| |
| |||||||
Log-Analyse und Auswertung: Kleiner Check nach ProblemenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.01.2025, 19:07
| #1 |
 |  Kleiner Check nach Problemen Hallo zusammmen, vor einigen Tagen war mein Nachbar mit ihrer Tochter bei mir zu Besuch. Während sich die Erwachsenen unterhielten, war das Kind am Rechner beschäftigt. Womöglich hat si etwas "falsches" heruntergeladen oder eine "falsche" Seite angeklickt. Seitdem habe ich kleine Probleme an meinem Rechner. Bitte um einen Check. Log-Dateien unten aufgeführt. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-01-2025
Ran by ali_b (administrator) on DESKTOP-G9F6VUF (HP HP Pavilion Gaming Desktop TG01-2xxx) (04-01-2025 20:43:08)
Running from C:\Users\ali_b\OneDrive\Desktop\FRST64.exe
Loaded Profiles: ali_b
Platform: Microsoft Windows 10 Home Single Language Version 22H2 19045.5247 (X64) Language: Türkçe (Türkiye)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <4>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe <2>
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.24.167.1\extnhost\mc-extn-browserhost.exe <2>
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Corsair Components, Inc. -> Corsair Components, Inc.) D:\Corsair\HeadsetControlPanel.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2412.1001.22.0_x64__8wekyb3d8bbwe\XboxPcTray.exe
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVerMedia TECHNOLOGIES, INC. -> AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7aa6ca9dbb25bff8\jhi_service.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.24.167.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdc.inf_amd64_a40f4449e80e2ef2\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee, LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.24.167.1\neo\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2412.1001.22.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2410.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2021-08-17] (Corel Corporation -> WinZip Computing, S.L.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3138560 2023-01-11] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [851928 2022-08-22] (DIVX LLC -> DivX, LLC)
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => D:\Corsair\HeadsetControlPanel.exe [2918152 2014-08-18] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [Steam] => D:\Steam\steam.exe [4412512 2024-12-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [MicrosoftEdgeAutoLaunch_51FA75F58421240AA0A293AA15CB097C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-12-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe (No File)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3412576 2024-12-13] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [AF_uuid_234330] => d4f7da7a-d797-4176-a386-5fec04ee2cd6************46b4245a-c31a-4602-a0ec- (No File)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [AF_counter_234330] => 2 (No File)
HKLM\...\Windows x64\Print Processors\Canon E410 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDJ.DLL [30720 2016-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor E410 series: C:\windows\system32\CNMLMDJ.DLL [484352 2016-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-19] (Google LLC -> Google LLC)
Startup: C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar51.lnk [2022-10-20]
ShortcutTarget: Sidebar51.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2021-11-17]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {78E27041-221F-45F8-A8F5-49AB69825A6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {C0EAA437-8301-4C1D-945C-899517B64543} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68056 2022-08-22] (DIVX LLC -> DivX, LLC)
Task: {A7111BA1-F206-4679-AF01-7EDF6F13553B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{A1AFB225-0428-438B-996F-598D610CF758} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {5D809019-F36D-493C-A9D9-0054FFE71904} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003528 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {4F3AABC6-B020-43B1-8794-B9AFF82F0F38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2024-12-17] (HP Inc. -> HP Inc.)
Task: {A6609191-D1EE-401A-AA74-20E6E8CCD986} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1170440 2024-12-17] (HP Inc. -> HP Inc.)
Task: {AD82DDD8-5796-4C93-83E0-04094F10B304} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {468AF0B8-2014-467D-9AFC-A1147BD6B701} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60880 2024-01-11] (HP Inc. -> HP Inc.)
Task: {9F877C7A-1F31-4068-A057-0D1FDDB30703} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60880 2024-01-11] (HP Inc. -> HP Inc.)
Task: {DA8EF575-95C5-48AD-84EA-E28F48D59260} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {E43E5C55-AD00-44CA-8BA5-F1D8633FEE41} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {C5EBE2E7-0B1F-4703-8E3D-506864F41145} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {F271E4B9-7A19-495E-826B-571100331DAF} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {0E7FF967-2796-42C0-9C63-09C441EB0FA6} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\WPS\1.24.167.1\sustainability\mc-sustainability.exe [958176 2024-12-13] (McAfee, LLC -> McAfee, LLC)
Task: {B59C9093-C3B7-47A0-8851-40DABBEC383C} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.24.167.1\dad\mc-dad.exe [2675552 2024-12-13] (McAfee, LLC -> McAfee, LLC)
Task: {46CF7393-6C83-4E1D-8058-AD83F45B5BF6} - System32\Tasks\McAfee\WPS\McAfee Message Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {C4996C94-77BA-4956-B3AD-F78EDEEDBCA6} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {47656533-BCCF-496A-B499-6672877A6D42} - System32\Tasks\McAfee\WPS\McAfee restart of PC => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {218666F2-3D00-4968-BBC4-310321DC3E93} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {C172D237-DC51-422F-A701-28750BE6ADD2} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {8E846341-9E64-4222-B1EE-E661B3F0FF22} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.24.167.1\mc-update.exe [3334032 2024-12-13] (McAfee, LLC -> McAfee, LLC)
Task: {4CEDEB0A-2F7C-4AB6-BF5D-5E4E60AB45BA} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {8D3BE26D-EAE8-4DB3-93AD-F0EDF8C077C3} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\WPS\1.24.167.1\mc-wns-client\mc-wns-client.exe [935976 2024-12-13] (McAfee, LLC -> )
Task: {9775EF85-B731-4072-81D2-4680D73B151C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {26C874DE-4FC9-497A-B93E-501877604CA8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {85FF0D1E-9B07-406E-9969-3BFD9200B68B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9CBF4A2-358C-4B88-B289-F83B6ADC1834} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F341FDE9-05AB-466C-A462-4B7D9A885537} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [186992 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A68A726-B324-4ED6-9C74-CD84DE1795E4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {623171E2-B004-4A3B-94EF-84D681CEE192} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7F50C329-4BB3-4ABD-A8D1-DF6AFD44FFC3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E188BE51-54AC-4EE5-9B5B-104C040596CB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {1DA2BBBB-9B85-4FBC-95D0-F95C91BF0F0F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E60514E-D189-4AD6-9BAD-739927AA163C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C8A76CC-D931-42D4-B8E3-0761B9CF76D1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7695B6A-A684-4E9F-95B5-F86E97CC3642} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC6C9388-409D-4CA6-83AE-E039626D2226} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB931CC0-D2AD-4520-B52D-8CD6AE66503C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F4D703A-C94E-4052-BA65-23D9EAF783A8} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [71632 2024-12-13] (HP Inc. -> HP Inc.)
Task: {C710B4A4-CA98-495C-8492-8CAD3E8B0CA5} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [71632 2024-12-13] (HP Inc. -> HP Inc.)
Task: {F744ECEB-D9E7-46D6-B832-BA7E18E4ECB8} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [67024 2024-12-13] (HP Inc. -> HP Inc.)
Task: {9F8AA907-34C2-4CB7-A270-7E63A1941A58} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [67024 2024-12-13] (HP Inc. -> HP Inc.)
Task: {95555EF2-DCB7-4B03-AC36-84D011DC3104} - System32\Tasks\RtkAudUService64_BG => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {556583BC-8B96-4062-B360-D82C3064F9D3} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [152048 2022-11-18] (HP Inc. -> HP Inc.)
Task: {9AD9E7D8-868F-47EF-861E-535BB14C96C4} - System32\Tasks\Telemetry update-S-1-5-21-3460174932 => C:\ProgramData\Local\Microsoft\Windows\Telemetry\wlanext32.exe (No File) <==== ATTENTION
Task: {30FA7B8E-509A-406F-9B4A-DFA9FCA7547A} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
Task: {329931A7-F5F8-49AF-A150-0C7BB3D0C83D} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
Task: {005D1EB9-B0FF-4842-A973-A6737FA50DB3} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{507b289c-f15b-41df-bf8f-4bbaa984ed9c}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{b65a5150-3e30-4e18-99b9-9f5bdf3ce9e0}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-04]
Edge DownloadDir: Default -> C:\Users\ali_b\OneDrive\Desktop
Edge HomePage: Default -> hxxp://www.google.de/
Edge StartupUrls: Default -> "hxxp://search.mpc.am/"
Edge Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cdbkakmeogejmlpgioplhjkaablahbmj [2024-02-15]
Edge Extension: (McAfee® WebAdvisor) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2024-12-21]
Edge Extension: (Google Dokümanlar Çevrimdışı) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-21]
Edge Extension: (Adblock Plus - ücretsiz reklam engelleyici) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-12-21]
Edge Extension: (AdGuard VPN — ücretsiz ve güvenli proxy) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hhdobjgopfphlmjbmnpglhfcgppchgje [2024-12-31]
Edge Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ighhnpmaabelnfcbbkijikgghajbiaml [2024-02-15]
Edge Extension: (Edge relevant text changes) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-15]
Edge Extension: (ZenMate Ücretsiz VPN - Edge için En İyi VPN) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kepdippgcikacmcdaijnponnfgljfbea [2024-02-15]
Edge Extension: (AdBlock — en iyi reklam engelleyici) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-12-21]
Edge Extension: (AdGuard Reklam Engelleyici) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2024-12-31]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2024-03-25] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-13] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default [2025-01-01]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-01-01]
CHR Extension: (McAfee® Web Boost) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\klekeajafkkpokaofllcadenjdckhinm [2023-05-18]
CHR Extension: (Online Security) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2024-04-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-16]
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-17]
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-01-04]
CHR Notifications: Profile 1 -> hxxps://www.tahtakaledenal.com
CHR HomePage: Profile 1 -> hxxp://www.google.de/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.de/"
CHR Extension: (AdGuard Werbeblocker) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2024-12-27]
CHR Extension: (Touch VPN – Kostenloses VPN und kostenloser Proxy) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2023-09-27]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-12-18]
CHR Extension: (Adblock für Youtube™) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2024-12-24]
CHR Extension: (Adblock Ad Blocker Pro) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dgjbaljgolmlcmmklmmeafecikidmjpi [2024-12-19]
CHR Extension: (VPN Kostenlos ZenMate - Free VPN für Chrome) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2024-05-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-12-20]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-12-18]
CHR Extension: (Adblock Unlimited - Adblocker) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jiaopkfkampgnnkckajcbdgannoipcne [2024-07-06]
CHR Extension: (Avengers Assemble) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kaplllhgohhnjpfldlglneignfjlenac [2021-11-16]
CHR Extension: (McAfee® Web Boost) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klekeajafkkpokaofllcadenjdckhinm [2022-11-11]
CHR Extension: (Kostenloses VPN für Chrome - VPN Proxy VeePN) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2025-01-04]
CHR Extension: (Microsoft 365) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2023-12-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-16]
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
Yandex:
=======
YAN Profile: C:\Users\ali_b\AppData\Local\Yandex\YandexBrowser\User Data\Default [2024-08-02]
YAN DownloadDir: C:\Users\ali_b\OneDrive\Desktop
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [1930848 2018-03-31] (AVerMedia TECHNOLOGIES, INC. -> AVerMedia TECHNOLOGIES, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512888 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19068000 2024-12-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\AppHelperCap.exe [912480 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\DiagsCap.exe [910944 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe [906848 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe [755152 2023-10-19] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-11] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe [911480 2024-11-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446360 2022-04-27] (Canon Inc. -> )
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.24.167.1\mc-fw-host.exe [2592000 2024-12-13] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.24.167.1\mc-update.exe [3334032 2024-12-13] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [926176 2024-12-13] (McAfee, LLC -> McAfee, LLC)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\windows\System32\DriverStore\FileRepository\nvhdc.inf_amd64_a40f4449e80e2ef2\Display.NvContainer\NVDisplay.Container.exe [1275432 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVer330USB; C:\windows\system32\DRIVERS\AVer330USB.sys [1551616 2015-04-09] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 CorsairAudioFilter; C:\windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-14] (Corsair Components, Inc. -> Corsair Components, Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
R2 HpReadHWData; C:\windows\system32\drivers\HpReadHWData.sys [57952 2024-12-13] (HP Inc. -> Windows (R) Win 7 DDK provider)
S0 mfeelam; C:\windows\System32\DRIVERS\mfeelam.sys [19536 2024-12-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> McAfee, LLC)
R0 mfesec; C:\windows\System32\DRIVERS\mfesec.sys [76000 2024-12-13] (McAfee, LLC -> McAfee, LLC)
R1 rtf64; C:\windows\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 ViGEmBus; C:\windows\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [22104 2024-11-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [606624 2024-11-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-20] (Microsoft Windows -> Microsoft Corporation)
U4 Sense; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-04 20:43 - 2025-01-04 20:43 - 000038860 _____ C:\Users\ali_b\OneDrive\Desktop\FRST.txt
2025-01-04 20:42 - 2025-01-04 20:43 - 000000000 ____D C:\FRST
2025-01-04 20:42 - 2025-01-04 20:42 - 002403840 _____ (Farbar) C:\Users\ali_b\OneDrive\Desktop\FRST64.exe
2025-01-03 21:50 - 2025-01-03 21:50 - 000000446 _____ C:\Users\ali_b\OneDrive\Desktop\Backup-codes-cananbirol34.txt
2025-01-03 07:06 - 2025-01-03 07:06 - 000021202 _____ C:\Users\ali_b\AppData\Local\recently-used.xbel
2025-01-02 19:31 - 2025-01-02 19:56 - 000001361 _____ C:\Users\ali_b\OneDrive\Desktop\FreemakeVC.exe.lnk
2025-01-02 14:41 - 2025-01-02 14:41 - 000001529 _____ C:\Users\ali_b\OneDrive\Desktop\DaVinci Resolve.lnk
2025-01-02 14:40 - 2025-01-02 14:41 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2025-01-02 14:40 - 2025-01-02 14:40 - 000000000 ____D C:\ProgramData\Blackmagic Design
2025-01-02 14:39 - 2025-01-02 14:39 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2025-01-02 02:59 - 2025-01-02 02:59 - 000000000 ____D C:\ProgramData\Freemake
2025-01-02 02:35 - 2025-01-02 02:35 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\edcf
2025-01-02 02:17 - 2025-01-04 01:07 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Any Video Converter
2025-01-02 02:17 - 2025-01-02 02:20 - 000000000 ____D C:\Users\ali_b\OneDrive\Dokumente\Any Video Converter
2025-01-02 02:17 - 2025-01-02 02:17 - 000000036 _____ C:\Users\ali_b\AppData\Local\_LOCAL_GUID
2025-01-02 02:17 - 2025-01-02 02:17 - 000000000 ____H C:\Users\ali_b\MJKJRegInfo_JSOIGNLOFVI6W4DODRL5DLLUHYENUXTM
2025-01-02 02:15 - 2025-01-02 02:15 - 000001124 _____ C:\Users\ali_b\OneDrive\Desktop\Any Video Converter.lnk
2025-01-02 02:15 - 2025-01-02 02:15 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvsoft
2025-01-02 02:15 - 2025-01-02 02:15 - 000000000 ____D C:\Program Files\Anvsoft
2025-01-02 01:28 - 2025-01-02 01:28 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\ufcphsom
2025-01-02 01:21 - 2025-01-02 01:54 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\XMedia Recode
2025-01-02 01:04 - 2025-01-02 01:04 - 000000000 ____D C:\Users\ali_b\downloadtemp
2025-01-02 01:04 - 2025-01-02 01:04 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\TSHelpService
2025-01-02 01:04 - 2025-01-02 01:04 - 000000000 ____D C:\Users\ali_b\AppData\Local\HitPawCNV
2025-01-02 01:03 - 2025-01-02 01:28 - 000000000 ____D C:\Users\ali_b\AppData\Local\HitPaw Software
2025-01-02 01:02 - 2025-01-02 01:28 - 000000000 ____D C:\Program Files (x86)\HitPaw
2025-01-02 00:39 - 2025-01-02 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2024-12-31 20:58 - 2025-01-01 22:58 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\obs-studio
2024-12-31 17:55 - 2024-12-31 17:55 - 000000000 ____D C:\Users\ali_b\OneDrive\Dokumente\Foxy Voxel
2024-12-31 17:54 - 2024-12-31 20:42 - 000000016 _____ C:\Users\ali_b\AppData\Roaming\obs-virtualcam.txt
2024-12-31 15:08 - 2024-12-31 15:08 - 000000000 ____D C:\Users\ali_b\OneDrive\Dokumente\Blackmagic Design
2024-12-31 15:07 - 2024-12-31 15:07 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Blackmagic Design
2024-12-31 15:07 - 2024-12-31 15:07 - 000000000 ____D C:\Users\ali_b\AppData\Local\DaVinci Resolve Welcome
2024-12-30 19:56 - 2024-12-30 19:56 - 000000000 ____D C:\Users\ali_b\AppData\Local\ContractVille
2024-12-30 15:36 - 2024-12-30 15:36 - 000000203 _____ C:\Users\ali_b\OneDrive\Desktop\ContractVille.url
2024-12-23 16:12 - 2024-12-23 16:12 - 000000000 ____D C:\Users\ali_b\AppData\Local\CenterStationV1
2024-12-23 15:40 - 2024-12-23 15:40 - 000000203 _____ C:\Users\ali_b\OneDrive\Desktop\Center Station Simulator.url
2024-12-17 19:28 - 2024-12-17 19:28 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-12-16 16:45 - 2024-12-16 16:45 - 004906380 _____ C:\windows\Minidump\121624-11500-01.dmp
2024-12-13 19:11 - 2024-12-13 19:11 - 000022205 _____ C:\windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-13 19:11 - 2024-12-13 19:11 - 000022205 _____ C:\windows\system32\IntegratedServicesRegionPolicySet.json
2024-12-13 18:08 - 2024-12-13 18:08 - 000000000 ___HD C:\$WinREAgent
2024-12-10 01:17 - 2024-12-10 01:17 - 003451100 _____ C:\windows\Minidump\121024-16734-01.dmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2031-06-28 11:43 - 2022-05-10 10:27 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\StardewValley
2025-01-04 20:26 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-04 19:55 - 2021-11-20 14:27 - 000000000 ____D C:\Users\ali_b\AppData\Local\Sidebar7
2025-01-04 19:13 - 2021-11-16 14:21 - 000000000 ____D C:\Users\ali_b\AppData\Local\Steam
2025-01-04 19:10 - 2021-11-19 15:46 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\vlc
2025-01-04 17:50 - 2022-10-17 00:01 - 000000000 ____D C:\Users\ali_b\AppData\Local\OGH
2025-01-04 17:31 - 2020-05-06 11:58 - 000000000 ____D C:\windows\system32\SleepStudy
2025-01-04 16:38 - 2024-06-19 11:13 - 000004198 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{4ED26314-62CD-41AF-B0F4-C2E98EA233F0}
2025-01-04 12:25 - 2021-09-21 08:47 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-04 11:31 - 2019-12-07 12:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-04 11:31 - 2019-12-07 12:14 - 000000000 ____D C:\windows\AppReadiness
2025-01-03 21:47 - 2021-09-21 19:08 - 000725372 _____ C:\windows\system32\perfh01F.dat
2025-01-03 21:47 - 2021-09-21 19:08 - 000159030 _____ C:\windows\system32\perfc01F.dat
2025-01-03 21:47 - 2020-05-06 12:03 - 001820854 _____ C:\windows\system32\PerfStringBackup.INI
2025-01-03 21:47 - 2019-12-07 12:13 - 000000000 ____D C:\windows\INF
2025-01-03 20:26 - 2021-12-01 00:34 - 000000000 ____D C:\Users\ali_b\AppData\Local\CrashDumps
2025-01-03 07:06 - 2021-12-11 17:42 - 000000000 ____D C:\Users\ali_b\AppData\Local\babl-0.1
2025-01-03 07:05 - 2021-12-11 18:01 - 000000000 ____D C:\Users\ali_b\AppData\Local\gtk-2.0
2025-01-02 14:34 - 2023-09-23 20:45 - 000000000 ____D C:\Users\ali_b\AppData\Local\cache
2025-01-02 14:23 - 2021-11-16 13:48 - 000000000 ____D C:\Users\ali_b
2025-01-02 14:23 - 2020-05-06 11:58 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-02 14:23 - 2020-05-06 11:58 - 000000006 ____H C:\windows\Tasks\SA.DAT
2025-01-02 14:23 - 2019-12-07 12:14 - 000000000 ____D C:\windows\ServiceState
2025-01-02 14:23 - 2019-12-07 12:03 - 000786432 _____ C:\windows\system32\config\BBI
2025-01-02 02:58 - 2023-03-04 00:28 - 000000000 ____D C:\Program Files (x86)\Freemake
2025-01-02 02:44 - 2021-12-11 20:52 - 000000000 ____D C:\Users\ali_b\AppData\Local\FreemakeVideoConverter
2025-01-02 02:19 - 2021-11-16 13:54 - 000000000 ____D C:\Users\ali_b\AppData\Local\D3DSCache
2025-01-01 23:36 - 2021-11-16 13:54 - 000000000 ____D C:\Users\ali_b\AppData\Local\Packages
2025-01-01 05:22 - 2022-11-08 12:26 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-12-31 20:58 - 2024-03-13 14:37 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-12-31 20:58 - 2024-03-13 14:37 - 000000000 ____D C:\ProgramData\obs-studio
2024-12-31 20:58 - 2024-03-13 14:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2024-12-31 20:55 - 2024-03-13 14:37 - 000000000 ____D C:\Program Files\obs-studio
2024-12-31 17:55 - 2022-11-06 21:16 - 000000000 ____D C:\Users\ali_b\AppData\LocalLow\Unity
2024-12-31 14:17 - 2024-03-26 20:26 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\paradox-launcher-v2
2024-12-31 11:38 - 2021-12-13 10:46 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Audacity
2024-12-30 22:51 - 2022-12-16 21:13 - 000000000 ____D C:\Users\ali_b\OneDrive\Desktop\YT Downloads
2024-12-30 15:36 - 2021-11-16 14:33 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-12-24 03:42 - 2022-01-28 21:13 - 000000000 ____D C:\windows\SystemTemp
2024-12-23 16:12 - 2021-11-22 12:29 - 000000000 ____D C:\Users\ali_b\AppData\Local\UnrealEngine
