ok, das Konto hat jetzt Adminrechte. Seitdem tauchen die pop up Fenster nicht mehr auf
FRST Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06-04-2023
durchgeführt von Eltern (Administrator) auf SCHILLINGFAMILY (Gigabyte Technology Co., Ltd. GA-890GPA-UD3H) (08-04-2023 22:28:10)
Gestartet von C:\Users\Eltern\Downloads
Geladene Profile: Schilling Family & Eltern
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2728 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\MFResident.exe
(C:\Program Files (x86)\DataCardService\HWDeviceService64.exe ->) (Huawei Technologies Co.,Ltd. -> Huawei Technologies Co., Ltd.) C:\Program Files (x86)\DataCardService\DCSHelper.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\112.0.1722.34\identity_helper.exe
(DeviceVM Inc. -> DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe <2>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe <2>
(Huawei Technologies Co.,Ltd. -> ) C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (DeviceVM Inc. -> DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(services.exe ->) (Huawei Technologies Co.,Ltd. -> ) C:\Program Files (x86)\DataCardService\HWDeviceService64.exe
(services.exe ->) (JMicron Technology Corp. -> ) C:\Windows\SysWOW64\XSrvSetup.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <3>
(services.exe ->) (Shenzhen iMyFone Technology Co., Ltd -> ) C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe
(services.exe ->) (Silhouette Research & Technology Ltd -> ) C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe <2>
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [BCU] => C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [375000 2009-10-15] (DeviceVM Inc. -> DeviceVM, Inc.)
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmprph.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Roxio Central 4\Plugins\Launch.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\Setup_wm.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\VPREVIEW.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\ChessBase\ChessProgram12\ChessProgram12.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\MSACCESS.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Internet Explorer <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpsideshowgadget.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Sidebar <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\downloads\minecraft (1).exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnetwk.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\program files (x86)\adobe\reader 10.0\reader\eula.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Roxio Central 4\RoxioCentralFx.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmlaunch.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Media Import 11\MediaCapture11.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmprph.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpsideshowgadget.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\program files (x86)\java\jre7\bin\javaw.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\Wordconv.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\Setup_wm.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpconfig.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\downloads\minecraft.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\desktop\minecraft (1).exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\GRAPH.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpshare.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\XLICONS.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\PPTICO.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmplayer.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\WORDICON.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Creator Classic 11\Creator11.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Sidebar <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Retrieve 11\Launch_Retrieve.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmlaunch.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpnscfg.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Roxio WinOnCD 2009\Retrieve 11\Retrieve11.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpconfig.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Defender <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Windows Media Player\wmpenc.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files (x86)\Microsoft Office\Office14\OIS.EXE <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: c:\users\henrike\desktop\minecraft.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Internet Explorer <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Users\Schilling Family\AppData\Local\Google\Chrome\Application\chrome.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpshare.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1004 Group Policy restriction on software: C:\Program Files\Windows Media Player\wmpenc.exe <==== ACHTUNG
HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\Run: [Google Update] => C:\Users\Schilling Family\AppData\Local\Google\Update\1.3.36.201\GoogleUpdateCore.exe [223000 2023-04-08] (Google LLC -> Google LLC)
HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Run: [Google Update] => C:\Users\Eltern\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2022-08-29] (Google LLC -> Google LLC)
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Eltern\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] (Amazon Services LLC -> )
