer - CHIP-Installer.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: SchillingFamily\Eltern
Prozessname: C:\Users\Eltern\Downloads\FRST64.exe
Sicherheitsversion: AV: 1.387.403.0, AS: 1.387.403.0, NIS: 1.387.403.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4

Date: 2023-04-08 20:58:30
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/OutBrowse&threatid=207835&enterprise=0
Name: SoftwareBundler:Win32/OutBrowse
Schweregrad: Hoch
Kategorie: Softwarebundler
Pfad: file:_C:\Program Files (x86)\FLV PlayerFCSetup.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: SchillingFamily\Schilling Family
Prozessname: C:\Users\Eltern\Downloads\FRST64.exe
Sicherheitsversion: AV: 1.387.403.0, AS: 1.387.403.0, NIS: 1.387.403.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4
Event[0]:

Date: 2023-02-14 22:12:26
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.381.3589.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x8050a003
Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support". 

Date: 2023-02-14 22:12:26
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.381.3589.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x8050a003
Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support". 

Date: 2023-02-14 22:12:26
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.381.3589.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x8050a003
Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support". 

Date: 2023-02-14 22:10:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.381.3495.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x80070102
Fehlerbeschreibung: Der Wartevorgang wurde abgebrochen. 

Date: 2023-02-14 22:10:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.381.3495.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x80070102
Fehlerbeschreibung: Der Wartevorgang wurde abgebrochen. 

CodeIntegrity:
===============
Date: 2023-04-02 11:55:38
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-04-02 11:42:03
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2023-03-19 23:21:24
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-01-12 23:00:54
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-11 00:26:40
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-11 00:13:09
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

BIOS: Award Software International, Inc. FD 07/23/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-890GPA-UD3H
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 40%
Total physical RAM: 8189.55 MB
Available physical RAM: 4864.76 MB
Total Virtual: 16381.55 MB
Available Virtual: 12716.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:107.89 GB) (Free:24.31 GB) (Model: WDC WD6400AAKS-65A7B2 ATA Device) NTFS
Drive d: () (Fixed) (Total:97.56 GB) (Free:25.19 GB) (Model: WDC WD6400AAKS-65A7B2 ATA Device) NTFS
Drive e: () (Fixed) (Total:0 GB) (Free:0 GB) (Model: WDC WD6400AAKS-65A7B2 ATA Device) 
Drive f: (ELM327 software) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
Drive g: (System) (Fixed) (Total:232.88 GB) (Free:44.68 GB) (Model: ST3250823AS ATA Device) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{dbb0575c-96c5-11e1-b743-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: E419C3C7)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=0F Extended)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 973E7CF0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=390.6 GB) - (Type=06)
Partition 4: (Not Active) - (Size=107.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
--- --- ---
 

Themen zu MFResident-20230328-55
adobe, antivirus, backdoor, computer, defender, desktop, excel, flash player, google, home, installation, internet, internet explorer, kaspersky, mfresident-20230328-55, mozilla, port, prozesse, realtek, registry, scan, sekunden, software, temp, udp, windows


« Trojan.Win32.Hosts2.gen virus erkannt! | Windows 10: Trojan:HTML/Phish.VS!MSR durch Windows Defender in Download-Ordner gefunden »


Zum Thema MFResident-20230328-55 - FRST Additions Logfile: Code: Alles auswählen Aufklappen ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-04-2023 Ran by Schilling Family (08-04-2023 21:00:43) Running from C:\Users\Eltern\Downloads Microsoft Windows - MFResident-20230328-55...
Archiv
Du betrachtest: MFResident-20230328-55 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131