2024-12-21 20:17 - 2021-09-21 08:20 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-21 10:11 - 2021-09-21 08:20 - 000003622 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-21 10:11 - 2021-09-21 08:20 - 000003498 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-19 23:37 - 2021-11-16 14:03 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-17 19:28 - 2021-09-21 08:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-12-17 19:28 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-12-17 11:35 - 2021-12-11 20:26 - 000003592 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2266882305-1638506966-3997672796-1001
2024-12-17 11:35 - 2021-11-16 13:56 - 000003380 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2266882305-1638506966-3997672796-1001
2024-12-17 11:35 - 2021-11-16 13:48 - 000002364 _____ C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-16 16:45 - 2022-10-22 19:06 - 1462450221 _____ C:\windows\MEMORY.DMP
2024-12-16 16:45 - 2021-12-11 21:35 - 000000000 ____D C:\windows\Minidump
2024-12-14 14:00 - 2024-01-31 10:44 - 000004290 _____ C:\windows\system32\Tasks\OmenInstallMonitorCustomEvent
2024-12-14 14:00 - 2024-01-31 10:44 - 000004230 _____ C:\windows\system32\Tasks\OmenOverlayCustomEvent
2024-12-14 14:00 - 2023-09-13 11:20 - 000003888 _____ C:\windows\system32\Tasks\OmenInstallMonitor
2024-12-14 14:00 - 2023-09-13 11:20 - 000003828 _____ C:\windows\system32\Tasks\OmenOverlay
2024-12-14 01:15 - 2020-05-06 11:58 - 000699840 _____ C:\windows\system32\FNTCACHE.DAT
2024-12-14 01:14 - 2024-07-11 01:01 - 000000000 ____D C:\windows\system32\compatrel
2024-12-14 01:14 - 2021-09-21 19:42 - 000000000 ____D C:\windows\TextInput
2024-12-14 01:14 - 2021-09-21 19:42 - 000000000 ____D C:\windows\HoloShell
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ___RD C:\windows\PrintDialog
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\SysWOW64\setup
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\SystemResources
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\ShellExperiences
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\setup
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\oobe
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\appraiser
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\ShellExperiences
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\ShellComponents
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\bcastdvr
2024-12-13 19:15 - 2023-06-22 11:51 - 000057952 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\HpReadHWData.sys
2024-12-13 19:14 - 2019-12-07 12:03 - 000000000 ____D C:\windows\CbsTemp
2024-12-13 19:11 - 2020-05-06 12:01 - 003016192 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2024-12-13 18:12 - 2023-05-18 17:51 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-12-13 18:12 - 2023-05-18 17:44 - 000004562 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2024-12-13 18:09 - 2023-11-08 23:01 - 000076000 _____ (McAfee, LLC) C:\windows\system32\Drivers\mfesec.sys
2024-12-13 18:09 - 2023-11-08 23:01 - 000019536 _____ (McAfee, LLC) C:\windows\system32\Drivers\mfeelam.sys
2024-12-13 18:09 - 2019-12-07 12:14 - 000000000 ___HD C:\windows\ELAMBKUP
2024-12-13 18:07 - 2023-09-23 20:45 - 000000000 ____D C:\ProgramData\EA Desktop
2024-12-06 17:59 - 2022-05-15 14:13 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Word
2024-12-05 09:55 - 2024-11-02 07:45 - 000296488 _____ (Microsoft Corporation) C:\windows\system32\gamingservicesproxy_6.dll
2024-12-05 09:55 - 2022-10-20 13:27 - 000124456 _____ (Microsoft Corporation) C:\windows\system32\xgamehelper.exe
2024-12-05 09:55 - 2022-10-20 13:27 - 000075328 _____ (Microsoft Corporation) C:\windows\system32\xgamecontrol.exe
2024-12-05 09:55 - 2021-12-01 10:23 - 000259648 _____ (Microsoft Corporation) C:\windows\system32\gamelaunchhelper.dll
2024-12-05 09:55 - 2021-11-16 10:24 - 002872896 _____ (Microsoft Corporation) C:\windows\system32\xgameruntime.dll
2024-12-05 09:55 - 2021-11-16 10:24 - 000775720 _____ (Microsoft Corporation) C:\windows\system32\gameplatformservices.dll
2024-12-05 09:55 - 2021-11-16 10:24 - 000243264 _____ (Microsoft Corporation) C:\windows\system32\gameconfighelper.dll
2024-12-05 09:55 - 2021-11-16 10:24 - 000153152 _____ (Microsoft Corporation) C:\windows\system32\gamingtcuihelpers.dll
==================== Files in the root of some directories ========
2024-12-31 17:54 - 2024-12-31 20:42 - 000000016 _____ () C:\Users\ali_b\AppData\Roaming\obs-virtualcam.txt
2025-01-03 07:06 - 2025-01-03 07:06 - 000021202 _____ () C:\Users\ali_b\AppData\Local\recently-used.xbel
2025-01-02 02:17 - 2025-01-02 02:17 - 000000036 _____ () C:\Users\ali_b\AppData\Local\_LOCAL_GUID
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt =======================
|
|
04.01.2025, 19:17
| #2 |
| | Kleiner Check nach Problemen Hier die Addition:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by ali_b (04-01-2025 20:43:41)
Running from C:\Users\ali_b\OneDrive\Desktop
Microsoft Windows 10 Home Single Language Version 22H2 19045.5247 (X64) (2021-11-16 07:24:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2266882305-1638506966-3997672796-500 - Administrator - Disabled)
ali_b (S-1-5-21-2266882305-1638506966-3997672796-1001 - Administrator - Enabled) => C:\Users\ali_b
Guest (S-1-5-21-2266882305-1638506966-3997672796-501 - Limited - Disabled)
VarsayılanHesap (S-1-5-21-2266882305-1638506966-3997672796-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2266882305-1638506966-3997672796-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: McAfee (Enabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6}
FW: McAfee (Enabled) {33DABA11-0345-2098-851C-6841DCAA8BCD}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
8GadgetPack (HKLM-x32\...\{A84C39EA-54FE-4CED-B464-97DA9201EB33}) (Version: 35.0.0 - 8GadgetPack.net)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Any Video Converter 9.0.6 (HKLM-x32\...\Any Video Converter) (Version: 9.0.6 - Anvsoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AVerMedia GL710 Live Gamer Portable 3.7.64.39 (HKLM-x32\...\AVerMedia GL710 Live Gamer Portable) (Version: 3.7.64.39 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.3.0.117.2018101201 - AVerMedia Technologies, Inc.)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Blackmagic RAW Common Components (HKLM\...\{B276A28D-9003-4448-B993-2F85E3D3919B}) (Version: 4.3 - Blackmagic Design)
Camtasia 2021 (HKLM\...\{B39F9987-BA62-48CA-9F46-47B7113121E1}) (Version: 21.0.1.30582 - TechSmith Corporation) Hidden
Camtasia 2021 (HKLM-x32\...\{d948d4d1-c53f-4451-8fc9-381b6e1c891b}) (Version: 21.0.1.30582 - TechSmith Corporation)
Canon E410 series Benutzerregistrierung (HKLM-x32\...\Canon E410 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon E410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_E410_series) (Version: 1.02 - Canon Inc.)
Canon E410 series On-screen Manual (HKLM-x32\...\Canon E410 series On-screen Manual) (Version: 1.0.0 - Canon Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Cheat Engine 7.5 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
Corsair Gaming Headset Software (HKLM-x32\...\{6118E939-08B6-4180-8B5B-97836617813B}) (Version: 2.0.35 - Corsair)
DaVinci Resolve (HKLM\...\{81250E7D-5132-434E-9FBB-0B66E2B57EA1}) (Version: 19.1.20003 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{3739CA49-792F-4F1F-9B76-42DFBBBED27E}) (Version: 2.3.0.0 - Blackmagic Design)
DivX-Setup (HKLM\...\DivX Setup) (Version: 10.8.10.0 - DivX, LLC)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.363.3.5877 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{a7151cd1-211b-4578-8af5-f4c6016a3e54}) (Version: 13.363.3.5877 - Electronic Arts)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.15 - Blackmagic Design)
GIMP 2.10.28 (HKLM\...\GIMP-2_is1) (Version: 2.10.28 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.205 - Google LLC)
Google Earth Pro (HKLM\...\{3470AD08-85F2-4B1D-8487-FC4750732087}) (Version: 7.3.6.9796 - Google)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logitech SetPoint 6.90 (HKLM\...\sp6) (Version: 6.90.66 - Logitech)
McAfee (HKLM\...\McAfee.WPS) (Version: 1.24.167.1 - McAfee, LLC)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.995 - McAfee, LLC)
Microsoft .NET Host - 6.0.11 (x64) (HKLM\...\{B92B890A-04F2-4880-BA20-20D4364FB263}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.11 (x64) (HKLM\...\{5E63E49B-C88C-46C5-855C-A7B07C11CDC8}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.11 (x64) (HKLM\...\{C3DD1448-513A-4DB8-978D-6991562EA63D}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - tr-tr (HKLM\...\O365HomePremRetail - tr-tr) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.112 - Microsoft Corporation)
Microsoft Edge WebView2 Çalışma Zamanı (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\OneDriveSetup.exe) (Version: 24.226.1110.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM\...\{A39D4115-3A27-4245-AE92-3214B8B21932}) (Version: 48.47.50419 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM-x32\...\{c4846f79-a633-4ae4-92a3-92fdbeb33da2}) (Version: 6.0.11.31823 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafik Sürücüsü 552.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 552.41 - NVIDIA Corporation)
NVIDIA PhysX Sistem Yazılımı 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 31.0.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20162 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041F-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{8C5CF4CE-D589-40B4-A77F-01FD64602C50}) (Version: 2.4.0 - Paradox Interactive)
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.9.12 - Black Tree Gaming Ltd.)
Windows PC Sistem Durumu Denetimi (HKLM\...\{069FF0BE-DDC4-41D8-8799-CEAA1A506840}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.02 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
WinZip 26.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2413B}) (Version: 26.0.14610 - Corel Corporation)
Chrome apps:
============
Dokumente (HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\ce89e0695af63e9746b26600f1160b7f) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-13] ()
Dropbox-Sonderaktion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.27.0_x64__xbfy0k16fey96 [2024-12-31] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.29.257.0_x64__v10z8vjag6ke6 [2024-12-31] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.6.4.0_x64__v10z8vjag6ke6 [2024-12-13] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-12-31] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2022-09-11] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.41.29.0_x64__v10z8vjag6ke6 [2024-12-22] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6 [2024-12-14] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-12-31] (INTEL CORP)
McAfee -> C:\Program Files\McAfee\wps\1.24.167.1 [2024-12-14] ()
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2025-01-01] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2024-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-12-31] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6 [2024-11-28] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-25] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6 [2024-12-14] (HP Inc.) [Startup Task]
Solitär -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.22.0_x64__kx24dqmazqk8j [2024-12-31] (Random Salad Games LLC)
Spotify – Musik und Podcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0 [2024-12-22] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm [2024-12-22] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-11-09] (Microsoft Corp.)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-05-07] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-11-27] (Microsoft Corp.)
Windows App Runtime DDLM 3000.882.2207.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x6_3000.882.2207.0_x64__8wekyb3d8bbwe [2024-01-07] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x8_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-11-08] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-05-07] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2024-05-07] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\ali_b\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\ali_b\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{e41a3aef-5c40-4832-922f-c8c0a8720acf}\localserver32 -> C:\Program Files\TechSmith\Camtasia 2021\CamtasiaStudio.exe (TechSmith Corporation -> TechSmith Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-03-31] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2022-01-23] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2022-01-23] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.24.167.1\mc-ctxmnu.dll [2024-12-13] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2021-08-17] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-03-31] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2021-08-17] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\System32\DriverStore\FileRepository\nvhdc.inf_amd64_a40f4449e80e2ef2\nvshext.dll [2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.24.167.1\mc-ctxmnu.dll [2024-12-13] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2021-08-17] (Corel Corporation -> WinZip Computing)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\ali_b\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Ali - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
==================== Loaded Modules (Whitelisted) =============
2022-10-20 11:15 - 2021-07-13 09:09 - 000014848 _____ () [File not signed] C:\Users\ali_b\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\AccentColor.64.dll
2024-12-13 19:08 - 2024-12-13 19:08 - 000138240 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\f1c970a90cd1f16bf4716517b0d46346\Interop.IWshRuntimeLibrary.ni.dll
2024-03-13 18:50 - 2012-08-08 10:20 - 000582144 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerMedia RECentral\dll\AVerHIDCtrl.dll
2024-03-13 18:50 - 2018-03-31 05:09 - 002058240 _____ (AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerMedia RECentral\dll\C875Device.dll
2022-11-08 12:54 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2022-11-08 12:54 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2014-08-18 13:11 - 2014-08-18 13:11 - 000129536 _____ (Corsair Components, Inc.) [File not signed] D:\Corsair\CorsairDevice.dll
2013-07-25 00:26 - 2013-07-25 00:26 - 002598912 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] D:\Corsair\QtCore4.dll
2013-06-27 11:16 - 2013-06-27 11:16 - 008581632 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] D:\Corsair\QtGui4.dll
2013-06-27 11:10 - 2013-06-27 11:10 - 000356352 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] D:\Corsair\QtXml4.dll
2024-12-13 19:07 - 2024-12-13 19:07 - 000139776 _____ (hardcodet.net) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\90f534b46bc743cf851dc50cafddb712\Hardcodet.Wpf.TaskbarNotification.ni.dll
2022-10-20 11:15 - 2022-06-27 12:21 - 000660992 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2022-10-20 11:15 - 2022-07-06 20:44 - 000481792 _____ (Helmut Buhler) [File not signed] C:\Users\ali_b\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll
2024-12-14 14:09 - 2024-12-14 14:09 - 000432128 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_64\LauncherSDK\e429a0da8c01bbfb60111abb02574fc9\LauncherSDK.ni.dll
2024-12-14 14:09 - 2024-12-14 14:09 - 000037888 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_64\Logging\f83258b406f7e0011032448137b9e628\Logging.ni.dll
2024-12-14 14:09 - 2024-12-14 14:09 - 000153088 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_64\RpcClient\5eb29205e8622c36ff2f873c925e0073\RpcClient.ni.dll
2024-12-14 14:09 - 2024-12-14 14:09 - 000118272 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_64\WMISDK\2f0514d286050fa258df463fe1ada8f9\WMISDK.ni.dll
2024-12-13 19:08 - 2024-12-13 19:08 - 001716736 _____ (Mark Heath & Contributors) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\NAudio\e45cb0fe7b02da89749835246ab2d160\NAudio.ni.dll
2024-12-13 19:08 - 2024-12-13 19:08 - 003088896 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\d28f16449d7993f42e84178735a33e62\Newtonsoft.Json.ni.dll
2024-12-14 14:09 - 2024-12-14 14:09 - 003884544 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\16b5644c5c2fc36401b8037787a12985\Newtonsoft.Json.ni.dll
2024-12-13 19:07 - 2024-12-13 19:07 - 000780288 _____ (The Apache Software Foundation) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\log4net\08d35ae021d65e241c4fd25de1f311d7\log4net.ni.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mc-fw-host => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
SearchScopes: HKLM -> {229355B6-9045-4DBB-9D8A-6F7B598B6B03} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {229355B6-9045-4DBB-9D8A-6F7B598B6B03} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001 -> {229355B6-9045-4DBB-9D8A-6F7B598B6B03} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2023-01-11] (Logitech Inc -> Logitech, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2024-12-17] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2023-01-11] (Logitech Inc -> Logitech, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2024-12-17] (HP Inc. -> HP Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 12:14 - 2019-12-07 12:12 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
2021-11-21 21:26 - 2021-11-21 21:26 - 000000447 _____ C:\windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ali_b\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Microsoft\Windows Security Health\State => (AppAndBrowser_StoreAppsSmartScreenOff: 0)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys
Bluetooth Ağ Bağlantısı: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
nt_rtf64: Realtek LightWeight Filter (NDIS6.40)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\StartupApproved\Run: => "HPSEU_Host_Launcher"
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_51FA75F58421240AA0A293AA15CB097C"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DB0DE50E-2DC6-4DA4-AF5F-BDCE86DDA04F}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{70039092-5942-435B-9B56-56CA3340515A}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D1408A7E-7147-489F-80E0-FC4E15BC8F9A}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BD117097-43F2-4849-9AFB-F016E71D3C27}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F8BBB83B-1541-4113-B9A0-4E747BDCB29A}] => (Allow) D:\Steam\steamapps\common\Going Medieval\Going Medieval.exe () [File not signed]
FirewallRules: [{7284A0E3-2533-4E71-A3CC-92A7E9619D5B}] => (Allow) D:\Steam\steamapps\common\Going Medieval\Going Medieval.exe () [File not signed]
FirewallRules: [{AD072F25-DD93-42F8-9693-82B391A1F3F5}] => (Allow) D:\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{4AA0FA6B-64FE-460C-87E2-72C5EE126A11}] => (Allow) D:\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7E36CABE-65D5-4666-A70C-0D893110E4F2}] => (Allow) D:\Steam\steamapps\common\King of Retail\KingOfRetail.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C98593BD-8282-47A4-9A91-B26A82860402}] => (Allow) D:\Steam\steamapps\common\King of Retail\KingOfRetail.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{58C7CCFE-1E01-4FEE-8B89-1BC87A565D1E}] => (Allow) D:\Steam\steamapps\common\The Long Drive\TheLongDrive.exe () [File not signed]
FirewallRules: [{3827799C-F471-441E-8EA1-01C87743AABA}] => (Allow) D:\Steam\steamapps\common\The Long Drive\TheLongDrive.exe () [File not signed]
FirewallRules: [{C2BFA7F1-55B7-4919-B3E6-1F285ECD33B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFC54DFB-1733-4DC4-BC7A-430431086912}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C4C18B5-3342-41E3-A0C9-033AD2A4B69B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9F07FD5E-2D39-4BB7-AE90-33CD802272BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0C2C3480-4CEE-4E5B-A2CA-C14EB852A3A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A273453E-8E05-4B2B-99EA-BED1665721D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E287094C-2A24-4F8E-B2DE-C269A047854B}] => (Allow) D:\Steam\steamapps\common\TransOcean2\TransOcean2.exe () [File not signed]
FirewallRules: [{BCD9A7FC-2A23-4750-B263-6C6D733271C7}] => (Allow) D:\Steam\steamapps\common\TransOcean2\TransOcean2.exe () [File not signed]
FirewallRules: [{2325E65F-893D-4D1E-869D-E45C97178F55}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3422.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6254852A-875B-4FBA-A010-AE794D082F68}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3422.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9EA529E3-3FD4-4CE0-B8E8-D678CD9E5874}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3422.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7023653F-26BD-4960-A68E-E10ADB711370}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3422.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED35298A-2E9A-485F-95F7-206E9E8239FF}] => (Allow) D:\Steam\steamapps\common\Big Ambitions\Big Ambitions.exe () [File not signed]
FirewallRules: [{4AB6C667-8C0A-4F9E-8D0A-88F57934873A}] => (Allow) D:\Steam\steamapps\common\Big Ambitions\Big Ambitions.exe () [File not signed]
FirewallRules: [{0B5557F9-EA12-4218-9138-8A6AFCF8CB0D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{61ADA959-B541-4A41-8286-E60804E3AEEE}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5D96CB9C-EBAE-41AD-8BBA-6744B1970A1C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8617AA05-02F1-4748-9066-FBA9BA8112E2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{0500AD03-0D86-4A1B-A3B3-BE85F01A4141}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{767EC01A-F3CF-4DB0-A309-28F3321C9002}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{363374F9-B115-4932-8F45-7C3AC70B0319}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{29DB1D27-0198-4DC7-899E-CE62434B494F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E7FD15B-CDDB-47A8-B39C-6F8255C4FD9B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{08D63DF1-7219-48B2-81F2-822E2991ADCB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{1435E63B-50CA-417B-8A65-9E5782F40D6E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{16E3D6CB-7317-4050-9609-D079952E4CDA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EA4C5E11-0206-42BC-876D-A3889E4D521D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{AF76C09C-4E8C-49EF-AAAB-B25ABC32EDEB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{93035EDC-3B04-413D-866F-0DF0EDCA6314}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe => No File
FirewallRules: [{D812444D-E080-40ED-82D9-7BF8B5C605D4}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe => No File
FirewallRules: [{8107F985-F0C8-4622-A47D-F8F666F77A45}] => (Allow) D:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{4DBA88B1-4DC0-45E5-80E7-D49CD11DCCFC}] => (Allow) D:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{C76303FB-765C-4E7B-8FA5-497D0F01C647}] => (Allow) D:\Steam\steamapps\common\Supermarket Simulator\Supermarket Simulator.exe () [File not signed]
FirewallRules: [{20C768EE-C7DB-455D-B4C5-02FB41726ED5}] => (Allow) D:\Steam\steamapps\common\Supermarket Simulator\Supermarket Simulator.exe () [File not signed]