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Run: [MicrosoftEdgeAutoLaunch_EB8D6C06E991CEDBC9E4E65F13805E5D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4140496 2023-04-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-607273383-903765569-4108737559-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-607273383-903765569-4108737559-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-607273383-903765569-4108737559-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM\...\Windows x64\Print Processors\Canon iP4300 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD86.DLL [27136 2006-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX520 series: C:\WINDOWS\system32\CNCALBO.DLL [303104 2012-09-21] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP4300: C:\WINDOWS\system32\CNMLM86.DLL [234496 2006-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX520 series: C:\WINDOWS\system32\CNMLMBO.DLL [390656 2012-09-20] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-07-31] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\Eltern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-01-04]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2014-04-08]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
GroupPolicyUsers\S-1-5-21-607273383-903765569-4108737559-1004\User: Beschränkung <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BBB9B25-3E0B-41C4-8417-BC0AA3E8469A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Keine Datei)
Task: {0D20E039-9151-46FD-B974-33451D8D8893} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Keine Datei)
Task: {0D32098A-3809-485B-B4B1-FB99532A9F8A} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {0F32F71B-0E80-453C-84AA-62B937EFC571} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Keine Datei)
Task: {16715D28-05B1-4839-82FC-3FBDE0233F64} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Keine Datei)
Task: {1C55A462-FD73-403B-A09F-984CB07A8C39} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003UA => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {22BE8BFB-1E32-4605-8FE7-032BE3370959} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Keine Datei)
Task: {2C9910E7-21E4-4BC3-A649-8476A15F8916} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {2C9A41E5-EAA4-47BD-A47C-649959DD4C96} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Keine Datei)
Task: {2D4F42E6-6553-4563-A4DA-5C64C00F3A24} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Keine Datei)
Task: {2F254FB2-238A-4DDD-BB1A-5CD7BD36CFB9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Keine Datei)
Task: {308E3245-B76B-4F4C-9420-DC711CD8B6AA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Keine Datei)
Task: {355E2600-47CE-46FE-9A7E-1F5F735531F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {45381A70-9F15-40C7-9DAB-84FE23E9CA62} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Keine Datei)
Task: {479F023B-EDFA-4153-B8AB-686E66D34909} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Keine Datei)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {48A446E7-59BC-49E8-B070-033DCC730F02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2015-08-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4FEE6216-5B1C-4CCD-B930-8E7E961AED44} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001Core => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-07-14] (Google Inc -> Google Inc.)
Task: {5235F070-0423-4841-A880-4C5C6E95D792} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5288861F-AA80-42F5-965F-271A29651414} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {540F9B5D-6DB9-4419-8E0B-36E4220B76D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001UA => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-07-14] (Google Inc -> Google Inc.)
Task: {57B8B6B7-8B6E-4186-94DF-1155B3FB3CF1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Keine Datei)
Task: {57F6E612-D826-46E6-86F9-C9951328AFB3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BE104DB-21E9-45AE-90C2-1E8585816213} - \MetaCrawler -> Keine Datei <==== ACHTUNG
Task: {60E899E7-67BD-4316-94B1-5F9C60C66F8F} - \BonanzaDealsLiveUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
Task: {62AB03D9-9674-4F82-9B03-79854C0C4188} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {68A2DC77-4326-45B0-A2EB-FC0A3F784C40} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6CE9B4C3-7B27-4764-9B0A-152BBAECC232} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6F37C2F7-DADB-49AE-A204-2C9AD19C6CFE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {6F47A56B-CADB-4C5E-B30B-85487FC6CC88} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003Core => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {71C3C4D2-0F58-4A47-A69A-D46E959D7336} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Keine Datei)
Task: {71D74DD1-F182-473C-A98A-587C247548CF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {73A44D9D-5152-45D9-B5ED-09FE3C3EA042} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Keine Datei)
Task: {801268F4-4131-4543-95C3-8B78C47D63B5} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {83C55439-989B-45A6-A08E-F552847E1327} - \DigitalSite -> Keine Datei <==== ACHTUNG
Task: {84608AB1-FDFC-4CBE-9B6E-87A86EC99DCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Keine Datei)
Task: {88F5F492-6208-4730-A9B2-F754D5D964BB} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {89AA7B43-6F43-4665-B455-35250B2775B6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001Core1d36619e3cf49df => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-07-14] (Google Inc -> Google Inc.)
Task: {964B9BE3-0E0D-4477-9935-97A3378361C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9B5544EC-58CA-4789-AAD4-BC7E3AC6823A} - \BonanzaDealsLiveUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {A25CFF11-8701-4725-B4FF-B3E3A26322F7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001UA1d36619e3f56ec3 => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-07-14] (Google Inc -> Google Inc.)