FirewallRules: [{B0571009-A08F-4BE1-B7AC-49B598F345E5}] => (Allow) D:\Steam\steamapps\common\The Infected\TheInfected.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{0E20FC8E-0DF5-4628-9FEA-2F7FD5F61902}] => (Allow) D:\Steam\steamapps\common\The Infected\TheInfected.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{65ECE3B5-CD20-4ECA-8597-95A0BE11DA07}D:\avermedia\avermedia recentral 4\recentral 4.exe] => (Block) D:\avermedia\avermedia recentral 4\recentral 4.exe => No File
FirewallRules: [UDP Query User{2ED7C761-3E39-448E-8C0C-0B64BEC769EA}D:\avermedia\avermedia recentral 4\recentral 4.exe] => (Block) D:\avermedia\avermedia recentral 4\recentral 4.exe => No File
FirewallRules: [{341A4B3A-41B8-421E-83E0-20339FE39CE5}] => (Allow) D:\Steam\steamapps\common\Millennia\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{6A14EE67-1948-4A3B-B06B-80137C7F10FC}] => (Allow) D:\Steam\steamapps\common\Millennia\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{44091B16-4C66-4BE1-8B74-369F7CC34676}D:\steam\steamapps\common\king of retail\kingofretail\binaries\win64\kingofretail-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\king of retail\kingofretail\binaries\win64\kingofretail-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{878BC27B-320F-4EF0-B6E2-435DC8AC9570}D:\steam\steamapps\common\king of retail\kingofretail\binaries\win64\kingofretail-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\king of retail\kingofretail\binaries\win64\kingofretail-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{28401D48-3A15-491B-8809-2F1CABF7B4A3}D:\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe (Render Cube, Toplitz Productions) [File not signed]
FirewallRules: [UDP Query User{A5B2E180-5F4A-40AE-BE06-632452DEA867}D:\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe (Render Cube, Toplitz Productions) [File not signed]
FirewallRules: [{157F7130-1A8A-4A13-B413-28D0A7059474}] => (Allow) D:\Steam\steamapps\common\Tropico 6\Tropico6.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{70E572E0-9420-4BE7-AC1D-E00D215AF5E4}] => (Allow) D:\Steam\steamapps\common\Tropico 6\Tropico6.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{CDD1FE08-ECB5-46A4-AD2D-1549226DAFA2}] => (Allow) D:\Steam\steamapps\common\Travellers Rest\Windows\TravellersRest.exe () [File not signed]
FirewallRules: [{853E4176-CE47-4176-AD51-15755DD44850}] => (Allow) D:\Steam\steamapps\common\Travellers Rest\Windows\TravellersRest.exe () [File not signed]
FirewallRules: [{8C76ABD9-C4C4-4997-9D64-F231758FAAD2}] => (Allow) D:\Steam\steamapps\common\Republic of Pirates\Republic of Pirates.exe () [File not signed]
FirewallRules: [{59468A10-278B-404B-A99D-D62482E754A8}] => (Allow) D:\Steam\steamapps\common\Republic of Pirates\Republic of Pirates.exe () [File not signed]
FirewallRules: [{96A06A76-C024-4B0E-B0D8-74FFC32C476B}] => (Allow) D:\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\x64\Ship\Marvel Puzzle Quest.exe => No File
FirewallRules: [{6968908C-B0C8-464D-BEA5-B3D27BB38A1D}] => (Allow) D:\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\x64\Ship\Marvel Puzzle Quest.exe => No File
FirewallRules: [{DA1F0B80-5098-471B-871B-DAE9B3761EA7}] => (Allow) D:\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C38B9C8-E322-41F5-82EF-679835E852C2}] => (Allow) D:\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6908D449-DE4C-4950-8F03-DEAF7B54C47A}] => (Allow) D:\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{2B7B9DFC-C743-4F6A-8A98-C3087BB6BFE8}] => (Allow) D:\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{9D4B787D-FB82-4AB3-BD5A-5106F1D19C39}] => (Allow) D:\Steam\steamapps\common\Knock on the Coffin Lid\Knock.exe () [File not signed]
FirewallRules: [{FD10387E-812D-4CD9-B5BB-C18844123C27}] => (Allow) D:\Steam\steamapps\common\Knock on the Coffin Lid\Knock.exe () [File not signed]
FirewallRules: [TCP Query User{83302A92-6D51-4A58-A075-4658900398B6}D:\steam\steamapps\common\age of empires iv\reliccardinal.exe] => (Block) D:\steam\steamapps\common\age of empires iv\reliccardinal.exe => No File
FirewallRules: [UDP Query User{B5871182-0B99-458E-A09F-88097F9AFD38}D:\steam\steamapps\common\age of empires iv\reliccardinal.exe] => (Block) D:\steam\steamapps\common\age of empires iv\reliccardinal.exe => No File
FirewallRules: [{70C205D2-EA50-4A95-8D76-905CB3A60EEC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{561C02A5-F065-4F62-89E2-495896E1636A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B29C837F-5C6F-4AC1-8582-5EB4F1FBBD2E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{9FF227BF-EFD0-4CE9-B9CB-0C4EFA208EB8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B809653E-A3B9-4FBA-851F-37B4835F7633}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{7CB851B4-E1D5-4859-8C01-F5E3E552C2FD}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B1FCCC4D-0262-4039-BD73-D29535CCEC5F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{D15252F8-2EFA-47E2-BC91-D8AD028CF14D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{3BACFB74-7591-477C-8C58-AC46716895AE}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B63E2C79-C5BB-40FF-A875-17409FD9FC0E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{9E1AA392-067D-412A-8AA0-218751E3D609}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{09FD207D-E8F4-4CB2-AB5D-9A09B3A60F2F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{EBB5588F-6C0A-4932-A26D-90DA84462C5D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{D814DF7D-8313-4D97-B9C5-00F31D157487}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{550BCF95-F96C-4BED-A599-8462F4208062}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{A1BE9773-5E79-4814-97C0-49B8236BDADE}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{BE8D8523-09F9-4F6F-A082-98C3BFA10A8A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2411.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{970819ED-D2C6-46BB-BB03-B41B8CC13298}] => (Allow) D:\Steam\steamapps\common\Motel Manager Simulator\MotelSim.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9E2FB5DC-607D-42A4-A3D7-5B759D2AC016}] => (Allow) D:\Steam\steamapps\common\Motel Manager Simulator\MotelSim.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{640F21D7-8EB9-467E-8926-8B995579B3B3}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{9408E327-6EF3-4C6A-A107-9CBCA2D56CDE}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{8C4679AE-9E34-49DC-8237-BD8E2D76C16A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{3E1FD7A7-AA3D-41CB-A81E-330556109E7E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{D6C3FB4E-2A1A-49CE-A154-A7C659095263}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{63604FDD-0A11-45E6-93B4-68EF37AD9067}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{8B3A79E3-B653-4C58-BA6E-B53538465015}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{FDDB6599-58F4-4272-8AC3-4A0E31914F77}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{628A4061-F1D8-446B-81B9-47A10E1DB77B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B9ECACAD-0D2E-45E2-A5A1-861142EE029E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{9C82EDC7-CB60-4D8B-A52C-1B32DCC8E320}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{80D4D734-0FF7-4497-887D-300F1005D64D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{CC21685E-64C2-4FC0-958B-94DD4F6E063A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{DA63D7E0-B85E-405F-AEDC-3ADC0EA0E957}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{AF22D9F1-C67F-4E81-8BD4-64F52A6EB254}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{57C8CB4F-F764-4BDD-8342-CB580C6E32AD}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{670D2326-E0A0-4C92-8DC3-5D52503CC4C1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2025AABB-DD63-471B-A864-9007993C8CFC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE1D6456-E872-4967-A5EA-149654A4286D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F8BCC5DA-D8EB-4867-B515-29350007E5D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2105E148-0C86-4117-981C-A946BBD9D778}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{36B9257C-15CD-4640-A9B0-657207AD90C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{392793AF-1B3D-4DC0-B911-FB965827DA0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8E3E932B-6CB8-4002-A8A4-7BD79A99FB37}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{59B20535-F965-4FC5-B8D2-5C75EFC7DD8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F63788D0-D7F6-436F-8A30-6B02C8E215AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EDF1713C-9698-4318-BBE1-6DFF425B5AC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E8905CC8-B671-4BB2-9A2A-1516CC9ACAD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0BFA55AF-FF7E-4299-84E5-B0D582BEA989}] => (Allow) D:\Steam\steamapps\common\Center Station Simulator\CenterStationV1.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{8A7DDB58-ACD2-49C3-A98F-E5D1EBF45B7C}] => (Allow) D:\Steam\steamapps\common\Center Station Simulator\CenterStationV1.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F21547E4-AEBF-4124-96A7-FF10685B242F}] => (Allow) D:\Steam\steamapps\common\ContractVille\ContractVille.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{29B62479-E42D-4DDA-99D5-D6F5507716A0}] => (Allow) D:\Steam\steamapps\common\ContractVille\ContractVille.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{CE15BE47-DF10-4C45-87CB-B5104E5D3D0D}D:\davinci resolve\resolve.exe] => (Allow) D:\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{87B6C9D5-FEF4-4001-8242-580B42A69E85}D:\davinci resolve\resolve.exe] => (Allow) D:\davinci resolve\resolve.exe => No File
FirewallRules: [TCP Query User{730E578A-7032-4AE7-95B5-44B2B92D66BE}D:\blackmagic design\davinci resolve\resolve.exe] => (Allow) D:\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd. -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{3AFE1747-10F9-4ECA-9B51-F1844B9DD816}D:\blackmagic design\davinci resolve\resolve.exe] => (Allow) D:\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd. -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{18065E62-B149-4F14-85FC-00AA67ACCABD}] => (Allow) C:\Users\ali_b\OneDrive\Desktop\hitpaw-video-converter_neo_11735768930813196201.exe => No File
FirewallRules: [{AB71316E-64E8-4845-BB24-C25D54969C6B}] => (Allow) C:\Users\ali_b\OneDrive\Desktop\hitpaw-video-converter_neo_11735768930813196201.exe => No File
FirewallRules: [{5B1B56BC-9263-42C5-B2EA-E60ACE0F0FD0}] => (Allow) C:\Users\ali_b\AppData\Local\HitPaw Software\HitPawVideoConverter\cache\OnlineLocal\HP_FaceBlurDownload\AI-Center.exe => No File
FirewallRules: [{BC6E04BC-B0FC-4401-A0E2-92AE754DFE58}] => (Allow) C:\Users\ali_b\AppData\Local\HitPaw Software\HitPawVideoConverter\cache\OnlineLocal\HP_SmartCroppingDownload\ZNCJPackage\ZNCJ_Server.exe => No File
FirewallRules: [{D621C80B-6FF3-4D99-8845-A145DD3E1C88}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{EFDDED25-F4B0-4174-8752-FDC2E984FF77}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9E1268EE-3EB2-4B05-958B-59AB1ED3A179}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E6E69ED3-B6E2-42BA-A84B-A2D32766E5FC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{886976EB-E3E2-486D-8EFF-1B217708657F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9F6F177A-6B6A-4611-9F34-B5B7EEFC25DA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F3A4A0E6-452E-4295-B78F-09F0B00056A5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5E6B7233-C0BE-4892-A880-00A5C7C22DD2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D75681CA-D21A-4656-995B-AFEF97E09C1A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8B84587B-91F4-4E70-AB7B-72F90BAF9BA8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E73BD412-B71A-4A10-B5C0-EECD369EF695}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4934F0B5-731D-44DF-9B80-5C5EBE178F71}] => (Allow) D:\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd. -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{8469D7C2-CF09-47AC-90C0-BFA0A86F6F67}] => (Allow) D:\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd. -> )
FirewallRules: [{6E18B836-8A0E-4240-BFC4-2856000495DC}] => (Allow) D:\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd. -> )
FirewallRules: [{AE6EE975-C383-45EA-A66D-2117309905AB}] => (Allow) D:\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd. -> )
FirewallRules: [{F56382AE-F067-4FCE-8595-7F91F7EC32A3}] => (Allow) D:\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd. -> )
FirewallRules: [{1937F3EA-83EF-4371-A83E-A72DD17C5282}] => (Allow) D:\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd. -> )
FirewallRules: [{AD01F8DD-7881-46EF-8AC0-652546E31B7D}] => (Allow) D:\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{169611C7-0249-4308-8839-54B0C81E1D4A}] => (Allow) D:\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd. -> Blackmagic Design Pty. Ltd.)
==================== Restore Points =========================
31-12-2024 15:05:49 Installed DaVinci Resolve
01-01-2025 23:36:41 Removed Blackmagic RAW Common Components
01-01-2025 23:37:09 Removed DaVinci Resolve
01-01-2025 23:37:30 Removed DaVinci Resolve Control Panels
02-01-2025 00:41:10 Installed DaVinci Resolve
02-01-2025 14:35:43 Removed DaVinci Resolve
02-01-2025 14:36:01 Removed DaVinci Resolve Control Panels
02-01-2025 14:36:23 Removed Blackmagic RAW Common Components
02-01-2025 14:40:02 Installed DaVinci Resolve
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/04/2025 09:55:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: "C:\Program Files\Logitech\SetPointP\SetPoint.exe" için etkinleştirme içeriği oluşturulamadı.
Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" Bağımlı Derlemesi bulunamadı.
Lütfen ayrıntılı tanılama için sxstrace.exe programını kullanın.
Error: (01/03/2025 08:26:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: DivXUpdate.exe, sürüm: 10.8.10.0, zaman damgası: 0x6303ce7f
Hatalı modül adı: Qt5Core.dll, sürüm: 5.15.2.0, zaman damgası: 0x5fa4dd26
Özel durum kodu: 0xc0000409
Hata uzaklığı 0x0001f081
Hatalı işlem kimliği: 0x2264
Uygulama başlangıç zamanı: 0x01db5e04a9a2d2fe
Hatalı uygulama yolu: C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe
Hatalı modül yolu: C:\Program Files (x86)\Common Files\DivX Shared\Qt5.6\Qt5Core.dll
Rapor kimliği: 804904de-5593-4a28-914f-3b763f77b808
Hatalı paket tam adı:
Hatalı paketle ilgili uygulama kimliği:
Error: (01/03/2025 05:25:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: "C:\Program Files\Logitech\SetPointP\SetPoint.exe" için etkinleştirme içeriği oluşturulamadı.
Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" Bağımlı Derlemesi bulunamadı.
Lütfen ayrıntılı tanılama için sxstrace.exe programını kullanın.
Error: (01/02/2025 08:07:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: FreemakeVC.exe, sürüm: 4.1.13.106, zaman damgası: 0x619208dd
Hatalı modül adı: clr.dll, sürüm: 4.8.9290.0, zaman damgası: 0x67214cb2
Özel durum kodu: 0xc0000005
Hata uzaklığı 0x0018d35e
Hatalı işlem kimliği: 0x2fdc
Uygulama başlangıç zamanı: 0x01db5d33af9e230b
Hatalı uygulama yolu: D:\Freemake\Freemake Video Converter\FreemakeVC.exe
Hatalı modül yolu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Rapor kimliği: d8f87e9f-7810-483c-81bf-296916fd03af
Hatalı paket tam adı:
Hatalı paketle ilgili uygulama kimliği:
Error: (01/02/2025 08:07:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeVC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
at System.Diagnostics.Process.EnsureState(State)
at System.Diagnostics.Process.get_Threads()
at ConverterCommon.Models.ProcessExtension.Suspend(System.Diagnostics.Process)
at ConverterCommon.Models.ConsoleVideoConverter.Pause()
at ConverterCommon.Models.FormatConverter.Pause()
at ConverterCommon.Models.Manager.ProcessManagerBase.Pause()
at VideoConverter.ViewModels.ProgressViewModels.ProgressViewModel.StartUiFreezePreventing()
at VideoConverter.Commands.DelegateCommand.Execute()
at VideoConverter.Commands.DelegateCommand.System.Windows.Input.ICommand.Execute(System.Object)
at Freemake.CustomControls.NonRectWindow.<.ctor>b__170_3(System.Object, System.EventArgs)
at Freemake.CustomControls.NonRectWindow.HeaderMouseDown(System.Object, System.Windows.Input.MouseButtonEventArgs)
at System.Windows.Input.MouseButtonEventArgs.InvokeEventHandler(System.Delegate, System.Object)
at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseTrustedEvent(System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs, Boolean)
at System.Windows.Input.InputManager.ProcessStagingArea()
at System.Windows.Input.InputManager.ProcessInput(System.Windows.Input.InputEventArgs)
at System.Windows.Input.InputProviderSite.ReportInput(System.Windows.Input.InputReport)
at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr, System.Windows.Input.InputMode, Int32, System.Windows.Input.RawMouseActions, Int32, Int32, Int32)
at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Window.ShowHelper(System.Object)
at System.Windows.Window.Show()
at System.Windows.Window.ShowDialog()
at Common.Services.DialogShowHelper.ShowWindowAsDialog(System.Windows.Window)
at Common.Services.Navigator.ShowView(System.Object, System.Type)
at Common.Services.Navigator.NavigateTo(System.Object)
at VideoConverter.ViewModels.ProgressViewModels.ProgressViewModel.ShowProgress()
at VideoConverter.Services.ConversionProgressUiService.ShowProgress()
at ConverterCommon.ViewModels.ConvertPropertiesViewModelBase.StartProcessInternal()
at ConverterCommon.ViewModels.FormatPropertiesViewModel.StartProcess()
at VideoConverter.ViewModels.SettingsViewModels.VideoFormatPropertiesViewModel.StartProcess()
at ConverterCommon.ViewModels.ConvertPropertiesViewModelBase.StartProcessExecute()
at ConverterCommon.ViewModels.ConvertPropertiesViewModelBase.StartProcessClick()
at Common.Commands.DelegateCommand.Execute()
at Common.Commands.DelegateCommand.System.Windows.Input.ICommand.Execute(System.Object)
at MS.Internal.Commands.CommandHelpers.CriticalExecuteCommandSource(System.Windows.Input.ICommandSource, Boolean)
at System.Windows.Controls.Primitives.ButtonBase.OnClick()
at System.Windows.Controls.Button.OnClick()
at System.Windows.Controls.Primitives.ButtonBase.OnMouseLeftButtonUp(System.Windows.Input.MouseButtonEventArgs)
at System.Windows.UIElement.OnMouseLeftButtonUpThunk(System.Object, System.Windows.Input.MouseButtonEventArgs)
at System.Windows.Input.MouseButtonEventArgs.InvokeEventHandler(System.Delegate, System.Object)
at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.ReRaiseEventAs(System.Windows.DependencyObject, System.Windows.RoutedEventArgs, System.Windows.RoutedEvent)
at System.Windows.UIElement.OnMouseUpThunk(System.Object, System.Windows.Input.MouseButtonEventArgs)
at System.Windows.Input.MouseButtonEventArgs.InvokeEventHandler(System.Delegate, System.Object)
at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseTrustedEvent(System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs, Boolean)
at System.Windows.Input.InputManager.ProcessStagingArea()
at System.Windows.Input.InputManager.ProcessInput(System.Windows.Input.InputEventArgs)
at System.Windows.Input.InputProviderSite.ReportInput(System.Windows.Input.InputReport)
at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr, System.Windows.Input.InputMode, Int32, System.Windows.Input.RawMouseActions, Int32, Int32, Int32)
at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Window.ShowHelper(System.Object)
at System.Windows.Window.Show()
at System.Windows.Window.ShowDialog()
at Common.Services.DialogShowHelper.ShowWindowAsDialog(System.Windows.Window)
at Common.Services.Navigator.ShowView(System.Object, System.Type)
at Common.Services.Navigator.NavigateTo(System.Object)
at ConverterCommon.ViewModels.FormatPropertiesViewModel.ShowProperties()
at VideoConverter.ViewModels.SettingsViewModels.VideoFormatPropertiesViewModel.ShowProperties()
at VideoConverter.ViewModels.MainViewModel.ConvertInternal(System.String, Boolean, Boolean)
at VideoConverter.ViewModels.MainViewModel.Convert(System.String, Boolean, Boolean)
at VideoConverter.ViewModels.MainViewModel.<get_ConvertCommand>b__402_0(System.String)
at VideoConverter.Commands.DelegateCommand`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Execute(System.__Canon)
at VideoConverter.Commands.DelegateCommand`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].System.Windows.Input.ICommand.Execute(System.Object)
at MS.Internal.Commands.CommandHelpers.CriticalExecuteCommandSource(System.Windows.Input.ICommandSource, Boolean)
at System.Windows.Controls.Primitives.ButtonBase.OnClick()
at System.Windows.Controls.Button.OnClick()
at System.Windows.Controls.Primitives.ButtonBase.OnMouseLeftButtonUp(System.Windows.Input.MouseButtonEventArgs)
at System.Windows.UIElement.OnMouseLeftButtonUpThunk(System.Object, System.Windows.Input.MouseButtonEventArgs)
at System.Windows.Input.MouseButtonEventArgs.InvokeEventHandler(System.Delegate, System.Object)
at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.ReRaiseEventAs(System.Windows.DependencyObject, System.Windows.RoutedEventArgs, System.Windows.RoutedEvent)
at System.Windows.UIElement.OnMouseUpThunk(System.Object, System.Windows.Input.MouseButtonEventArgs)
at System.Windows.Input.MouseButtonEventArgs.InvokeEventHandler(System.Delegate, System.Object)
at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseTrustedEvent(System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs, Boolean)
at System.Windows.Input.InputManager.ProcessStagingArea()
at System.Windows.Input.InputManager.ProcessInput(System.Windows.Input.InputEventArgs)
at System.Windows.Input.InputProviderSite.ReportInput(System.Windows.Input.InputReport)
at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr, System.Windows.Input.InputMode, Int32, System.Windows.Input.RawMouseActions, Int32, Int32, Int32)
at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at VideoConverter.App.Main()
Error: (01/02/2025 07:55:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: Resolve.exe, sürüm: 19.1.2.3, zaman damgası: 0x00000000
Hatalı modül adı: FairlightPage.dll, sürüm: 19.1.2.3, zaman damgası: 0x675acdcc
Özel durum kodu: 0xc0000005
Hata uzaklığı 0x0000000000e7a8f0
Hatalı işlem kimliği: 0x17ec
Uygulama başlangıç zamanı: 0x01db5d3651b250dc
Hatalı uygulama yolu: D:\Blackmagic Design\DaVinci Resolve\Resolve.exe
Hatalı modül yolu: D:\Blackmagic Design\DaVinci Resolve\FairlightPage.dll
Rapor kimliği: affc2b5e-fcc9-4839-9ae7-fe773af47182
Hatalı paket tam adı:
Hatalı paketle ilgili uygulama kimliği:
Error: (01/02/2025 07:29:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: FreemakeVC.exe, sürüm: 4.1.13.106, zaman damgası: 0x619208dd
Hatalı modül adı: KERNELBASE.dll, sürüm: 10.0.19041.5247, zaman damgası: 0xf6de4130
Özel durum kodu: 0xe0434352
Hata uzaklığı 0x00140f62
Hatalı işlem kimliği: 0x5690
Uygulama başlangıç zamanı: 0x01db5d33907d1496
Hatalı uygulama yolu: C:\Users\ali_b\OneDrive\Desktop\FreemakeVC.exe
Hatalı modül yolu: C:\windows\System32\KERNELBASE.dll
Rapor kimliği: 0f36ef8f-6acd-436b-af60-7c23543e1db9
Hatalı paket tam adı:
Hatalı paketle ilgili uygulama kimliği:
Error: (01/02/2025 07:29:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Uygulama: FreemakeVC.exe
Framework Sürümü: v4.0.30319
Açıklama: İşlenmeyen bir özel durum nedeniyle işlem sonlandırıldı.
Özel Durum Bilgisi: System.IO.FileNotFoundException
konum: VideoConverter.App..cctor()
Özel Durum Bilgisi: System.TypeInitializationException
konum: VideoConverter.App.Main()
System errors:
=============
Error: (01/03/2025 08:34:34 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-G9F6VUF)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.
Error: (01/02/2025 02:25:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Google Güncelleme Hizmeti (gupdate) hizmeti şu hata nedeniyle başlatılamadı:
Hizmet, belirli aralıklarla yapılan başlama veya denetim isteğine yanıt vermedi.
Error: (01/02/2025 02:25:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Google Güncelleme Hizmeti (gupdate) hizmetinin bağlanması beklenirken zaman aşımı (30000 milisaniye) oluştu.
Error: (01/02/2025 02:24:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: GameInput Service hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu durum 6 defa oluştu.
Error: (01/02/2025 02:24:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: GameInput Service hizmet şu hata ile sona erdi:
Bileşim dosyası GameInput Service daha yeni bir depolama sürümüyle üretilmiş.
Error: (01/02/2025 02:24:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: GameInput Service hizmeti beklenmedik şekilde sona erdi. Bu durum 5 defa oluştu. 1000 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.
Error: (01/02/2025 02:24:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: GameInput Service hizmet şu hata ile sona erdi:
Bileşim dosyası GameInput Service daha yeni bir depolama sürümüyle üretilmiş.
Error: (01/02/2025 02:24:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: GameInput Service hizmeti beklenmedik şekilde sona erdi. Bu durum 4 defa oluştu. 1000 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.
Windows Defender:
================Event[0]:
Date: 2024-11-07 06:13:23
Description:
Bei Microsoft Defender Virüsten Koruma ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.421.145.0
%Vorherige Version der Sicherheitsinformationen: 1.419.731.0
Update Source: Kullanıcı
Sicherheitstyp: Casus Yazılım Önleme
Updatetyp: Tam
Benutzer: NT AUTHORITY\SYSTEM
Aktuelle Modulversion: 1.1.24090.11
%Vorherige Modulversion: 1.1.24080.9
Fehlercode: 0x80070002
Fehlerbeschreibung: Sistem belirtilen dosyayı bulamıyor.
Date: 2024-11-07 06:13:23
Description:
Bei Microsoft Defender Virüsten Koruma ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.421.145.0
%Vorherige Version der Sicherheitsinformationen: 1.419.731.0
Update Source: Kullanıcı
Sicherheitstyp: Virüsten Koruma
Updatetyp: Tam
Benutzer: NT AUTHORITY\SYSTEM
Aktuelle Modulversion: 1.1.24090.11
%Vorherige Modulversion: 1.1.24080.9
Fehlercode: 0x80070002
Fehlerbeschreibung: Sistem belirtilen dosyayı bulamıyor.
Date: 2024-11-07 06:13:23
Description:
Fehler von Microsoft Defender Virüsten Koruma beim Aktualisieren des Moduls.
Neue Modulversion: 1.1.24090.11
Vorherige Modulversion: 1.1.24080.9
Benutzer: NT AUTHORITY\SYSTEM
Fehlercode: 0x80070002
Fehlerbeschreibung: Sistem belirtilen dosyayı bulamıyor.
Date: 2024-09-30 10:29:43
Description:
Bei Microsoft Defender Virüsten Koruma ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.419.85.0
Update Source: Microsoft Kötü Amaçlı Yazılımdan Koruma Merkezi
Sicherheitstyp: Virüsten Koruma
Updatetyp: Tam
Benutzer: NT AUTHORITY\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.24080.9
Fehlercode: 0x80004004
Fehlerbeschreibung: İşlem iptal edildi
Date: 2024-09-30 10:29:43
Description:
Bei Microsoft Defender Virüsten Koruma ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.419.85.0
Update Source: Microsoft Kötü Amaçlı Yazılımdan Koruma Merkezi
Sicherheitstyp: Casus Yazılım Önleme
Updatetyp: Tam
Benutzer: NT AUTHORITY\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.24080.9
Fehlercode: 0x80004004
Fehlerbeschreibung: İşlem iptal edildi
CodeIntegrity:
===============
Date: 2025-01-04 14:15:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\WPS\1.24.167.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.
Date: 2025-01-04 09:55:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\WPS\1.24.167.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.10 07/29/2021
Motherboard: HP 8860
Processor: 11th Gen Intel(R) Core(TM) i7-11700 @ 2.50GHz
Percentage of memory in use: 59%
Total physical RAM: 16150.3 MB
Available physical RAM: 6590.21 MB
Total Virtual: 39702.3 MB
Available Virtual: 23943.26 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:319.61 GB) (Model: SAMSUNG MZVLQ512HBLU-00BH1) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:292.24 GB) (Model: ST1000DM003-1SB102) NTFS
\\?\Volume{4efb7d70-c6b3-4075-bb50-894b5eee25b6}\ (Windows RE tools) (Fixed) (Total:0.53 GB) (Free:0.06 GB) NTFS
\\?\Volume{8b724cff-e39f-415e-8ed0-00c6be5b12c3}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 3D11396B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 32F959BE)
Partition: GPT.
==================== End of Addition.txt =======================
|
|
04.01.2025, 22:17
| #3 | ||||
| /// TB-Ausbilder   | Kleiner Check nach Problemen Mein Name ist Matthias und ich werde dir bei der Analyse und Bereinigung deines Systems helfen. Zitat:
Oder war das ein beschränktes Konto? Aber wenn ich mir deine Accounts so ansehe, befürchte ich, dass das Kind einen Vollzugriff auf dein System hatte... ist meine Vermutung richtig?  Zitat:
Zitat:
Auf deinem System ist McAfee installiert: Zitat:
Falls ja, bitte die dazugehörige Logdatei posten. Du sollst keinen Suchlauf damit starten, nur Rückmeldung geben. McAfee kann den Schaden ohnehin nicht beheben... Die Logs zeigen schädliche Einträge, die auf Malware hindeuten. Um eine passende Reparatur anstoßen zu können, bräuchte ich Antworten auf die gestellten Fragen. Vielen Dank für deine Mitarbeit. Geändert von M-K-D-B (04.01.2025 um 22:35 Uhr) |
|
04.01.2025, 22:50
| #4 |
| | Kleiner Check nach Problemen Hallo Matthias, Frage1: mein Rechner war eingeschalten, als Besuch kam. Ich gab der Tochter meine kabellose Tastatur und Maus, damit sie durchs Internet surfen konnte, um sich zu beschäftigen. Welche Seiten sie besucht hat und was sie alles angeklickt hat kann ich nicht genau sagen, da ich mit den Eltern unterhalten hatte. Frage2: Nein hat sich nicht. Ist meine Vermutung. Seit dem Tag (vor 4 Tagen also Donnerstag) ist sogar die Schrift in den Windows-Fenster "verpixelt", also schlechte Auflösung. Frage3: McAfee hat nur VirusScan. Das ist mir gerade erst aufgefallen. Ich werde es aufwerten zu TotalProtection. An Virus wurde nichst erkannt. Noch eins: Seit Freitag wurde mein PW bei Gmail (somit auch bei YT geändert) und koimme nicht mehr an der identifizierung weiter. Ebenso hab ich Probleme beim Steam-Account. Vor einigen Stunden kam sogar auf mein Handy die Meldung, dass versucht wird mein Facebook-PW versucht das PW zu ändern. Wenn noch Fragen sind bitte stellen. Möchte so schnell wie möglich mit Deiner Hilfe wieder Ruhe zu finden. Daher denke ich, dass ich womöglich gehackt wurde. Grüße |
|
Gestern, 10:19
| #5 | ||||
| /// TB-Ausbilder | Kleiner Check nach Problemen Servus, Zitat:
Lass dir aber bitte sagen, dass das ein Fehler war. Sie hatte Adminrechte und damit wurde es der Schadsoftware sehr einfach gemacht.  Zitat:
Ob wir das "verpixelte" reparieren können, weiß ich nicht. Wir werden sehen. Eventuell hilft auch ein Update der Grafikkartentreiber... das klingt nämlich nicht typisch für Malware. Zitat:
Es genügt nicht, sich auf das Antivirenprogramm oder VPN zu verlassen. Wenn das nicht nochmal passieren soll, wirst du zukünftig dein gesamtes Sicherheitskonzept überdenken müssen, mehr dazu nach der Bereinigung.  Zitat:
Die Malware wurde wohl durch eine Person leichtsinnig aufs System gelassen... von Hacking kann man hier eigentlich nicht sprechen.  Du solltest nach der Bereinigung (wenn wir fertig sind) alle Zugangsdaten und Passwörter von allen Online-Diensten ändern. Wir beginnen zuerst mit einer Reparatur mit FRST. Dies wird einige Zeit dauern. Bitte gedulde dich. Weitere Schritte folgen. Wichtig Hinweise vorab:
Reparatur mit FRST HINWEIS AN ALLE MITLESER: Dieses FRST-Skript ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!
|
|
Gestern, 12:01
| #6 |
| | Kleiner Check nach Problemen Wie erklärt getan. Hier das Ergebnis. Wollte noch nen Screenshot beifügen, geht aber leider nicht (Fehlermeldung). Im übrigem habe ich noch gestern Nacht bzw. heute früh auf Total Protection aufgewertet. Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by ali_b (05-01-2025 13:29:36) Run:1
Running from C:\Users\ali_b\OneDrive\Desktop
Loaded Profiles: ali_b
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [MicrosoftEdgeAutoLaunch_51FA75F58421240AA0A293AA15CB097C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-12-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe (No File)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [AF_uuid_234330] => d4f7da7a-d797-4176-a386-5fec04ee2cd6************46b4245a-c31a-4602-a0ec- (No File)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [AF_counter_234330] => 2 (No File)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {9AD9E7D8-868F-47EF-861E-535BB14C96C4} - System32\Tasks\Telemetry update-S-1-5-21-3460174932 => C:\ProgramData\Local\Microsoft\Windows\Telemetry\wlanext32.exe (No File) <==== ATTENTION
C:\ProgramData\Local
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CHR Notifications: Profile 1 -> hxxps://www.tahtakaledenal.com
CMD: cscript /nologo %systemroot%\System32\slmgr.vbs /dlv
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winhttp reset proxy
CMD: Bitsadmin /Reset /Allusers
CMD: Winmgmt /salvagerepository
CMD: Winmgmt /verifyrepository
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: dism /online /cleanup-image /restorehealth
CMD: sfc /scannow
Hosts:
RemoveProxy:
EmptyTemp:
End::
*****************
Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb} => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\MRT => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center => removed successfully
"HKLM\Software\Policies\Microsoft\Windows\System\\EnableSmartScreen" => removed successfully
"HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftEdgeAutoLaunch_51FA75F58421240AA0A293AA15CB097C" => removed successfully
"HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\Software\Microsoft\Windows\CurrentVersion\Run\\vidnotifier.exe" => removed successfully
"HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AF_uuid_234330" => removed successfully
"HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AF_counter_234330" => removed successfully
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9AD9E7D8-868F-47EF-861E-535BB14C96C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AD9E7D8-868F-47EF-861E-535BB14C96C4}" => removed successfully
C:\windows\System32\Tasks\Telemetry update-S-1-5-21-3460174932 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Telemetry update-S-1-5-21-3460174932" => removed successfully
"C:\ProgramData\Local" Folder move:
C:\ProgramData\Local => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"Chrome Notifications" => removed successfully
========= cscript /nologo %systemroot%\System32\slmgr.vbs /dlv =========
Yazılım lisans hizmeti sürümü: 10.0.19041.5247
Ad: Windows(R), CoreSingleLanguage edition
Açıklama: Windows(R) Operating System, OEM_DM channel
Etkinleştirme Kimliği: ed799377-74b8-4989-a244-14d082e65972
Uygulama Kimliği: 55c92734-d682-4d71-983e-d6ec3f16059f
Uzatılmış PID: 03612-03273-107-389953-02-1031-19042.0000-3412021
Ürün Anahtarı Kanalı: OEM:DM
Yükleme Kimliği: 406926032337145940764938079641930654725844705536262539262093602
Kullanım Lisansı URL'si: https://activation-v2.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=DM
Doğrulama URL'si: https://validation-v2.sls.microsoft.com/SLWGA/slwga.asmx
Kısmi Ürün Anahtarı: MBHYP
Lisans Durumu: Lisanslı
Kalan Windows yeniden etkinleştirme sayısı: 998
Kalan SKU ilk duruma döndürme sayısı: 998
Güvenilen saat: 05.01.2025 13:29:46
========= End of CMD: =========
========= netsh winsock reset =========
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Ok.
========= End of CMD: =========
========= netsh winhttp reset proxy =========
Current WinHTTP proxy settings:
Direct access (no proxy server).
========= End of CMD: =========
========= Bitsadmin /Reset /Allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to cancel {0C9BB9A3-6141-424E-B769-BBDAF797D8D3}.
0 out of 1 jobs canceled.
========= End of CMD: =========
========= Winmgmt /salvagerepository =========
WMI repository is consistent
========= End of CMD: =========
========= Winmgmt /verifyrepository =========
WMI repository is consistent
========= End of CMD: =========
========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
========= dism /online /cleanup-image /restorehealth =========
Deployment Image Servicing and Management tool
Version: 10.0.19041.3636
Image Version: 10.0.19045.5247
[== 3.8% ]
[== 4.6% ]
[=== 5.6% ]
[=== 6.6% ]
[==== 7.5% ]
[==== 8.5% ]
[===== 9.5% ]
[===== 9.6% ]
[====== 10.6% ]
[====== 11.5% ]
[====== 11.7% ]
[======= 12.7% ]
[======= 13.7% ]
[======== 14.6% ]
[========= 15.6% ]
[========= 16.6% ]
[========== 17.6% ]
[========== 18.2% ]
[========== 18.6% ]
[=========== 19.5% ]
[=========== 20.2% ]
[============ 21.2% ]
[============ 22.2% ]
[============= 23.2% ]
[============== 24.2% ]
[============== 25.1% ]
[============== 25.5% ]
[============== 25.6% ]
[============== 25.7% ]
[============== 25.8% ]
[=============== 26.0% ]
[=============== 26.5% ]
[=============== 27.5% ]
[================ 28.5% ]
[================= 29.4% ]
[================= 30.4% ]
[================== 31.4% ]
[================== 32.4% ]
[=================== 33.4% ]
[=================== 33.9% ]
[==================== 34.5% ]
[==================== 35.3% ]
[===================== 36.3% ]
[===================== 37.3% ]
[====================== 38.3% ]
[====================== 39.2% ]
[======================= 40.2% ]
[======================= 41.2% ]
[======================== 42.2% ]
[========================= 43.2% ]
[========================= 44.2% ]
[========================== 44.8% ]
[========================== 45.4% ]
[========================== 45.5% ]
[========================== 46.5% ]
[===========================47.3% ]
[===========================47.8% ]
[===========================48.2% ]
[===========================48.4% ]
[===========================49.0% ]
[===========================49.4% ]
[===========================49.7% ]
[===========================49.7% ]
[===========================50.0% ]
[===========================50.7% ]
[===========================51.7% ]
[===========================52.2% ]
[===========================53.1% ]
[===========================54.1% ]
[===========================55.1% ]
[===========================55.8% ]
[===========================55.8% ]
[===========================55.9% ]
[===========================56.0% ]
[===========================56.0% ]
[===========================56.1% ]
[===========================56.1% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.3% ]
[===========================56.3% ]
[===========================56.4% ]
[===========================56.5% ]
[===========================56.5% ]
[===========================56.6% ]
[===========================56.6% ]
[===========================56.7% ]
[===========================56.8% ]
[===========================56.8% ]
[===========================56.8% ]
[===========================56.9%= ]
[===========================57.0%= ]
[===========================57.0%= ]
[===========================57.1%= ]
[===========================57.1%= ]
[===========================57.1%= ]
[===========================57.1%= ]
[===========================57.2%= ]
[===========================57.3%= ]
[===========================57.4%= ]
[===========================57.6%= ]
[===========================57.7%= ]
[===========================57.7%= ]
[===========================57.9%= ]
[===========================58.0%= ]
[===========================58.3%= ]
[===========================58.9%== ]
[===========================59.9%== ]
[===========================62.3%==== ]
[===========================84.9%================= ]
[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.
========= End of CMD: =========
========= sfc /scannow =========
Beginning system scan. This process will take some time.
Beginning verification phase of system scan.
Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 2% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 5% complete.
Verification 6% complete.
Verification 7% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 10% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 15% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 18% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 21% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 31% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 34% complete.
Verification 35% complete.
Verification 36% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 39% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 47% complete.
Verification 48% complete.
Verification 49% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 65% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 70% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 73% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 76% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.