Task: {A62B6259-A517-463A-87F7-5AC214BA12C1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003UA1d264fa72e45b7c => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {A644AF47-F72C-415B-87DA-AC26713AA924} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Keine Datei)
Task: {A764CB31-E10A-4748-87C2-78B1A074C2C5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AE3B097F-0458-44AD-B075-30716ECFED1E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B48C01BC-3898-4438-ACBC-3CBB676128C9} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Keine Datei)
Task: {BC82C7F7-E333-4612-B4DA-B144C7B04EC6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Keine Datei)
Task: {C5CFDFCD-19A8-459D-B137-419863D933E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C81A5F30-FAB1-46FE-8C78-248273597C96} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C9CE2E2F-74C8-4420-A9A6-6C5270140972} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Keine Datei)
Task: {CC1E0B3B-991C-48FD-A12D-87AD1C6A5AB4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CEC66727-43C2-4046-877F-5E52D2579E6A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Keine Datei)
Task: {D4B27E49-E70B-42CF-9F59-391892C74007} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D8373EC5-C2D0-47AA-A6E5-134DB4404626} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Keine Datei)
Task: {D8BBE133-E46B-46C1-91B4-19BE93F6CB55} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Keine Datei)
Task: {E32C8471-92F1-4FDE-B901-8FB47EC87899} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E9EB6BC0-96CB-4A0D-888D-CE6AD2CFAA11} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {EEF562D5-1A49-4011-9839-10FE2C739B33} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003Core1d264fa72b23a21 => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {FCAE2C9E-7790-484C-B719-C3622CADC1D6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Keine Datei)
Task: {FD4F3315-361A-4584-98C3-A29243C37660} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\DigitalSite.job => C:\Users\SCHILL~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001Core.job => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001UA.job => C:\Users\Schilling Family\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003Core.job => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1003UA.job => C:\Users\Eltern\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
Task: C:\WINDOWS\Tasks\MetaCrawler.job => C:\Users\SCHILL~1\AppData\Roaming\METACR~1\UPDATE~1\UPDATE~1.EXE
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1533b570-916a-43ef-a95f-2771cf3347c2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{63e8b743-5869-48f3-b34a-8f4038bdaffe}: [NameServer] 10.74.210.210 10.74.210.211
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Eltern\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-08]
Edge Extension: (Edge relevant text changes) - C:\Users\Eltern\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-08]
FireFox:
========
FF ProfilePath: C:\Users\Eltern\AppData\Roaming\Nvu\Profiles\l9ncqul6.default [2012-11-29]
FF ProfilePath: C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default [2019-03-30]
FF user.js: detected! => C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default\user.js [2015-09-30]
FF Extension: (Telemetry coverage) - C:\Users\Eltern\AppData\Roaming\Mozilla\Firefox\Profiles\usq5npzx.default\features\{8be4ee0a-5a7c-4dfc-b1a8-b23c5451a190}\telemetry-coverage-bug1487578@mozilla.org.xpi [2019-03-30] []
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\Schilling Family\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: (SpeedAnalysis.com) - C:\Users\Schilling Family\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013-04-02] [] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF HKU\S-1-5-21-607273383-903765569-4108737559-1001\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\Schilling Family\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-03-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.) [Datei ist nicht signiert]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC) [Datei ist nicht signiert]
FF Plugin HKU\S-1-5-21-607273383-903765569-4108737559-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll [2012-12-07] (Amazon.com, Inc.) [Datei ist nicht signiert]
FF Plugin HKU\S-1-5-21-607273383-903765569-4108737559-1003: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Eltern\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon Services LLC -> Amazon.com, Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-10-06] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-10-06] <==== ACHTUNG
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default [2023-04-08]
CHR Notifications: Default -> hxxp://kleinanzeigen.ebay.de; hxxps://de10.forgeofempires.com; hxxps://lichess.org; hxxps://www.ebay.de
CHR Extension: (FoE - Helfer) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkagcmloachflbbkfmfiggipaelfamdf [2023-03-26]