Windows Resource Protection found corrupt files and successfully repaired them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 2359296 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 96029494 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 715296270 B
Windows/system/drivers => 177795956 B
Edge => 0 B
Chrome => 1125978562 B
Yandex => 14625143 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 4650767 B
systemprofile32 => 4650767 B
LocalService => 6989307 B
NetworkService => 7244453 B
ali_b => 932600703 B
RecycleBin => 7915316 B
EmptyTemp: => 2.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:34:40 ====
|
|
Gestern, 14:49
| #7 | |
| /// TB-Ausbilder | Kleiner Check nach Problemen Gut gemacht.  Schädliche Einträge wurden entfernt und die Systemdateien wurden auf Fehler überprüft. Aus der Logdatei: Zitat:
Du kannst das Bild (Screenshot) bei WeTransfer hochladen und mir dazu einen Link schicken. Wir führen eine zweite Reparatur mit FRST aus. Diese sollte nur ein paar Sekunden dauern. Reparatur mit FRST HINWEIS AN ALLE MITLESER: Dieses FRST-Skript ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!
|
|
Gestern, 14:54
| #8 |
| | Kleiner Check nach Problemen Gesagt getan Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by ali_b (05-01-2025 16:52:09) Run:2
Running from C:\Users\ali_b\OneDrive\Desktop
Loaded Profiles: ali_b
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start::
CloseProcesses:
2025-01-02 01:28 - 2025-01-02 01:28 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\ufcphsom
2025-01-02 01:21 - 2025-01-02 01:54 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\XMedia Recode
2025-01-02 01:04 - 2025-01-02 01:04 - 000000000 ____D C:\Users\ali_b\downloadtemp
2025-01-02 01:04 - 2025-01-02 01:04 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\TSHelpService
2025-01-02 02:17 - 2025-01-02 02:17 - 000000036 _____ C:\Users\ali_b\AppData\Local\_LOCAL_GUID
2025-01-02 02:17 - 2025-01-02 02:17 - 000000000 ____H C:\Users\ali_b\MJKJRegInfo_JSOIGNLOFVI6W4DODRL5DLLUHYENUXTM
2025-01-02 02:35 - 2025-01-02 02:35 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\edcf
Reboot:
End::
*****************
Processes closed successfully.
"C:\Users\ali_b\AppData\Roaming\ufcphsom" Folder move:
C:\Users\ali_b\AppData\Roaming\ufcphsom => moved successfully
"C:\Users\ali_b\AppData\Roaming\XMedia Recode" Folder move:
C:\Users\ali_b\AppData\Roaming\XMedia Recode => moved successfully
"C:\Users\ali_b\downloadtemp" Folder move:
C:\Users\ali_b\downloadtemp => moved successfully
"C:\Users\ali_b\AppData\Roaming\TSHelpService" Folder move:
C:\Users\ali_b\AppData\Roaming\TSHelpService => moved successfully
C:\Users\ali_b\AppData\Local\_LOCAL_GUID => moved successfully
C:\Users\ali_b\MJKJRegInfo_JSOIGNLOFVI6W4DODRL5DLLUHYENUXTM => moved successfully
"C:\Users\ali_b\AppData\Roaming\edcf" Folder move:
C:\Users\ali_b\AppData\Roaming\edcf => moved successfully
The system needed a reboot.
==== End of Fixlog 16:52:11 ====
|
|
Gestern, 14:56
| #9 |
| /// TB-Ausbilder | Kleiner Check nach Problemen Wow, das ging ja flott. Nun führen wir eine Kontrolle mit FRST durch. Suchlauf mit FRST
|
|
Gestern, 16:21
| #10 |
| | Kleiner Check nach ProblemenFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-01-2025
Ran by ali_b (administrator) on DESKTOP-G9F6VUF (HP HP Pavilion Gaming Desktop TG01-2xxx) (05-01-2025 18:18:56)
Running from C:\Users\ali_b\OneDrive\Desktop\FRST64.exe
Loaded Profiles: ali_b
Platform: Microsoft Windows 10 Home Single Language Version 22H2 19045.5247 (X64) Language: Türkçe (Türkiye)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(audiodg.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(audiodg.exe ->) (Corsair Components, Inc. -> Corsair Components, Inc.) D:\Corsair\HeadsetControlPanel.exe
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.24.167.1\extnhost\mc-extn-browserhost.exe
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(D:\GIMP 2\bin\gimp-2.10.exe ->) (Jernej Simončič -> Spencer Kimball, Peter Mattis and the GIMP Development Team) D:\GIMP 2\lib\gimp\2.0\plug-ins\script-fu\script-fu.exe
(D:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\BridgeCommunication.exe <2>
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(explorer.exe ->) (Jernej Simončič -> Spencer Kimball, Peter Mattis and the GIMP Development Team) D:\GIMP 2\bin\gimp-2.10.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2412.1001.22.0_x64__8wekyb3d8bbwe\XboxPcTray.exe
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\steam.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVerMedia TECHNOLOGIES, INC. -> AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7aa6ca9dbb25bff8\jhi_service.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.24.167.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdc.inf_amd64_a40f4449e80e2ef2\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee, LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.24.167.1\neo\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2412.1001.22.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2410.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2021-08-17] (Corel Corporation -> WinZip Computing, S.L.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3138560 2023-01-11] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [851928 2022-08-22] (DIVX LLC -> DivX, LLC)
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => D:\Corsair\HeadsetControlPanel.exe [2918152 2014-08-18] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [Steam] => d:\Steam\steam.exe [4412512 2024-12-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3412576 2024-12-13] (Electronic Arts, Inc. -> Electronic Arts)
HKLM\...\Windows x64\Print Processors\Canon E410 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDJ.DLL [30720 2016-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor E410 series: C:\windows\system32\CNMLMDJ.DLL [484352 2016-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-19] (Google LLC -> Google LLC)
Startup: C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar51.lnk [2022-10-20]
ShortcutTarget: Sidebar51.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2021-11-17]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {78E27041-221F-45F8-A8F5-49AB69825A6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {C0EAA437-8301-4C1D-945C-899517B64543} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68056 2022-08-22] (DIVX LLC -> DivX, LLC)
Task: {A7111BA1-F206-4679-AF01-7EDF6F13553B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{A1AFB225-0428-438B-996F-598D610CF758} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {5D809019-F36D-493C-A9D9-0054FFE71904} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003528 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {4F3AABC6-B020-43B1-8794-B9AFF82F0F38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2024-12-17] (HP Inc. -> HP Inc.)
Task: {A6609191-D1EE-401A-AA74-20E6E8CCD986} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1170440 2024-12-17] (HP Inc. -> HP Inc.)
Task: {AD82DDD8-5796-4C93-83E0-04094F10B304} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {468AF0B8-2014-467D-9AFC-A1147BD6B701} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60880 2024-01-11] (HP Inc. -> HP Inc.)
Task: {9F877C7A-1F31-4068-A057-0D1FDDB30703} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60880 2024-01-11] (HP Inc. -> HP Inc.)
Task: {DA8EF575-95C5-48AD-84EA-E28F48D59260} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {E43E5C55-AD00-44CA-8BA5-F1D8633FEE41} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {C5EBE2E7-0B1F-4703-8E3D-506864F41145} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {F271E4B9-7A19-495E-826B-571100331DAF} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {0E7FF967-2796-42C0-9C63-09C441EB0FA6} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\WPS\1.24.167.1\sustainability\mc-sustainability.exe [958176 2024-12-13] (McAfee, LLC -> McAfee, LLC)
Task: {B59C9093-C3B7-47A0-8851-40DABBEC383C} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.24.167.1\dad\mc-dad.exe [2675552 2024-12-13] (McAfee, LLC -> McAfee, LLC)
Task: {46CF7393-6C83-4E1D-8058-AD83F45B5BF6} - System32\Tasks\McAfee\WPS\McAfee Message Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {C4996C94-77BA-4956-B3AD-F78EDEEDBCA6} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {47656533-BCCF-496A-B499-6672877A6D42} - System32\Tasks\McAfee\WPS\McAfee restart of PC => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {218666F2-3D00-4968-BBC4-310321DC3E93} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {C172D237-DC51-422F-A701-28750BE6ADD2} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {8E846341-9E64-4222-B1EE-E661B3F0FF22} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.24.167.1\mc-update.exe [3334032 2024-12-13] (McAfee, LLC -> McAfee, LLC)
Task: {4CEDEB0A-2F7C-4AB6-BF5D-5E4E60AB45BA} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {8D3BE26D-EAE8-4DB3-93AD-F0EDF8C077C3} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\WPS\1.24.167.1\mc-wns-client\mc-wns-client.exe [935976 2024-12-13] (McAfee, LLC -> )
Task: {9775EF85-B731-4072-81D2-4680D73B151C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {26C874DE-4FC9-497A-B93E-501877604CA8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {85FF0D1E-9B07-406E-9969-3BFD9200B68B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9CBF4A2-358C-4B88-B289-F83B6ADC1834} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F341FDE9-05AB-466C-A462-4B7D9A885537} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [186992 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A68A726-B324-4ED6-9C74-CD84DE1795E4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {623171E2-B004-4A3B-94EF-84D681CEE192} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7F50C329-4BB3-4ABD-A8D1-DF6AFD44FFC3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E188BE51-54AC-4EE5-9B5B-104C040596CB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {1DA2BBBB-9B85-4FBC-95D0-F95C91BF0F0F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E60514E-D189-4AD6-9BAD-739927AA163C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C8A76CC-D931-42D4-B8E3-0761B9CF76D1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7695B6A-A684-4E9F-95B5-F86E97CC3642} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC6C9388-409D-4CA6-83AE-E039626D2226} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB931CC0-D2AD-4520-B52D-8CD6AE66503C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F4D703A-C94E-4052-BA65-23D9EAF783A8} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [71632 2024-12-13] (HP Inc. -> HP Inc.)
Task: {C710B4A4-CA98-495C-8492-8CAD3E8B0CA5} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [71632 2024-12-13] (HP Inc. -> HP Inc.)
Task: {F744ECEB-D9E7-46D6-B832-BA7E18E4ECB8} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [67024 2024-12-13] (HP Inc. -> HP Inc.)
Task: {9F8AA907-34C2-4CB7-A270-7E63A1941A58} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [67024 2024-12-13] (HP Inc. -> HP Inc.)
Task: {95555EF2-DCB7-4B03-AC36-84D011DC3104} - System32\Tasks\RtkAudUService64_BG => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {556583BC-8B96-4062-B360-D82C3064F9D3} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [152048 2022-11-18] (HP Inc. -> HP Inc.)
Task: {30FA7B8E-509A-406F-9B4A-DFA9FCA7547A} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
Task: {329931A7-F5F8-49AF-A150-0C7BB3D0C83D} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
Task: {005D1EB9-B0FF-4842-A973-A6737FA50DB3} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{507b289c-f15b-41df-bf8f-4bbaa984ed9c}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{b65a5150-3e30-4e18-99b9-9f5bdf3ce9e0}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-04]
Edge DownloadDir: Default -> C:\Users\ali_b\OneDrive\Desktop
Edge HomePage: Default -> hxxp://www.google.de/
Edge StartupUrls: Default -> "hxxp://search.mpc.am/"
Edge Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cdbkakmeogejmlpgioplhjkaablahbmj [2024-02-15]
Edge Extension: (McAfee® WebAdvisor) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2024-12-21]
Edge Extension: (Google Dokümanlar Çevrimdışı) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-21]
Edge Extension: (Adblock Plus - ücretsiz reklam engelleyici) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-12-21]
Edge Extension: (AdGuard VPN — ücretsiz ve güvenli proxy) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hhdobjgopfphlmjbmnpglhfcgppchgje [2024-12-31]
Edge Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ighhnpmaabelnfcbbkijikgghajbiaml [2024-02-15]
Edge Extension: (Edge relevant text changes) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-15]
Edge Extension: (ZenMate Ücretsiz VPN - Edge için En İyi VPN) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kepdippgcikacmcdaijnponnfgljfbea [2024-02-15]
Edge Extension: (AdBlock — en iyi reklam engelleyici) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-12-21]
Edge Extension: (AdGuard Reklam Engelleyici) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2024-12-31]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2024-03-25] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-13] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default [2025-01-05]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-01-01]
CHR Extension: (McAfee® Web Boost) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\klekeajafkkpokaofllcadenjdckhinm [2023-05-18]
CHR Extension: (Online Security) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2024-04-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-16]
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-01-05]
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-01-05]
CHR Notifications: Profile 1 -> hxxps://www.youtube.com
CHR HomePage: Profile 1 -> hxxp://www.google.de/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.de/"
CHR Extension: (AdGuard Werbeblocker) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2024-12-27]
CHR Extension: (Touch VPN – Kostenloses VPN und kostenloser Proxy) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2023-09-27]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-12-18]
CHR Extension: (Adblock für Youtube™) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2024-12-24]
CHR Extension: (Adblock Ad Blocker Pro) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dgjbaljgolmlcmmklmmeafecikidmjpi [2024-12-19]
CHR Extension: (VPN Kostenlos ZenMate - Free VPN für Chrome) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2024-05-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-12-20]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-12-18]
CHR Extension: (Adblock Unlimited - Adblocker) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jiaopkfkampgnnkckajcbdgannoipcne [2024-07-06]
CHR Extension: (Avengers Assemble) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kaplllhgohhnjpfldlglneignfjlenac [2021-11-16]
CHR Extension: (McAfee® Web Boost) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klekeajafkkpokaofllcadenjdckhinm [2022-11-11]
CHR Extension: (Kostenloses VPN für Chrome - VPN Proxy VeePN) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2025-01-04]
CHR Extension: (Microsoft 365) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2023-12-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-16]
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\System Profile [2025-01-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
Yandex:
=======
YAN Profile: C:\Users\ali_b\AppData\Local\Yandex\YandexBrowser\User Data\Default [2025-01-05]
YAN DownloadDir: C:\Users\ali_b\OneDrive\Desktop
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [1930848 2018-03-31] (AVerMedia TECHNOLOGIES, INC. -> AVerMedia TECHNOLOGIES, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512888 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19068000 2024-12-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\AppHelperCap.exe [912480 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\DiagsCap.exe [910944 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe [906848 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe [755152 2023-10-19] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-11] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe [911480 2024-11-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446360 2022-04-27] (Canon Inc. -> )
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.24.167.1\mc-fw-host.exe [2592000 2024-12-13] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.24.167.1\mc-update.exe [3334032 2024-12-13] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [926176 2024-12-13] (McAfee, LLC -> McAfee, LLC)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\windows\System32\DriverStore\FileRepository\nvhdc.inf_amd64_a40f4449e80e2ef2\Display.NvContainer\NVDisplay.Container.exe [1275432 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVer330USB; C:\windows\system32\DRIVERS\AVer330USB.sys [1551616 2015-04-09] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 CorsairAudioFilter; C:\windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-14] (Corsair Components, Inc. -> Corsair Components, Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
R2 HpReadHWData; C:\windows\system32\drivers\HpReadHWData.sys [57952 2024-12-13] (HP Inc. -> Windows (R) Win 7 DDK provider)
S0 mfeelam; C:\windows\System32\DRIVERS\mfeelam.sys [19536 2024-12-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> McAfee, LLC)
R0 mfesec; C:\windows\System32\DRIVERS\mfesec.sys [76000 2024-12-13] (McAfee, LLC -> McAfee, LLC)
R1 rtf64; C:\windows\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 ViGEmBus; C:\windows\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [22104 2024-11-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [606624 2024-11-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-20] (Microsoft Windows -> Microsoft Corporation)
U4 Sense; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-05 17:41 - 2025-01-05 17:41 - 000023244 _____ C:\Users\ali_b\AppData\Local\recently-used.xbel
2025-01-05 16:59 - 2025-01-05 16:59 - 005779809 _____ C:\Users\ali_b\OneDrive\Desktop\Youtube Kanalbild Template 2018 - DigitaleWelt.zip
2025-01-05 16:59 - 2018-05-25 18:12 - 011291043 _____ C:\Users\ali_b\OneDrive\Desktop\Youtube Kanalbild Template 2018 - DigitaleWelt.psd
2025-01-05 13:29 - 2025-01-05 16:52 - 000001877 _____ C:\Users\ali_b\OneDrive\Desktop\Fixlog.txt
2025-01-05 01:34 - 2025-01-05 01:34 - 006072568 _____ (McAfee, LLC) C:\Users\ali_b\OneDrive\Desktop\McAfee_Installer_serial_8JrXKCbhNYYTJSLKOf4PMQ2_key_affid_647_akey.exe
2025-01-05 01:09 - 2025-01-05 01:09 - 006072568 _____ (McAfee, LLC) C:\Users\ali_b\OneDrive\Desktop\McAfee_Installer_serial_6SKo1G7eya2hIHO0u8_sBA2_key_affid_647_akey.exe
2025-01-04 23:09 - 2025-01-04 23:09 - 002380800 _____ C:\Users\ali_b\OneDrive\Desktop\SteamSetup.exe
2025-01-04 20:43 - 2025-01-05 18:19 - 000038334 _____ C:\Users\ali_b\OneDrive\Desktop\FRST.txt
2025-01-04 20:43 - 2025-01-04 20:44 - 000088477 _____ C:\Users\ali_b\OneDrive\Desktop\Addition.txt
2025-01-04 20:42 - 2025-01-05 18:19 - 000000000 ____D C:\FRST
2025-01-04 20:42 - 2025-01-04 20:42 - 002403840 _____ (Farbar) C:\Users\ali_b\OneDrive\Desktop\FRST64.exe
2025-01-03 21:50 - 2025-01-03 21:50 - 000000446 _____ C:\Users\ali_b\OneDrive\Desktop\Backup-codes-cananbirol34.txt
2025-01-02 19:31 - 2025-01-02 19:56 - 000001361 _____ C:\Users\ali_b\OneDrive\Desktop\FreemakeVC.exe.lnk
2025-01-02 14:41 - 2025-01-02 14:41 - 000001529 _____ C:\Users\ali_b\OneDrive\Desktop\DaVinci Resolve.lnk
2025-01-02 14:40 - 2025-01-02 14:41 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2025-01-02 14:40 - 2025-01-02 14:40 - 000000000 ____D C:\ProgramData\Blackmagic Design
2025-01-02 14:39 - 2025-01-02 14:39 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2025-01-02 02:59 - 2025-01-02 02:59 - 000000000 ____D C:\ProgramData\Freemake
2025-01-02 02:17 - 2025-01-04 01:07 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Any Video Converter
2025-01-02 02:17 - 2025-01-02 02:20 - 000000000 ____D C:\Users\ali_b\OneDrive\Dokumente\Any Video Converter
2025-01-02 02:15 - 2025-01-02 02:15 - 000001124 _____ C:\Users\ali_b\OneDrive\Desktop\Any Video Converter.lnk
2025-01-02 02:15 - 2025-01-02 02:15 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvsoft
2025-01-02 02:15 - 2025-01-02 02:15 - 000000000 ____D C:\Program Files\Anvsoft
2025-01-02 01:04 - 2025-01-02 01:04 - 000000000 ____D C:\Users\ali_b\AppData\Local\HitPawCNV
2025-01-02 01:03 - 2025-01-02 01:28 - 000000000 ____D C:\Users\ali_b\AppData\Local\HitPaw Software
2025-01-02 01:02 - 2025-01-02 01:28 - 000000000 ____D C:\Program Files (x86)\HitPaw
2025-01-02 00:39 - 2025-01-02 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2024-12-31 20:58 - 2025-01-01 22:58 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\obs-studio
2024-12-31 17:55 - 2024-12-31 17:55 - 000000000 ____D C:\Users\ali_b\OneDrive\Dokumente\Foxy Voxel
2024-12-31 17:54 - 2024-12-31 20:42 - 000000016 _____ C:\Users\ali_b\AppData\Roaming\obs-virtualcam.txt
2024-12-31 15:08 - 2024-12-31 15:08 - 000000000 ____D C:\Users\ali_b\OneDrive\Dokumente\Blackmagic Design
2024-12-31 15:07 - 2024-12-31 15:07 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Blackmagic Design
2024-12-31 15:07 - 2024-12-31 15:07 - 000000000 ____D C:\Users\ali_b\AppData\Local\DaVinci Resolve Welcome
2024-12-30 19:56 - 2024-12-30 19:56 - 000000000 ____D C:\Users\ali_b\AppData\Local\ContractVille
2024-12-30 15:36 - 2024-12-30 15:36 - 000000203 _____ C:\Users\ali_b\OneDrive\Desktop\ContractVille.url
2024-12-23 16:12 - 2024-12-23 16:12 - 000000000 ____D C:\Users\ali_b\AppData\Local\CenterStationV1
2024-12-23 15:40 - 2024-12-23 15:40 - 000000203 _____ C:\Users\ali_b\OneDrive\Desktop\Center Station Simulator.url
2024-12-17 19:28 - 2024-12-17 19:28 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-12-16 16:45 - 2024-12-16 16:45 - 004906380 _____ C:\windows\Minidump\121624-11500-01.dmp
2024-12-13 19:11 - 2024-12-13 19:11 - 000022205 _____ C:\windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-13 19:11 - 2024-12-13 19:11 - 000022205 _____ C:\windows\system32\IntegratedServicesRegionPolicySet.json
2024-12-13 18:08 - 2024-12-13 18:08 - 000000000 ___HD C:\$WinREAgent
2024-12-10 01:17 - 2024-12-10 01:17 - 003451100 _____ C:\windows\Minidump\121024-16734-01.dmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2031-06-28 11:43 - 2022-05-10 10:27 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\StardewValley
2025-01-05 18:16 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-05 17:53 - 2021-11-20 14:27 - 000000000 ____D C:\Users\ali_b\AppData\Local\Sidebar7
2025-01-05 17:50 - 2022-10-17 00:01 - 000000000 ____D C:\Users\ali_b\AppData\Local\OGH
2025-01-05 17:41 - 2021-12-11 18:01 - 000000000 ____D C:\Users\ali_b\AppData\Local\gtk-2.0
2025-01-05 17:00 - 2021-12-11 17:42 - 000000000 ____D C:\Users\ali_b\AppData\Local\babl-0.1
2025-01-05 16:59 - 2021-09-21 19:08 - 000756586 _____ C:\windows\system32\perfh01F.dat
2025-01-05 16:59 - 2021-09-21 19:08 - 000173774 _____ C:\windows\system32\perfc01F.dat
2025-01-05 16:59 - 2020-05-06 12:03 - 001861072 _____ C:\windows\system32\PerfStringBackup.INI
2025-01-05 16:59 - 2019-12-07 12:13 - 000000000 ____D C:\windows\INF
2025-01-05 16:54 - 2021-09-21 08:47 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-05 16:52 - 2021-11-16 13:48 - 000000000 ____D C:\Users\ali_b
2025-01-05 16:52 - 2020-05-06 11:58 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-05 16:52 - 2020-05-06 11:58 - 000000006 ____H C:\windows\Tasks\SA.DAT
2025-01-05 16:52 - 2019-12-07 12:14 - 000000000 ____D C:\windows\ServiceState
2025-01-05 16:52 - 2019-12-07 12:03 - 000786432 _____ C:\windows\system32\config\BBI
2025-01-05 15:49 - 2020-05-06 11:58 - 000000000 ____D C:\windows\system32\SleepStudy
2025-01-05 15:35 - 2024-06-19 11:13 - 000004198 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{4ED26314-62CD-41AF-B0F4-C2E98EA233F0}
2025-01-05 13:32 - 2019-12-07 12:03 - 000000000 ____D C:\windows\CbsTemp
2025-01-05 01:20 - 2021-11-16 14:21 - 000000000 ____D C:\Users\ali_b\AppData\Local\Steam
2025-01-05 01:10 - 2021-12-01 00:34 - 000000000 ____D C:\Users\ali_b\AppData\Local\CrashDumps
2025-01-04 19:10 - 2021-11-19 15:46 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\vlc
2025-01-04 11:31 - 2019-12-07 12:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-04 11:31 - 2019-12-07 12:14 - 000000000 ____D C:\windows\AppReadiness
2025-01-02 14:34 - 2023-09-23 20:45 - 000000000 ____D C:\Users\ali_b\AppData\Local\cache
2025-01-02 02:58 - 2023-03-04 00:28 - 000000000 ____D C:\Program Files (x86)\Freemake
2025-01-02 02:44 - 2021-12-11 20:52 - 000000000 ____D C:\Users\ali_b\AppData\Local\FreemakeVideoConverter
2025-01-02 02:19 - 2021-11-16 13:54 - 000000000 ____D C:\Users\ali_b\AppData\Local\D3DSCache
2025-01-01 23:36 - 2021-11-16 13:54 - 000000000 ____D C:\Users\ali_b\AppData\Local\Packages
2025-01-01 05:22 - 2022-11-08 12:26 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-12-31 20:58 - 2024-03-13 14:37 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-12-31 20:58 - 2024-03-13 14:37 - 000000000 ____D C:\ProgramData\obs-studio
2024-12-31 20:58 - 2024-03-13 14:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2024-12-31 20:55 - 2024-03-13 14:37 - 000000000 ____D C:\Program Files\obs-studio
2024-12-31 17:55 - 2022-11-06 21:16 - 000000000 ____D C:\Users\ali_b\AppData\LocalLow\Unity
2024-12-31 14:17 - 2024-03-26 20:26 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\paradox-launcher-v2
2024-12-31 11:38 - 2021-12-13 10:46 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Audacity
2024-12-30 22:51 - 2022-12-16 21:13 - 000000000 ____D C:\Users\ali_b\OneDrive\Desktop\YT Downloads
2024-12-30 15:36 - 2021-11-16 14:33 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-12-24 03:42 - 2022-01-28 21:13 - 000000000 ____D C:\windows\SystemTemp
2024-12-23 16:12 - 2021-11-22 12:29 - 000000000 ____D C:\Users\ali_b\AppData\Local\UnrealEngine
2024-12-21 20:17 - 2021-09-21 08:20 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-21 10:11 - 2021-09-21 08:20 - 000003622 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-21 10:11 - 2021-09-21 08:20 - 000003498 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-19 23:37 - 2021-11-16 14:03 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-17 19:28 - 2021-09-21 08:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-12-17 19:28 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-12-17 11:35 - 2021-12-11 20:26 - 000003592 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2266882305-1638506966-3997672796-1001
2024-12-17 11:35 - 2021-11-16 13:56 - 000003380 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2266882305-1638506966-3997672796-1001
2024-12-17 11:35 - 2021-11-16 13:48 - 000002364 _____ C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-16 16:45 - 2022-10-22 19:06 - 1462450221 _____ C:\windows\MEMORY.DMP
2024-12-16 16:45 - 2021-12-11 21:35 - 000000000 ____D C:\windows\Minidump
2024-12-14 14:00 - 2024-01-31 10:44 - 000004290 _____ C:\windows\system32\Tasks\OmenInstallMonitorCustomEvent
2024-12-14 14:00 - 2024-01-31 10:44 - 000004230 _____ C:\windows\system32\Tasks\OmenOverlayCustomEvent
2024-12-14 14:00 - 2023-09-13 11:20 - 000003888 _____ C:\windows\system32\Tasks\OmenInstallMonitor
2024-12-14 14:00 - 2023-09-13 11:20 - 000003828 _____ C:\windows\system32\Tasks\OmenOverlay
2024-12-14 01:15 - 2020-05-06 11:58 - 000699840 _____ C:\windows\system32\FNTCACHE.DAT
2024-12-14 01:14 - 2024-07-11 01:01 - 000000000 ____D C:\windows\system32\compatrel
2024-12-14 01:14 - 2021-09-21 19:42 - 000000000 ____D C:\windows\TextInput
2024-12-14 01:14 - 2021-09-21 19:42 - 000000000 ____D C:\windows\HoloShell
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ___RD C:\windows\PrintDialog
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\SysWOW64\setup
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\SystemResources
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\ShellExperiences
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\setup
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\oobe
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\appraiser
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\ShellExperiences
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\ShellComponents
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\bcastdvr
2024-12-13 19:15 - 2023-06-22 11:51 - 000057952 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\HpReadHWData.sys
2024-12-13 19:11 - 2020-05-06 12:01 - 003016192 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2024-12-13 18:12 - 2023-05-18 17:51 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-12-13 18:12 - 2023-05-18 17:44 - 000004562 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2024-12-13 18:09 - 2023-11-08 23:01 - 000076000 _____ (McAfee, LLC) C:\windows\system32\Drivers\mfesec.sys
2024-12-13 18:09 - 2023-11-08 23:01 - 000019536 _____ (McAfee, LLC) C:\windows\system32\Drivers\mfeelam.sys
2024-12-13 18:09 - 2019-12-07 12:14 - 000000000 ___HD C:\windows\ELAMBKUP
2024-12-13 18:07 - 2023-09-23 20:45 - 000000000 ____D C:\ProgramData\EA Desktop
2024-12-06 17:59 - 2022-05-15 14:13 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Word
==================== Files in the root of some directories ========
2024-12-31 17:54 - 2024-12-31 20:42 - 000000016 _____ () C:\Users\ali_b\AppData\Roaming\obs-virtualcam.txt
2025-01-05 17:41 - 2025-01-05 17:41 - 000023244 _____ () C:\Users\ali_b\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
[CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by ali_b (05-01-2025 18:19:31)
Running from C:\Users\ali_b\OneDrive\Desktop
Microsoft Windows 10 Home Single Language Version 22H2 19045.5247 (X64) (2021-11-16 07:24:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2266882305-1638506966-3997672796-500 - Administrator - Disabled)
ali_b (S-1-5-21-2266882305-1638506966-3997672796-1001 - Administrator - Enabled) => C:\Users\ali_b
Guest (S-1-5-21-2266882305-1638506966-3997672796-501 - Limited - Disabled)
VarsayılanHesap (S-1-5-21-2266882305-1638506966-3997672796-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2266882305-1638506966-3997672796-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: McAfee (Enabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6}
FW: McAfee (Enabled) {33DABA11-0345-2098-851C-6841DCAA8BCD}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
8GadgetPack (HKLM-x32\...\{A84C39EA-54FE-4CED-B464-97DA9201EB33}) (Version: 35.0.0 - 8GadgetPack.net)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Any Video Converter 9.0.6 (HKLM-x32\...\Any Video Converter) (Version: 9.0.6 - Anvsoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AVerMedia GL710 Live Gamer Portable 3.7.64.39 (HKLM-x32\...\AVerMedia GL710 Live Gamer Portable) (Version: 3.7.64.39 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.3.0.117.2018101201 - AVerMedia Technologies, Inc.)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Blackmagic RAW Common Components (HKLM\...\{B276A28D-9003-4448-B993-2F85E3D3919B}) (Version: 4.3 - Blackmagic Design)
Camtasia 2021 (HKLM\...\{B39F9987-BA62-48CA-9F46-47B7113121E1}) (Version: 21.0.1.30582 - TechSmith Corporation) Hidden
Camtasia 2021 (HKLM-x32\...\{d948d4d1-c53f-4451-8fc9-381b6e1c891b}) (Version: 21.0.1.30582 - TechSmith Corporation)
Canon E410 series Benutzerregistrierung (HKLM-x32\...\Canon E410 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon E410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_E410_series) (Version: 1.02 - Canon Inc.)
Canon E410 series On-screen Manual (HKLM-x32\...\Canon E410 series On-screen Manual) (Version: 1.0.0 - Canon Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Cheat Engine 7.5 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
Corsair Gaming Headset Software (HKLM-x32\...\{6118E939-08B6-4180-8B5B-97836617813B}) (Version: 2.0.35 - Corsair)
DaVinci Resolve (HKLM\...\{81250E7D-5132-434E-9FBB-0B66E2B57EA1}) (Version: 19.1.20003 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{3739CA49-792F-4F1F-9B76-42DFBBBED27E}) (Version: 2.3.0.0 - Blackmagic Design)
DivX-Setup (HKLM\...\DivX Setup) (Version: 10.8.10.0 - DivX, LLC)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.363.3.5877 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{a7151cd1-211b-4578-8af5-f4c6016a3e54}) (Version: 13.363.3.5877 - Electronic Arts)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.15 - Blackmagic Design)
GIMP 2.10.28 (HKLM\...\GIMP-2_is1) (Version: 2.10.28 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.205 - Google LLC)
Google Earth Pro (HKLM\...\{3470AD08-85F2-4B1D-8487-FC4750732087}) (Version: 7.3.6.9796 - Google)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logitech SetPoint 6.90 (HKLM\...\sp6) (Version: 6.90.66 - Logitech)
McAfee (HKLM\...\McAfee.WPS) (Version: 1.24.167.1 - McAfee, LLC)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.995 - McAfee, LLC)
Microsoft .NET Host - 6.0.11 (x64) (HKLM\...\{B92B890A-04F2-4880-BA20-20D4364FB263}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.11 (x64) (HKLM\...\{5E63E49B-C88C-46C5-855C-A7B07C11CDC8}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.11 (x64) (HKLM\...\{C3DD1448-513A-4DB8-978D-6991562EA63D}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - tr-tr (HKLM\...\O365HomePremRetail - tr-tr) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.112 - Microsoft Corporation)
Microsoft Edge WebView2 Çalışma Zamanı (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\OneDriveSetup.exe) (Version: 24.226.1110.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM\...\{A39D4115-3A27-4245-AE92-3214B8B21932}) (Version: 48.47.50419 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM-x32\...\{c4846f79-a633-4ae4-92a3-92fdbeb33da2}) (Version: 6.0.11.31823 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafik Sürücüsü 552.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 552.41 - NVIDIA Corporation)
NVIDIA PhysX Sistem Yazılımı 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 31.0.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20162 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041F-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{8C5CF4CE-D589-40B4-A77F-01FD64602C50}) (Version: 2.4.0 - Paradox Interactive)
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.9.12 - Black Tree Gaming Ltd.)
Windows PC Sistem Durumu Denetimi (HKLM\...\{069FF0BE-DDC4-41D8-8799-CEAA1A506840}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.02 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
WinZip 26.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2413B}) (Version: 26.0.14610 - Corel Corporation)
Chrome apps:
============
Dokumente (HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\ce89e0695af63e9746b26600f1160b7f) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-13] ()
Dropbox-Sonderaktion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.27.0_x64__xbfy0k16fey96 [2024-12-31] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.29.257.0_x64__v10z8vjag6ke6 [2024-12-31] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.6.4.0_x64__v10z8vjag6ke6 [2024-12-13] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-12-31] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2022-09-11] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.41.29.0_x64__v10z8vjag6ke6 [2024-12-22] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6 [2024-12-14] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-12-31] (INTEL CORP)
McAfee -> C:\Program Files\McAfee\wps\1.24.167.1 [2024-12-14] ()
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2025-01-01] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2024-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-12-31] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6 [2024-11-28] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-25] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6 [2024-12-14] (HP Inc.) [Startup Task]
Solitär -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.22.0_x64__kx24dqmazqk8j [2024-12-31] (Random Salad Games LLC)
Spotify – Musik und Podcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0 [2024-12-22] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm [2024-12-22] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-11-09] (Microsoft Corp.)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-05-07] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-11-27] (Microsoft Corp.)
Windows App Runtime DDLM 3000.882.2207.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x6_3000.882.2207.0_x64__8wekyb3d8bbwe [2024-01-07] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x8_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-11-08] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-05-07] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2024-05-07] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\ali_b\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\ali_b\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001_Classes\CLSID\{e41a3aef-5c40-4832-922f-c8c0a8720acf}\localserver32 -> C:\Program Files\TechSmith\Camtasia 2021\CamtasiaStudio.exe (TechSmith Corporation -> TechSmith Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-03-31] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2022-01-23] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2022-01-23] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.24.167.1\mc-ctxmnu.dll [2024-12-13] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2021-08-17] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-03-31] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2021-08-17] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\System32\DriverStore\FileRepository\nvhdc.inf_amd64_a40f4449e80e2ef2\nvshext.dll [2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.24.167.1\mc-ctxmnu.dll [2024-12-13] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2021-08-17] (Corel Corporation -> WinZip Computing)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\ali_b\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Ali - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
==================== Loaded Modules (Whitelisted) =============
2022-10-20 11:15 - 2021-07-13 09:09 - 000014848 _____ () [File not signed] C:\Users\ali_b\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\AccentColor.64.dll
2024-12-13 19:08 - 2024-12-13 19:08 - 000138240 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\f1c970a90cd1f16bf4716517b0d46346\Interop.IWshRuntimeLibrary.ni.dll
2021-12-11 17:54 - 2020-12-22 23:17 - 000051105 _____ () [File not signed] D:\GIMP 2\bin\libamd.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000415665 _____ () [File not signed] D:\GIMP 2\bin\libbabl-0.1-0.dll
2021-12-11 17:54 - 2021-07-12 09:42 - 000142883 _____ () [File not signed] D:\GIMP 2\bin\libbrotlicommon.dll
2021-12-11 17:54 - 2021-07-12 09:42 - 000052362 _____ () [File not signed] D:\GIMP 2\bin\libbrotlidec.dll
2021-12-11 17:54 - 2020-12-22 19:31 - 000099146 _____ () [File not signed] D:\GIMP 2\bin\libbz2-1.dll
2021-12-11 17:54 - 2021-05-04 18:36 - 001092609 _____ () [File not signed] D:\GIMP 2\bin\libcairo-2.dll
2021-12-11 17:54 - 2021-05-04 18:36 - 000035092 _____ () [File not signed] D:\GIMP 2\bin\libcairo-gobject-2.dll
2021-12-11 17:54 - 2020-12-22 23:17 - 000056768 _____ () [File not signed] D:\GIMP 2\bin\libcamd.dll
2021-12-11 17:54 - 2020-12-22 23:17 - 000055117 _____ () [File not signed] D:\GIMP 2\bin\libccolamd.dll
2021-12-11 17:54 - 2020-12-22 23:17 - 001148533 _____ () [File not signed] D:\GIMP 2\bin\libcholmod.dll
2021-12-11 17:54 - 2020-12-22 23:17 - 000037197 _____ () [File not signed] D:\GIMP 2\bin\libcolamd.dll
2021-12-11 17:54 - 2021-08-26 10:20 - 000699095 _____ () [File not signed] D:\GIMP 2\bin\libcurl-4.dll
2021-12-11 17:54 - 2018-08-22 20:08 - 000036029 _____ () [File not signed] D:\GIMP 2\bin\libdatrie-1.dll
2021-12-11 17:54 - 2021-08-15 11:17 - 000057954 _____ () [File not signed] D:\GIMP 2\bin\libdeflate.dll
2021-12-11 17:54 - 2021-06-15 22:23 - 003141904 _____ () [File not signed] D:\GIMP 2\bin\libexiv2.dll
2021-12-11 17:54 - 2021-05-26 10:41 - 000202568 _____ () [File not signed] D:\GIMP 2\bin\libexpat-1.dll
2021-12-11 17:54 - 2021-04-11 10:48 - 000030354 _____ () [File not signed] D:\GIMP 2\bin\libffi-7.dll
2021-12-11 17:54 - 2021-07-23 19:46 - 000315582 _____ () [File not signed] D:\GIMP 2\bin\libfontconfig-1.dll
2021-12-11 17:54 - 2020-10-24 13:51 - 000143321 _____ () [File not signed] D:\GIMP 2\bin\libfribidi-0.dll
2021-12-11 17:54 - 2021-07-06 11:21 - 000082097 _____ () [File not signed] D:\GIMP 2\bin\libgcc_s_seh-1.dll
2021-12-11 17:54 - 2021-08-16 10:07 - 000214037 _____ () [File not signed] D:\GIMP 2\bin\libgexiv2-2.dll
2021-12-11 17:54 - 2021-07-06 11:21 - 003039893 _____ () [File not signed] D:\GIMP 2\bin\libgfortran-5.dll
2021-12-11 17:54 - 2021-07-06 11:21 - 000239897 _____ () [File not signed] D:\GIMP 2\bin\libgomp-1.dll
2021-12-11 17:54 - 2020-09-10 02:45 - 000154163 _____ () [File not signed] D:\GIMP 2\bin\libgraphite2.dll
2021-12-11 17:54 - 2021-07-26 12:58 - 000279935 _____ () [File not signed] D:\GIMP 2\bin\libHalf-2_5.dll
2021-12-11 17:54 - 2021-09-12 22:07 - 001035185 _____ () [File not signed] D:\GIMP 2\bin\libharfbuzz-0.dll
2021-12-11 17:54 - 2021-05-30 04:52 - 000170241 _____ () [File not signed] D:\GIMP 2\bin\libidn2-0.dll
2021-12-11 17:54 - 2021-07-26 12:58 - 000303203 _____ () [File not signed] D:\GIMP 2\bin\libIex-2_5.dll
2021-12-11 17:54 - 2021-07-26 12:58 - 002892004 _____ () [File not signed] D:\GIMP 2\bin\libIlmImf-2_5.dll
2021-12-11 17:54 - 2021-07-26 12:58 - 000031562 _____ () [File not signed] D:\GIMP 2\bin\libIlmThread-2_5.dll
2021-12-11 17:54 - 2021-07-26 12:58 - 000090934 _____ () [File not signed] D:\GIMP 2\bin\libImath-2_5.dll
2021-12-11 17:54 - 2021-08-20 18:56 - 000426125 _____ () [File not signed] D:\GIMP 2\bin\libjasper-4.dll
2021-12-11 17:54 - 2018-01-17 10:16 - 000066054 _____ () [File not signed] D:\GIMP 2\bin\libjbig-0.dll
2021-12-11 17:54 - 2021-08-28 20:43 - 000768399 _____ () [File not signed] D:\GIMP 2\bin\libjpeg-8.dll
2021-12-11 17:54 - 2020-08-09 11:02 - 000101898 _____ () [File not signed] D:\GIMP 2\bin\libjson-c-5.dll
2021-12-11 17:54 - 2021-09-12 22:02 - 000159327 _____ () [File not signed] D:\GIMP 2\bin\libjson-glib-1.0-0.dll
2021-12-11 17:54 - 2021-02-07 10:58 - 000404191 _____ () [File not signed] D:\GIMP 2\bin\liblcms2-2.dll
2021-12-11 17:54 - 2021-08-09 22:16 - 000602739 _____ () [File not signed] D:\GIMP 2\bin\libLerc.dll
2021-12-11 17:54 - 2019-11-13 07:10 - 000545792 _____ () [File not signed] D:\GIMP 2\bin\libmetis.dll
2021-12-11 17:54 - 2021-04-20 18:21 - 000145342 _____ () [File not signed] D:\GIMP 2\bin\libmypaint-1-5-1.dll
2021-12-11 17:54 - 2021-09-12 22:05 - 000176216 _____ () [File not signed] D:\GIMP 2\bin\libnghttp2-14.dll
2021-12-11 17:54 - 2021-09-11 17:33 - 030860544 _____ () [File not signed] D:\GIMP 2\bin\libopenblas.dll