CHR Extension: (Complitly plugin for chrome) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda [2014-04-12] [UpdateUrl:hxxp://www.predictad.com/update/chrome/?si=28188&ver=1.1] <==== ACHTUNG
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-03-26]
CHR Extension: (Google Docs Offline) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR HKLM\...\Chrome\Extension: [doobfiogmfmpjnoofjhhgjehmlofngfp] - C:\Users\Schilling Family\AppData\Local\metacrawler-speeddial.crx [2013-11-16]
CHR HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [doobfiogmfmpjnoofjhhgjehmlofngfp] - C:\Users\SCHILL~1\AppData\Local\metacrawler-speeddial.crx [2013-11-16]
CHR HKU\S-1-5-21-607273383-903765569-4108737559-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\Schilling Family\AppData\Roaming\SpeedanAlysis\speedanalysis.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx [2012-05-28]
CHR HKLM-x32\...\Chrome\Extension: [doobfiogmfmpjnoofjhhgjehmlofngfp] - C:\Users\Schilling Family\AppData\Local\metacrawler-speeddial.crx [2013-11-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
StartMenuInternet: Google Chrome - C:\Users\Schilling Family\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.Eltern - C:\Users\Eltern\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2015-08-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-07-04] (Bayerisches Landesamt fuer Steuern -> )
S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] (Giga-Byte Technology -> )
R2 HWDeviceService64.exe; C:\Program Files (x86)\DatacardService\HWDeviceService64.exe [351888 2016-03-24] (Huawei Technologies Co.,Ltd. -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682072 2015-07-06] (Huawei Technologies Co.,Ltd. -> )
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] (JMicron Technology Corp. -> )
R2 MFLocalService; C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe [54664 2022-04-28] (Shenzhen iMyFone Technology Co., Ltd -> )
S4 Roxio UPnP Renderer 11; C:\Program Files (x86)\Roxio WinOnCD 2009\Digital Home 11\RoxioUPnPRenderer11.exe [313840 2008-08-14] (Sonic Solutions -> Sonic Solutions)
S4 Roxio Upnp Server 11; C:\Program Files (x86)\Roxio WinOnCD 2009\Digital Home 11\RoxioUpnpService11.exe [367088 2008-08-14] (Sonic Solutions -> Sonic Solutions)
S4 RoxMediaDB11; C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [1122304 2009-01-09] (Sonic Solutions) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [226976 2023-03-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SilhouetteLink; C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe [897200 2016-12-06] (Silhouette Research & Technology Ltd -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 gdrv; C:\Windows\gdrv.sys [25640 2023-04-08] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-02-08] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49608 2023-03-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [495896 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-04-08 22:37 - 2023-04-08 22:37 - 000000000 ____D C:\Users\Schilling Family\AppData\Roaming\com.adobe.dunamis
2023-04-08 22:37 - 2023-04-08 22:37 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\SolidDocuments
2023-04-08 22:37 - 2023-04-08 22:37 - 000000000 ____D C:\Users\Schilling Family\.ms-ad
2023-04-08 22:14 - 2023-04-08 22:14 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\D3DSCache
2023-04-08 19:09 - 2023-04-08 21:03 - 000079412 _____ C:\Users\Eltern\Downloads\Addition.txt
2023-04-08 19:04 - 2023-04-08 22:35 - 000044115 _____ C:\Users\Eltern\Downloads\FRST.txt
2023-04-08 19:03 - 2023-04-08 22:33 - 000000000 ____D C:\FRST
2023-04-08 19:01 - 2023-04-08 19:02 - 002379776 _____ (Farbar) C:\Users\Eltern\Downloads\FRST64.exe
2023-04-08 00:27 - 2023-04-08 22:19 - 113508352 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-04-08 00:11 - 2023-04-08 00:27 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-03-18 17:05 - 2023-03-18 17:05 - 000000000 ___HD C:\$WinREAgent
2023-03-09 23:24 - 2023-03-09 23:24 - 000000000 ____D C:\Users\Eltern\AppData\Local\SolidDocuments
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-04-08 22:39 - 2017-12-29 01:39 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\Packages
2023-04-08 22:39 - 2016-07-14 19:02 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\Publishers
2023-04-08 22:39 - 2012-05-05 20:54 - 000002590 _____ C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-08 22:39 - 2012-05-05 20:54 - 000002553 _____ C:\Users\Schilling Family\Desktop\Google Chrome.lnk
2023-04-08 22:37 - 2021-06-21 11:40 - 000004190 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{715B1F11-FA8F-4631-820D-9B3102438278}
2023-04-08 22:37 - 2021-06-21 10:59 - 000000000 ____D C:\Users\Schilling Family
2023-04-08 22:37 - 2012-05-05 20:55 - 000000000 ____D C:\Users\Schilling Family\AppData\Roaming\Adobe
2023-04-08 22:36 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-08 22:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-08 22:31 - 2021-06-21 11:40 - 000004234 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001UA1d36619e3f56ec3