2021-12-11 17:54 - 2019-04-09 09:27 - 000388625 _____ () [File not signed] D:\GIMP 2\bin\libopenjp2-7.dll
2021-12-11 17:54 - 2021-07-27 13:23 - 000281695 _____ () [File not signed] D:\GIMP 2\bin\libpcre-1.dll
2021-12-11 17:54 - 2020-10-24 14:15 - 000684803 _____ () [File not signed] D:\GIMP 2\bin\libpixman-1-0.dll
2021-12-11 17:54 - 2021-08-15 11:20 - 000243078 _____ () [File not signed] D:\GIMP 2\bin\libpng16-16.dll
2021-12-11 17:54 - 2021-08-29 16:25 - 002783811 _____ () [File not signed] D:\GIMP 2\bin\libpoppler-112.dll
2021-12-11 17:54 - 2021-08-29 16:25 - 000373728 _____ () [File not signed] D:\GIMP 2\bin\libpoppler-glib-8.dll
2021-12-11 17:54 - 2021-08-10 21:13 - 000097342 _____ () [File not signed] D:\GIMP 2\bin\libpsl-5.dll
2021-12-11 17:54 - 2021-07-06 11:21 - 000381742 _____ () [File not signed] D:\GIMP 2\bin\libquadmath-0.dll
2021-12-11 17:54 - 2021-02-04 11:46 - 001079206 _____ () [File not signed] D:\GIMP 2\bin\libraw-20.dll
2021-12-11 17:54 - 2021-07-10 19:07 - 008871992 _____ () [File not signed] D:\GIMP 2\bin\librsvg-2-2.dll
2021-12-11 17:54 - 2021-08-10 21:21 - 000263986 _____ () [File not signed] D:\GIMP 2\bin\libssh2-1.dll
2021-12-11 17:54 - 2021-07-06 11:21 - 001745041 _____ () [File not signed] D:\GIMP 2\bin\libstdc++-6.dll
2021-12-11 17:54 - 2020-12-22 23:17 - 000041986 _____ () [File not signed] D:\GIMP 2\bin\libsuitesparseconfig.dll
2021-12-11 17:54 - 2021-03-28 11:23 - 000067409 _____ () [File not signed] D:\GIMP 2\bin\libthai-0.dll
2021-12-11 17:54 - 2021-08-15 16:23 - 000538395 _____ () [File not signed] D:\GIMP 2\bin\libtiff-5.dll
2021-12-11 17:54 - 2020-12-22 23:17 - 000848439 _____ () [File not signed] D:\GIMP 2\bin\libumfpack.dll
2021-12-11 17:54 - 2021-08-19 19:33 - 000448655 _____ () [File not signed] D:\GIMP 2\bin\libwebp-7.dll
2021-12-11 17:54 - 2021-07-24 10:43 - 001358585 _____ () [File not signed] D:\GIMP 2\bin\libxml2-2.dll
2021-12-11 17:54 - 2021-05-15 07:58 - 000999818 _____ () [File not signed] D:\GIMP 2\bin\libzstd.dll
2021-12-11 17:54 - 2021-01-21 22:50 - 001629287 _____ () [File not signed] D:\GIMP 2\bin\SDL2.dll
2021-12-11 17:54 - 2021-01-05 18:54 - 000116428 _____ () [File not signed] D:\GIMP 2\bin\zlib1.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000284491 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\avx2-int8.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000020858 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\cairo.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000061210 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\CIE.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000017750 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\double.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000015596 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\fast-float.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000021367 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\float.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000022368 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\gegl-fixups.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000025880 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\gggl.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000023832 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\gggl-lies.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000020760 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\gggl-table.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000020796 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\gggl-table-lies.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000019771 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\gimp-8bit.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000015633 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\grey.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000021784 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\half.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000023072 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\HCY.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000023474 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\HSL.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000021426 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\HSV.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000013828 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\naive-CMYK.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000022184 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\simple.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000039315 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\sse2-float.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000016203 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\sse2-int16.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000020299 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\sse2-int8.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000017227 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\sse4-int8.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000018763 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\sse-half.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000013828 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\two-table.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000014504 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\u16.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000017576 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\u32.dll
2021-12-11 17:54 - 2021-08-15 11:59 - 000022450 _____ () [File not signed] D:\GIMP 2\lib\babl-0.1\ycbcr.dll
2021-12-11 17:54 - 2021-09-11 17:34 - 000032123 _____ () [File not signed] D:\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-png.dll
2021-12-11 17:54 - 2021-07-10 19:07 - 000016869 _____ () [File not signed] D:\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
2024-03-13 18:50 - 2012-08-08 10:20 - 000582144 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerMedia RECentral\dll\AVerHIDCtrl.dll
2024-03-13 18:50 - 2018-03-31 05:09 - 002058240 _____ (AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerMedia RECentral\dll\C875Device.dll
2022-11-08 12:54 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2022-11-08 12:54 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2014-08-18 13:11 - 2014-08-18 13:11 - 000129536 _____ (Corsair Components, Inc.) [File not signed] D:\Corsair\CorsairDevice.dll
2013-07-25 00:26 - 2013-07-25 00:26 - 002598912 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] D:\Corsair\QtCore4.dll
2013-06-27 11:16 - 2013-06-27 11:16 - 008581632 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] D:\Corsair\QtGui4.dll
2013-06-27 11:10 - 2013-06-27 11:10 - 000356352 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] D:\Corsair\QtXml4.dll
2025-01-04 23:19 - 2024-12-03 23:40 - 005378048 _____ (FFmpeg Project) [File not signed] D:\Steam\libavcodec-61.dll
2025-01-04 23:19 - 2024-12-03 23:40 - 000875008 _____ (FFmpeg Project) [File not signed] D:\Steam\libavfilter-10.dll
2025-01-04 23:19 - 2024-12-03 23:40 - 001674240 _____ (FFmpeg Project) [File not signed] D:\Steam\libavformat-61.dll
2025-01-04 23:19 - 2024-12-03 23:40 - 001640960 _____ (FFmpeg Project) [File not signed] D:\Steam\libavutil-59.dll
2025-01-04 23:19 - 2024-12-03 23:40 - 000630272 _____ (FFmpeg Project) [File not signed] D:\Steam\libswresample-5.dll
2025-01-04 23:19 - 2024-12-03 23:40 - 001092608 _____ (FFmpeg Project) [File not signed] D:\Steam\libswscale-8.dll
2021-12-11 17:54 - 2020-12-18 00:29 - 001058528 _____ (Free Software Foundation) [File not signed] D:\GIMP 2\bin\libiconv-2.dll
2021-12-11 17:54 - 2020-12-22 22:49 - 000133659 _____ (Free Software Foundation) [File not signed] D:\GIMP 2\bin\libintl-8.dll
2021-12-11 17:54 - 2021-05-30 04:33 - 001764460 _____ (Free Software Foundation) [File not signed] D:\GIMP 2\bin\libunistring-2.dll
2024-12-13 19:07 - 2024-12-13 19:07 - 000139776 _____ (hardcodet.net) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\90f534b46bc743cf851dc50cafddb712\Hardcodet.Wpf.TaskbarNotification.ni.dll
2022-10-20 11:15 - 2022-06-27 12:21 - 000660992 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2022-10-20 11:15 - 2022-07-06 20:44 - 000481792 _____ (Helmut Buhler) [File not signed] C:\Users\ali_b\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll
2024-12-14 14:09 - 2024-12-14 14:09 - 000432128 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_64\LauncherSDK\e429a0da8c01bbfb60111abb02574fc9\LauncherSDK.ni.dll
2024-12-14 14:09 - 2024-12-14 14:09 - 000037888 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_64\Logging\f83258b406f7e0011032448137b9e628\Logging.ni.dll
2024-12-14 14:09 - 2024-12-14 14:09 - 000153088 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_64\RpcClient\5eb29205e8622c36ff2f873c925e0073\RpcClient.ni.dll
2024-12-14 14:09 - 2024-12-14 14:09 - 000118272 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_64\WMISDK\2f0514d286050fa258df463fe1ada8f9\WMISDK.ni.dll
2021-12-11 17:54 - 2017-10-04 14:36 - 000029696 _____ (Jose Fonseca) [File not signed] D:\GIMP 2\bin\exchndl.dll
2021-12-11 17:54 - 2017-10-04 14:36 - 000828416 _____ (Jose Fonseca) [File not signed] D:\GIMP 2\bin\mgwhelp.dll
2024-12-13 19:08 - 2024-12-13 19:08 - 001716736 _____ (Mark Heath & Contributors) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\NAudio\e45cb0fe7b02da89749835246ab2d160\NAudio.ni.dll
2021-12-11 17:54 - 2021-08-20 14:05 - 000059645 _____ (MingW-W64 Project. All rights reserved.) [File not signed] D:\GIMP 2\bin\libwinpthread-1.dll
2021-12-11 17:54 - 2021-05-30 04:17 - 000316971 _____ (Mozilla Foundation) [File not signed] D:\GIMP 2\bin\libnspr4.dll
2021-12-11 17:54 - 2021-05-30 04:17 - 000025293 _____ (Mozilla Foundation) [File not signed] D:\GIMP 2\bin\libplc4.dll
2021-12-11 17:54 - 2021-05-30 04:17 - 000019732 _____ (Mozilla Foundation) [File not signed] D:\GIMP 2\bin\libplds4.dll
2021-12-11 17:54 - 2020-05-28 14:16 - 001299456 _____ (Mozilla Foundation) [File not signed] D:\GIMP 2\bin\nss3.dll
2021-12-11 17:54 - 2020-05-28 14:16 - 000159232 _____ (Mozilla Foundation) [File not signed] D:\GIMP 2\bin\nssutil3.dll
2021-12-11 17:54 - 2020-05-28 14:16 - 000170496 _____ (Mozilla Foundation) [File not signed] D:\GIMP 2\bin\smime3.dll
2024-12-13 19:08 - 2024-12-13 19:08 - 003088896 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\d28f16449d7993f42e84178735a33e62\Newtonsoft.Json.ni.dll
2024-12-14 14:09 - 2024-12-14 14:09 - 003884544 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\16b5644c5c2fc36401b8037787a12985\Newtonsoft.Json.ni.dll
2021-12-11 17:54 - 2021-09-12 22:20 - 000298620 _____ (Red Hat Software) [File not signed] D:\GIMP 2\bin\libpango-1.0-0.dll
2021-12-11 17:54 - 2021-09-12 22:20 - 000072238 _____ (Red Hat Software) [File not signed] D:\GIMP 2\bin\libpangocairo-1.0-0.dll
2021-12-11 17:54 - 2021-09-12 22:20 - 000097629 _____ (Red Hat Software) [File not signed] D:\GIMP 2\bin\libpangoft2-1.0-0.dll
2021-12-11 17:54 - 2021-09-12 22:20 - 000092720 _____ (Red Hat Software) [File not signed] D:\GIMP 2\bin\libpangowin32-1.0-0.dll
2021-12-11 17:54 - 2020-10-24 19:09 - 000159295 _____ (Sun Microsystems Inc.) [File not signed] D:\GIMP 2\bin\libatk-1.0-0.dll
2024-12-13 19:07 - 2024-12-13 19:07 - 000780288 _____ (The Apache Software Foundation) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\log4net\08d35ae021d65e241c4fd25de1f311d7\log4net.ni.dll
2021-12-11 17:54 - 2021-08-27 11:59 - 000740140 _____ (The FreeType Project) [File not signed] D:\GIMP 2\bin\libfreetype-6.dll
2021-12-11 17:54 - 2021-08-20 18:44 - 001697050 _____ (The GLib developer community) [File not signed] D:\GIMP 2\bin\libgio-2.0-0.dll
2021-12-11 17:54 - 2021-08-20 18:44 - 001303299 _____ (The GLib developer community) [File not signed] D:\GIMP 2\bin\libglib-2.0-0.dll
2021-12-11 17:54 - 2021-08-20 18:44 - 000023680 _____ (The GLib developer community) [File not signed] D:\GIMP 2\bin\libgmodule-2.0-0.dll
2021-12-11 17:54 - 2021-08-20 18:44 - 000319640 _____ (The GLib developer community) [File not signed] D:\GIMP 2\bin\libgobject-2.0-0.dll
2021-12-11 17:54 - 2021-09-11 17:34 - 000166947 _____ (The GTK developer community) [File not signed] D:\GIMP 2\bin\libgdk_pixbuf-2.0-0.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2021-12-11 17:54 - 2021-08-24 17:44 - 002785652 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] D:\GIMP 2\bin\libcrypto-1_1-x64.dll
2021-12-11 17:54 - 2021-08-24 17:44 - 000582386 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] D:\GIMP 2\bin\libssl-1_1-x64.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2024-12-13 18:07 - 2024-12-13 18:07 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2021-12-11 17:54 - 2020-12-22 19:34 - 000153747 _____ (The Tukaani Project <hxxps://tukaani.org/>) [File not signed] D:\GIMP 2\bin\liblzma-5.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mc-fw-host => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
SearchScopes: HKLM -> {229355B6-9045-4DBB-9D8A-6F7B598B6B03} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {229355B6-9045-4DBB-9D8A-6F7B598B6B03} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2266882305-1638506966-3997672796-1001 -> {229355B6-9045-4DBB-9D8A-6F7B598B6B03} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2023-01-11] (Logitech Inc -> Logitech, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2024-12-17] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2023-01-11] (Logitech Inc -> Logitech, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2024-12-17] (HP Inc. -> HP Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 12:14 - 2025-01-05 13:33 - 000000027 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost
2021-11-21 21:26 - 2021-11-21 21:26 - 000000447 _____ C:\windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ali_b\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Microsoft\Windows Security Health\State => (AppAndBrowser_StoreAppsSmartScreenOff: 0)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys
Bluetooth Ağ Bağlantısı: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
nt_rtf64: Realtek LightWeight Filter (NDIS6.40)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\StartupApproved\Run: => "HPSEU_Host_Launcher"
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_51FA75F58421240AA0A293AA15CB097C"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C0566DA3-6761-4F8B-9E24-E8BC7EB87A31}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E039FF3A-DD5E-40F7-9B2E-A64BAEA465AA}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BF74CE01-5C49-4D8E-8BA2-B9F938E65A1B}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FCA942AD-C62E-42E9-B27B-831850951454}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{E3569A10-A824-45E1-83FD-4A0CFA73D918}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{F020AE27-2694-4FCD-BF2C-12BEEA73DE56}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CC8F4879-0C86-4C96-AFC2-233CD9628139}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{FCD22C0A-E3B0-4113-BA68-6423B65D998B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2C63E433-41A1-4770-8F84-E7B613BAD580}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B6622AAC-54F4-4822-90FD-A3EB947A0170}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B4C946CF-311A-4FA7-B3B9-276117189A7E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5887F008-CF92-4B9A-A83C-3AABC242AE96}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9C7CFC56-0CF3-4B6D-B24B-800C8B70B63F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9F037BFD-AC91-48E5-84EA-7AB6AAB59513}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2CCEC085-28E6-4C38-A5F8-007FD002EC78}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{870B511A-3B1B-4E85-8DD7-B7D35FA1CD60}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5506CB4B-86E4-4A60-9D9E-F88764D77433}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
==================== Restore Points =========================
31-12-2024 15:05:49 Installed DaVinci Resolve
01-01-2025 23:36:41 Removed Blackmagic RAW Common Components
01-01-2025 23:37:09 Removed DaVinci Resolve
01-01-2025 23:37:30 Removed DaVinci Resolve Control Panels
02-01-2025 00:41:10 Installed DaVinci Resolve
02-01-2025 14:35:43 Removed DaVinci Resolve
02-01-2025 14:36:01 Removed DaVinci Resolve Control Panels
02-01-2025 14:36:23 Removed Blackmagic RAW Common Components
02-01-2025 14:40:02 Installed DaVinci Resolve
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/05/2025 04:53:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: "C:\Program Files\Logitech\SetPointP\SetPoint.exe" için etkinleştirme içeriği oluşturulamadı.
Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" Bağımlı Derlemesi bulunamadı.
Lütfen ayrıntılı tanılama için sxstrace.exe programını kullanın.
Error: (01/05/2025 01:35:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: "C:\Program Files\Logitech\SetPointP\SetPoint.exe" için etkinleştirme içeriği oluşturulamadı.
Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" Bağımlı Derlemesi bulunamadı.
Lütfen ayrıntılı tanılama için sxstrace.exe programını kullanın.
Error: (01/05/2025 01:29:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Birim Gölge Kopyası Hizmeti hatası: QueryFullProcessImageNameW yordamı çağrılırken beklenmeyen hata. hr = 0x80070006, İşleyici geçersiz..
İşlem:
Zaman Uyumsuz İşlem Yapılıyor
Bağlam:
Geçerli Durum: DoSnapshotSet
Error: (01/05/2025 09:03:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: "C:\Program Files\Logitech\SetPointP\SetPoint.exe" için etkinleştirme içeriği oluşturulamadı.
Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" Bağımlı Derlemesi bulunamadı.
Lütfen ayrıntılı tanılama için sxstrace.exe programını kullanın.
Error: (01/05/2025 01:10:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: wwahost.exe, sürüm: 10.0.19041.4355, zaman damgası: 0xebbe3963
Hatalı modül adı: unknown, sürüm: 0.0.0.0, zaman damgası: 0x00000000
Özel durum kodu: 0xc0000409
Hata uzaklığı 0x0000000000000226
Hatalı işlem kimliği: 0x495c
Uygulama başlangıç zamanı: 0x01db5ef56703e9b5
Hatalı uygulama yolu: C:\Windows\System32\wwahost.exe
Hatalı modül yolu: unknown
Rapor kimliği: 3cb59355-f4a7-4a1f-aebd-ce333e9de6c6
Hatalı paket tam adı: Microsoft.Win32WebViewHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
Hatalı paketle ilgili uygulama kimliği: DPI.PerMonitorAware
Error: (01/05/2025 01:04:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe programının 131.0.6778.205 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Güvenlik ve Bakım denetim masasında sorunun geçmişine göz atın.
İşlem Kimlik No: 3bf0
Başlatma Saati: 01db5e75d97a2f00
Sona Erme Saati: 14
Uygulama Yolu: C:\Program Files\Google\Chrome\Application\chrome.exe
Rapor Kimliği: ec38a9eb-3b31-496b-b634-bd1ae4dbe328
Hatalı paket tam adı:
Hatalı paketle ilgili uygulama kimliği:
Askı türü: Unknown
Error: (01/04/2025 09:55:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: "C:\Program Files\Logitech\SetPointP\SetPoint.exe" için etkinleştirme içeriği oluşturulamadı.
Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" Bağımlı Derlemesi bulunamadı.
Lütfen ayrıntılı tanılama için sxstrace.exe programını kullanın.
Error: (01/03/2025 08:26:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: DivXUpdate.exe, sürüm: 10.8.10.0, zaman damgası: 0x6303ce7f
Hatalı modül adı: Qt5Core.dll, sürüm: 5.15.2.0, zaman damgası: 0x5fa4dd26
Özel durum kodu: 0xc0000409
Hata uzaklığı 0x0001f081
Hatalı işlem kimliği: 0x2264
Uygulama başlangıç zamanı: 0x01db5e04a9a2d2fe
Hatalı uygulama yolu: C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe
Hatalı modül yolu: C:\Program Files (x86)\Common Files\DivX Shared\Qt5.6\Qt5Core.dll
Rapor kimliği: 804904de-5593-4a28-914f-3b763f77b808
Hatalı paket tam adı:
Hatalı paketle ilgili uygulama kimliği:
System errors:
=============
Error: (01/05/2025 04:54:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Google Güncelleme Hizmeti (gupdate) hizmeti şu hata nedeniyle başlatılamadı:
Hizmet, belirli aralıklarla yapılan başlama veya denetim isteğine yanıt vermedi.
Error: (01/05/2025 04:54:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Google Güncelleme Hizmeti (gupdate) hizmetinin bağlanması beklenirken zaman aşımı (30000 milisaniye) oluştu.
Error: (01/05/2025 04:52:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: GameInput Service hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu durum 6 defa oluştu.
Error: (01/05/2025 04:52:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: GameInput Service hizmet şu hata ile sona erdi:
Bileşim dosyası GameInput Service daha yeni bir depolama sürümüyle üretilmiş.
Error: (01/05/2025 04:52:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: GameInput Service hizmeti beklenmedik şekilde sona erdi. Bu durum 5 defa oluştu. 1000 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.
Error: (01/05/2025 04:52:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: GameInput Service hizmet şu hata ile sona erdi:
Bileşim dosyası GameInput Service daha yeni bir depolama sürümüyle üretilmiş.
Error: (01/05/2025 04:52:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: GameInput Service hizmeti beklenmedik şekilde sona erdi. Bu durum 4 defa oluştu. 1000 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.
Error: (01/05/2025 04:52:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: GameInput Service hizmet şu hata ile sona erdi:
Bileşim dosyası GameInput Service daha yeni bir depolama sürümüyle üretilmiş.