2023-04-08 22:31 - 2021-06-21 11:40 - 000003966 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-607273383-903765569-4108737559-1001Core1d36619e3cf49df
2023-04-08 22:25 - 2017-12-28 22:49 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-08 22:24 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-04-08 22:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-08 22:20 - 2021-06-21 11:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-08 22:20 - 2012-05-05 21:40 - 000025640 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2023-04-08 22:19 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-04-08 22:18 - 2021-06-21 11:40 - 000003398 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-607273383-903765569-4108737559-1001
2023-04-08 22:18 - 2021-06-21 10:59 - 000002457 _____ C:\Users\Schilling Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-08 22:18 - 2016-07-14 19:09 - 000000000 ___RD C:\Users\Schilling Family\OneDrive
2023-04-08 22:13 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-08 22:12 - 2018-01-01 16:22 - 000000000 ___RD C:\Users\Schilling Family\3D Objects
2023-04-08 22:12 - 2017-11-25 20:14 - 000000000 ____D C:\Users\Schilling Family\AppData\Local\ConnectedDevicesPlatform
2023-04-08 22:12 - 2015-09-10 07:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-04-08 21:03 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-04-08 20:49 - 2014-03-03 21:44 - 000000000 ____D C:\Program Files (x86)\Motorola Mobility
2023-04-08 20:49 - 2012-05-05 21:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-04-08 20:21 - 2012-06-14 08:40 - 000000000 ____D C:\Users\Schilling Family\AppData\Roaming\DVDVideoSoft
2023-04-08 17:47 - 2023-01-24 22:03 - 000000000 ____D C:\Users\Eltern\AppData\Local\CrashDumps
2023-04-07 22:32 - 2021-06-21 10:56 - 000002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-07 22:32 - 2021-06-21 10:56 - 000002234 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-04-07 22:28 - 2012-05-06 09:23 - 000002540 _____ C:\Users\Eltern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-07 22:28 - 2012-05-06 09:23 - 000002503 _____ C:\Users\Eltern\Desktop\Google Chrome.lnk
2023-04-07 22:27 - 2021-06-21 11:40 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{7B8873E7-2F6A-4D04-BC4D-C1178DC4E0A8}
2023-04-07 22:26 - 2021-12-11 16:19 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-607273383-903765569-4108737559-1003
2023-04-07 22:26 - 2021-06-21 11:40 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-607273383-903765569-4108737559-1003
2023-04-07 22:26 - 2021-06-21 10:59 - 000002443 _____ C:\Users\Eltern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-04 23:44 - 2021-06-21 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-04 21:51 - 2021-06-24 07:57 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-04 21:51 - 2021-06-24 07:57 - 000003662 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7667dcba7b542
2023-04-02 11:37 - 2021-06-21 11:15 - 001917326 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-02 11:37 - 2019-12-07 16:51 - 000820884 _____ C:\WINDOWS\system32\perfh007.dat
2023-04-02 11:37 - 2019-12-07 16:51 - 000177416 _____ C:\WINDOWS\system32\perfc007.dat
2023-03-28 01:10 - 2018-05-27 22:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-25 15:07 - 2021-06-21 11:40 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-03-25 15:06 - 2023-03-07 09:26 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-03-25 15:06 - 2023-03-07 09:26 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-03-19 01:32 - 2021-06-21 10:50 - 000523208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-19 01:28 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-19 01:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-19 01:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-19 01:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-19 01:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-18 17:41 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-18 17:29 - 2021-06-21 10:55 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-03-18 16:56 - 2013-08-03 13:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-18 16:35 - 2012-05-05 17:39 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-03-09 23:24 - 2012-05-06 09:25 - 000000000 ____D C:\Users\Eltern\AppData\Roaming\Adobe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2015-07-14 15:52 - 2013-06-26 13:51 - 000884736 _____ () C:\Program Files (x86)\vkaraoke.exe
2020-05-12 20:16 - 2020-05-12 20:16 - 000000008 _____ () C:\Users\Eltern\AppData\Roaming\com.silhouettesoftware.id
2012-06-09 15:54 - 2012-06-09 15:54 - 000000000 _____ () C:\Users\Eltern\AppData\Local\rx_image32.Cache
2012-06-02 17:13 - 2012-06-02 17:13 - 000017408 _____ () C:\Users\Eltern\AppData\Local\WebpageIcons.db
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
--- --- ---
08.04.2023, 21:54
Hybrid-Darstellung