Windows Defender:
================Event[0]:
Date: 2024-11-07 06:13:23
Description:
Bei Microsoft Defender Virüsten Koruma ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.421.145.0
%Vorherige Version der Sicherheitsinformationen: 1.419.731.0
Update Source: Kullanıcı
Sicherheitstyp: Casus Yazılım Önleme
Updatetyp: Tam
Benutzer: NT AUTHORITY\SYSTEM
Aktuelle Modulversion: 1.1.24090.11
%Vorherige Modulversion: 1.1.24080.9
Fehlercode: 0x80070002
Fehlerbeschreibung: Sistem belirtilen dosyayı bulamıyor.
Date: 2024-11-07 06:13:23
Description:
Bei Microsoft Defender Virüsten Koruma ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.421.145.0
%Vorherige Version der Sicherheitsinformationen: 1.419.731.0
Update Source: Kullanıcı
Sicherheitstyp: Virüsten Koruma
Updatetyp: Tam
Benutzer: NT AUTHORITY\SYSTEM
Aktuelle Modulversion: 1.1.24090.11
%Vorherige Modulversion: 1.1.24080.9
Fehlercode: 0x80070002
Fehlerbeschreibung: Sistem belirtilen dosyayı bulamıyor.
Date: 2024-11-07 06:13:23
Description:
Fehler von Microsoft Defender Virüsten Koruma beim Aktualisieren des Moduls.
Neue Modulversion: 1.1.24090.11
Vorherige Modulversion: 1.1.24080.9
Benutzer: NT AUTHORITY\SYSTEM
Fehlercode: 0x80070002
Fehlerbeschreibung: Sistem belirtilen dosyayı bulamıyor.
Date: 2024-09-30 10:29:43
Description:
Bei Microsoft Defender Virüsten Koruma ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.419.85.0
Update Source: Microsoft Kötü Amaçlı Yazılımdan Koruma Merkezi
Sicherheitstyp: Virüsten Koruma
Updatetyp: Tam
Benutzer: NT AUTHORITY\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.24080.9
Fehlercode: 0x80004004
Fehlerbeschreibung: İşlem iptal edildi
Date: 2024-09-30 10:29:43
Description:
Bei Microsoft Defender Virüsten Koruma ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.419.85.0
Update Source: Microsoft Kötü Amaçlı Yazılımdan Koruma Merkezi
Sicherheitstyp: Casus Yazılım Önleme
Updatetyp: Tam
Benutzer: NT AUTHORITY\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.24080.9
Fehlercode: 0x80004004
Fehlerbeschreibung: İşlem iptal edildi
CodeIntegrity:
===============
Date: 2025-01-05 16:56:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\WPS\1.24.167.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.10 07/29/2021
Motherboard: HP 8860
Processor: 11th Gen Intel(R) Core(TM) i7-11700 @ 2.50GHz
Percentage of memory in use: 51%
Total physical RAM: 16150.3 MB
Available physical RAM: 7836.58 MB
Total Virtual: 39702.3 MB
Available Virtual: 24455.95 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:316.75 GB) (Model: SAMSUNG MZVLQ512HBLU-00BH1) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:291.91 GB) (Model: ST1000DM003-1SB102) NTFS
\\?\Volume{4efb7d70-c6b3-4075-bb50-894b5eee25b6}\ (Windows RE tools) (Fixed) (Total:0.53 GB) (Free:0.06 GB) NTFS
\\?\Volume{8b724cff-e39f-415e-8ed0-00c6be5b12c3}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 3D11396B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 32F959BE)
Partition: GPT.
==================== End of Addition.txt =======================
|
|
Gestern, 17:20
| #11 |
| /// TB-Ausbilder | Kleiner Check nach Problemen Gut gemacht.  Ich sehe keine aktive Malware in den Logs. Nun holen wir uns bei MBAM und ESET eine Zweitmeinung ein. Schritt 1 Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 2 Führe ESET Online Scanner (EOS) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. |
|
Gestern, 18:59
| #12 |
| | Kleiner Check nach ProblemenCode:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 05.01.2025
Scan-Zeit: 19:24
Protokolldatei: 81121546-cb81-11ef-a463-6c02e06e1572.json
-Softwaredaten-
Version: 5.2.4.157
Komponentenversion: 1.0.5116
Version des Aktualisierungspakets: 1.0.94068
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.5247)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-G9F6VUF\ali_b
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 215106
Erkannte Bedrohungen: 2
In die Quarantäne verschobene Bedrohungen: 2
Abgelaufene Zeit: 1 Min., 51 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 1
PUP.Optional.BundleInstaller, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DivX Setup, In Quarantäne, 50, 1141833, 1.0.94068, , ame, , ,
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 1
PUP.Optional.BundleInstaller, C:\PROGRAMDATA\DIVX\SETUP\DIVXSETUP.EXE, In Quarantäne, 50, 1141833, 1.0.94068, , ame, , DF004B462C9E5B2E169410FDC87F13DD, 93F36C08CB1B6C082E80FBEE57F13E0C13C667E10C15601C0F75861C0EBE11E5
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter <?xml version="1.0" encoding="utf-8" ?>
<ESET>
<LOG>
<RECORD>
<COLUMN NAME="Log">Scan-Log</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Version der Erkennungsroutine: 30499 (20250105)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Datum: 05.01.2025 Uhrzeit: 20:07:20</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Gescannte Laufwerke, Ordner und Dateien: Arbeitsspeicher;C:\Bootsektoren/UEFI;D:\Bootsektoren/UEFI;C:\;D:\;WMI-Datenbank;System-Registry</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Benutzer: DESKTOP-G9F6VUF\ali_b</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Gescannte Objekte: 0</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Anzahl der Ereignisse: 0</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Abgeschlossen: 20:55:31 Benötigte Zeit: 2891 Sek. (00:48:11)</COLUMN>
</RECORD>
</LOG>
</ESET>
Code:
ATTFilter <?xml version="1.0" encoding="utf-8" ?>
<ESET>
<LOG>
<RECORD>
<COLUMN NAME="Log">Scan-Log</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Version der Erkennungsroutine: 30499 (20250105)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Datum: 05.01.2025 Uhrzeit: 20:07:20</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Gescannte Laufwerke, Ordner und Dateien: C:\;D:\;WMI-Datenbank;System-Registry</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Benutzer: NT AUTHORITY\SYSTEM</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\DumpStack.log.tmp - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Program Files (x86)\Freemake\Freemake Video Converter\FMCommon\ConverterCommon\FreemakeConverterCommon.dll - eine Variante von MSIL/Freemake.A potenziell unerwünschte Anwendung - Aktionsauswahl aufgeschoben bis zum Abschluss des Scans</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\ConsoleApp\ControlSet000.bat - BAT/TrojanDownloader.Agent.OKX Trojaner - durch Löschen gesäubert [1]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\ConsoleApp\main.bat - BAT/TrojanDownloader.Agent.OKX Trojaner - durch Löschen gesäubert [1]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Network\Downloader\edb.log - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Network\Downloader\qmgr.db - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbtmp.jtx - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.jfm - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.jtx - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Windows\LfSvc\Geofence\GeofenceApplicationID.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Windows\LfSvc\Geofence\S-1-5-18_NonPackagedApp\Geofence.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Windows\WindowsApps\Microsoft.GamingServices_26.95.25001.0_x64__8wekyb3d8bbwe\Cache\8ec0dcc777cf318c_COM15.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Windows\WindowsApps\Microsoft.GamingServices_26.95.25001.0_x64__8wekyb3d8bbwe\Cache\8ec0dcc777cf318c_COM15.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Microsoft\Windows\WindowsApps\Microsoft.GamingServices_26.95.25001.0_x64__8wekyb3d8bbwe\Cache\8ec0dcc777cf318c_COM15.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\7bc3114fb39fed35_COM15.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\7bc3114fb39fed35_COM15.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\7bc3114fb39fed35_COM15.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\e756618f779b34de_COM15.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\e756618f779b34de_COM15.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\e756618f779b34de_COM15.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\AD2F1837.OMENCommandCenter_v10z8vjag6ke6\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\31242de030e96025_COM15.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\AD2F1837.OMENCommandCenter_v10z8vjag6ke6\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\31242de030e96025_COM15.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\AD2F1837.OMENCommandCenter_v10z8vjag6ke6\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\31242de030e96025_COM15.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\e2f24d4c6c70768d_COM15.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\e2f24d4c6c70768d_COM15.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\e2f24d4c6c70768d_COM15.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\Microsoft.GamingApp_8wekyb3d8bbwe\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\e49bfbe4d2584c38_COM15.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\Microsoft.GamingApp_8wekyb3d8bbwe\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\e49bfbe4d2584c38_COM15.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\Microsoft.GamingApp_8wekyb3d8bbwe\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\e49bfbe4d2584c38_COM15.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\420724edd1c24f6e_COM15.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\420724edd1c24f6e_COM15.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2266882305-1638506966-3997672796-1001\SystemAppData\Helium\Cache\420724edd1c24f6e_COM15.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{08187690-c8fc-11ef-a6de-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{081876ba-c8fc-11ef-a6de-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{081876d6-c8fc-11ef-a6de-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{08187754-c8fc-11ef-a6de-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{2bbff5e4-c87c-11ef-a6dd-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{2bbff5fd-c87c-11ef-a6dd-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{2bbff60f-c87c-11ef-a6dd-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{2bbffaf6-c87c-11ef-a6dd-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{376f108a-cae6-11ef-a6de-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{4fa5462f-cb6c-11ef-a6e0-a864f12a9882}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{60e1d401-ca8d-11ef-a6de-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{60e1d43b-ca8d-11ef-a6de-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\System Volume Information\{caaf897c-c73b-11ef-a6dd-6c02e06e1572}{3808876b-c176-4e48-b7ae-04046e6cc752} - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Comms\UnistoreDB\USS.jtx - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Comms\UnistoreDB\store.jfm - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Comms\UnistoreDB\store.vol - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Comms\UnistoreDB\tmp.edb - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Network\Cookies - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Network\Cookies-journal - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Sessions\Session_13380570938557194 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Sessions\Tabs_13380558806025834 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Malwarebytes\Logs\MBAMSI.alt2.lock - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Malwarebytes\Logs\MBAMSI.alt3.lock - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Malwarebytes\Logs\MBAMSI.alt4.lock - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Malwarebytes\Logs\MBAMSI.alt1.lock - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Malwarebytes\Logs\MBAMSI.lock - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies-journal - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13380568585757128 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13380568585823391 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Windows\WebCacheLock.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Windows\UsrClass.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Microsoft\Windows\WebCache\V01.log - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\NVIDIA\NvBackend\VRDevicesInfo.data - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\NVIDIA\NvBackend\journalBS.jour.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5319275A.WhatsAppDesktop_cv1g1gvanyjgm\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5319275A.WhatsAppDesktop_cv1g1gvanyjgm\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5319275A.WhatsAppDesktop_cv1g1gvanyjgm\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\SystemAppData\Helium\User.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\SystemAppData\Helium\UserClasses.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\SystemAppData\Helium\UserClasses.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\SystemAppData\Helium\UserClasses.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\SystemAppData\Helium\User.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy\SystemAppData\Helium\User.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\SystemAppData\Helium\User.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\SystemAppData\Helium\User.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\SystemAppData\Helium\User.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\SystemAppData\Helium\UserClasses.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\SystemAppData\Helium\UserClasses.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\SystemAppData\Helium\UserClasses.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.OMENCommandCenter_v10z8vjag6ke6\SystemAppData\Helium\User.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.OMENCommandCenter_v10z8vjag6ke6\SystemAppData\Helium\User.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.OMENCommandCenter_v10z8vjag6ke6\SystemAppData\Helium\User.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.OMENCommandCenter_v10z8vjag6ke6\SystemAppData\Helium\UserClasses.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.OMENCommandCenter_v10z8vjag6ke6\SystemAppData\Helium\UserClasses.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.OMENCommandCenter_v10z8vjag6ke6\SystemAppData\Helium\UserClasses.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.myHP_v10z8vjag6ke6\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.myHP_v10z8vjag6ke6\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.myHP_v10z8vjag6ke6\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.myHP_v10z8vjag6ke6\SystemAppData\Helium\User.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.myHP_v10z8vjag6ke6\SystemAppData\Helium\User.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.myHP_v10z8vjag6ke6\SystemAppData\Helium\User.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.myHP_v10z8vjag6ke6\SystemAppData\Helium\UserClasses.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.myHP_v10z8vjag6ke6\SystemAppData\Helium\UserClasses.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\AD2F1837.myHP_v10z8vjag6ke6\SystemAppData\Helium\UserClasses.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.GamingApp_8wekyb3d8bbwe\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.GamingApp_8wekyb3d8bbwe\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.GamingApp_8wekyb3d8bbwe\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\EBWebView\Default\Network\Cookies - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\EBWebView\Default\Network\Cookies-journal - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\16ab0613985af525\tmp.edb - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\16ab0613985af525\EntClientDb.edb - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\16ab0613985af525\EntClientDb.jfm - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\16ab0613985af525\edb.log - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\Settings\settings.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\Settings\settings.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\Settings\settings.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Steam\htmlcache\Network\Cookies - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\Local\Steam\htmlcache\Network\Cookies-journal - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_196b83a47ca4dea7_0_0.0.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_0084280b7c44cab9_0_0.0.bin - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_0084280b7c44cab9_0_0.0.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_26d73140036ecc3a_0_0.0.bin - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_26d73140036ecc3a_0_0.0.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_377f220ab15a6e55_0_0.0.bin - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_377f220ab15a6e55_0_0.0.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_2e4d53b11e69cad4_0_0.0.bin - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_2e4d53b11e69cad4_0_0.0.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_4a0c48fd55971c40_1_0.0.bin - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_4a0c48fd55971c40_1_0.0.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_354977e6866b2432_0_0.0.bin - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_354977e6866b2432_0_0.0.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_354977e6866b2432_0_0.1.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_196b83a47ca4dea7_0_0.0.bin - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_e330f25ac01818f1_0_0.0.bin - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_e330f25ac01818f1_0_0.0.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_e330f25ac01818f1_0_0.1.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_e330f25ac01818f1_0_1.0.bin - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_e330f25ac01818f1_0_1.0.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\AppData\LocalLow\NVIDIA\PerDriverVersion\DXCache\261fee6d28dcbc5926aeaffe297828ac_fce8395c8fd8a9d9_e330f25ac01818f1_0_1.1.toc - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\ntuser.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\ntuser.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Users\ali_b\NTUSER.DAT - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\State\dosvcState.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\State\dosvcState.dat.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\State\dosvcState.dat.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\SoftwareDistribution\DataStore\DataStore.edb - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\SoftwareDistribution\DataStore\DataStore.jfm - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb.jfm - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb.jfm - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\BBI - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\BBI.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\BBI.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\DEFAULT - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\DEFAULT.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\DEFAULT.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\catroot2\edb.log - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\catroot2\edbtmp.log - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SOFTWARE.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SYSTEM - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SYSTEM.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SYSTEM.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SAM - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SAM.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SAM.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SECURITY - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SECURITY.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SECURITY.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SOFTWARE - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\SOFTWARE.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\systemprofile\AppData\Local\Malwarebytes\Logs\MBAMSI.alt1.lock - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\systemprofile\AppData\Local\Malwarebytes\Logs\MBAMSI.alt2.lock - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\systemprofile\AppData\Local\Malwarebytes\Logs\MBAMSI.alt3.lock - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\systemprofile\AppData\Local\Malwarebytes\Logs\MBAMSI.lock - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WebCacheLock.dat - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WebCache\V01.log - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\appcompat\Programs\Amcache.hve - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\appcompat\Programs\Amcache.hve.LOG1 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Windows\appcompat\Programs\Amcache.hve.LOG2 - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\hiberfil.sys - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\pagefile.sys - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\swapfile.sys - öffnen nicht möglich: [4]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\FRST\Quarantine\C\Users\ali_b\AppData\Roaming\edcf\pdfium.dll - eine Variante von Win32/TrojanDownloader.Rugmi.AOR.gen Trojaner - durch Löschen gesäubert [1]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">D:\Downloads\DaVinci_Resolve_19.1.2_Windows.exe = 7ZIP = ResExt10.cab - Entpacken nicht möglich (mögliche Gründe: nicht genug Arbeitsspeicher oder nicht genug Festplattenspeicherplatz oder Problem mit temporären Ordnern)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">D:\Downloads\DaVinci_Resolve_19.1.2_Windows.exe = 7ZIP = ResExt11.cab - Entpacken nicht möglich (mögliche Gründe: nicht genug Arbeitsspeicher oder nicht genug Festplattenspeicherplatz oder Problem mit temporären Ordnern)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">D:\Downloads\DaVinci_Resolve_19.1.2_Windows.exe = 7ZIP = ResExt12.cab - Entpacken nicht möglich (mögliche Gründe: nicht genug Arbeitsspeicher oder nicht genug Festplattenspeicherplatz oder Problem mit temporären Ordnern)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">D:\Downloads\DaVinci_Resolve_19.1.2_Windows.exe = 7ZIP = ResExt13.cab - Entpacken nicht möglich (mögliche Gründe: nicht genug Arbeitsspeicher oder nicht genug Festplattenspeicherplatz oder Problem mit temporären Ordnern)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">D:\Downloads\DaVinci_Resolve_19.1.2_Windows.exe = 7ZIP = ResExt14.cab - Entpacken nicht möglich (mögliche Gründe: nicht genug Arbeitsspeicher oder nicht genug Festplattenspeicherplatz oder Problem mit temporären Ordnern)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">D:\Downloads\DaVinci_Resolve_19.1.2_Windows.exe = 7ZIP = ResExt15.cab - Entpacken nicht möglich (mögliche Gründe: nicht genug Arbeitsspeicher oder nicht genug Festplattenspeicherplatz oder Problem mit temporären Ordnern)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">D:\Downloads\DaVinci_Resolve_19.1.2_Windows.exe = 7ZIP = ResExt16.cab - Entpacken nicht möglich (mögliche Gründe: nicht genug Arbeitsspeicher oder nicht genug Festplattenspeicherplatz oder Problem mit temporären Ordnern)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">D:\Downloads\DaVinci_Resolve_19.1.2_Windows.exe = 7ZIP = ResExt17.cab - Entpacken nicht möglich (mögliche Gründe: nicht genug Arbeitsspeicher oder nicht genug Festplattenspeicherplatz oder Problem mit temporären Ordnern)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">D:\Downloads\DaVinci_Resolve_19.1.2_Windows.exe = 7ZIP = ResolveInstaller.msi - Entpacken nicht möglich (mögliche Gründe: nicht genug Arbeitsspeicher oder nicht genug Festplattenspeicherplatz oder Problem mit temporären Ordnern)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">D:\Downloads\DaVinci_Resolve_19.1.2_Windows.exe = 7ZIP = SetupResolve.exe - Entpacken nicht möglich (mögliche Gründe: nicht genug Arbeitsspeicher oder nicht genug Festplattenspeicherplatz oder Problem mit temporären Ordnern)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">C:\Program Files (x86)\Freemake\Freemake Video Converter\FMCommon\ConverterCommon\FreemakeConverterCommon.dll - eine Variante von MSIL/Freemake.A potenziell unerwünschte Anwendung - durch Löschen gesäubert [1]</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Gescannte Objekte: 675646</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Anzahl der Ereignisse: 4</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Anzahl gesäuberter Objekte: 4</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Abgeschlossen: 20:44:37 Benötigte Zeit: 2237 Sek. (00:37:17)</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log"></COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">Hinweise:</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">[1] Objekt wurde gelöscht. Es enthielt ausschließlich Viruscode.</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Log">[4] Objekt kann nicht geöffnet werden. Möglicherweise in Benutzung durch eine andere Anwendung oder das Betriebssystem.</COLUMN>
</RECORD>
</LOG>
</ESET>
|
|
Gestern, 19:22
| #13 |
| /// TB-Ausbilder | Kleiner Check nach Problemen Sehr gut. Ein paar Reste wurden noch gefunden.  Führe SecurityCheck (SC) gemäß der bebilderten Anleitung aus und füge die Logdatei als Anhang hinzu. |
|
Gestern, 19:57
| #14 |
| | Kleiner Check nach Problemen Wird mir beim Besuch, wenn trotzden auf Seite, dann Download blockiert. Kann also SC nicht herunterladen. Hab trotzdem auf google eine Seite zum runterladen gefunden. Hier das Ergebnis: Code:
ATTFilter SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
WebSite: www.safezone.cc
DateLog: 05.01.2025 21:43:47
Path starting: C:\Users\ali_b\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: ali_b
VersionSC: 1.4.0.58 [+]
VersionXML: 13.12is-04.01.2025
Update SC - Check Version
|
|
Gestern, 21:30
| #15 |
| /// TB-Ausbilder | Kleiner Check nach Problemen Die von dir verwendete Version ist total veraltet. Wenn der Download automatisch blockiert wird, kann man im Browser auf Downloads klicken und das Herunterladen trotzdem erlauben. Lade dir die .exe von hier herunter und führe das Tool erneut aus. |
|
| Themen zu Kleiner Check nach Problemen |
| administrator, adobe, browser, defender, dll, geforce, google, home, homepage, internet, internet explorer, nvidia, performance, proxy, realtek, registry, rundll, scan, services.exe, software, svchost.exe, updates, usb, werbung, windows |
Linear-Darstellung
