Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PUP.optional.startfenster entfernen - vlc.de

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Thema geschlossen
Alt 15.09.2022, 09:36   #1
Enanta
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Guten Morgen zusammen,

gestern Abend bin ich tatsächlich auf vlc.de reingefallen. Seit 15 Jahren bin ich clean unterwegs, aber gestern habe ich leider erst nach der Installation verstanden, dass VLC nicht ihr prägnantes Logo geändert haben, sondern dass ich auf eine Fakeseite reingefallen bin. Naja passiert, habe dann auch direkt diesen Thread hier im Forum gefunden: PUP Optional Startfenster

Ich habe gestern nach der Installation komplett den VLC-Player + Updater deinstalliert. Danach habe ich den Adwcleaner drüber laufen lassen und er hat "pup.optional.startfenster" gefunden und als Unerpunkt steht "Chrome-Suchanbieter - Websuche". Daraufhin habe ich den oben genannten Thread genutzt, um die Schritte abzuarbeiten. Ich muss aber dazu sagen, dass ich, als ich mir FRST nach diesem Thread runtergeladen habe, eine Meldung vom Windows Defender bekommen habe, das ein Trojaner drauf ist und HitmanPro hatte dann auch einen CoinMiner gefunden, der vorher nicht da war. Konnte aber beides direkt gelöscht werden.
Und bei FRST hatte ich nicht die Möglichkeit auf den Entfernen-Button zu klicken, wie im Thread erwähnt, da ich keinen Entfernen-Button hab. Nun gut, jetzt die Logdateien:

Adwcleanerlog:

Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build:    03-23-2022
# Database: 2022-08-22.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    09-15-2022
# Duration: 00:00:10
# OS:       Windows 10 Pro
# Scanned:  32100
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.StartFenster       Websuche

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [2211 octets] - [28/09/2020 09:41:06]
AdwCleaner[C00].txt - [2235 octets] - [28/09/2020 09:41:59]
AdwCleaner[S01].txt - [1527 octets] - [08/10/2020 07:43:27]
AdwCleaner[C01].txt - [1717 octets] - [08/10/2020 07:43:58]
AdwCleaner[S02].txt - [1649 octets] - [14/10/2020 08:39:11]
AdwCleaner[S03].txt - [1753 octets] - [11/11/2020 20:03:05]
AdwCleaner[C03].txt - [1923 octets] - [11/11/2020 20:05:57]
AdwCleaner[S04].txt - [1832 octets] - [13/11/2020 16:45:15]
AdwCleaner[S05].txt - [1893 octets] - [13/11/2020 17:37:01]
AdwCleaner[C05].txt - [2083 octets] - [13/11/2020 17:37:10]
AdwCleaner[S06].txt - [2077 octets] - [17/12/2020 13:23:45]
AdwCleaner[C06].txt - [2247 octets] - [17/12/2020 13:26:49]
AdwCleaner[S07].txt - [2137 octets] - [17/12/2020 14:45:15]
AdwCleaner[S08].txt - [2198 octets] - [16/06/2021 07:51:22]
AdwCleaner[C08].txt - [2388 octets] - [16/06/2021 07:51:34]
AdwCleaner[S09].txt - [2320 octets] - [09/07/2021 15:38:21]
AdwCleaner[S10].txt - [2381 octets] - [02/08/2021 12:05:55]
AdwCleaner[S11].txt - [2442 octets] - [25/08/2021 14:03:28]
AdwCleaner[C11].txt - [2632 octets] - [25/08/2021 14:03:44]
AdwCleaner[S12].txt - [2564 octets] - [01/10/2021 14:00:17]
AdwCleaner[S13].txt - [2625 octets] - [02/11/2021 07:13:24]
AdwCleaner[S14].txt - [2686 octets] - [27/11/2021 17:48:05]
AdwCleaner[C14].txt - [2876 octets] - [27/11/2021 17:48:34]
AdwCleaner[S15].txt - [2808 octets] - [19/12/2021 15:12:30]
AdwCleaner[S16].txt - [2869 octets] - [28/12/2021 11:41:21]
AdwCleaner[S17].txt - [2930 octets] - [04/01/2022 09:55:57]
AdwCleaner[S18].txt - [2991 octets] - [04/05/2022 18:24:59]
AdwCleaner[S19].txt - [3052 octets] - [22/05/2022 00:19:47]
AdwCleaner[S20].txt - [3113 octets] - [24/05/2022 11:09:15]
AdwCleaner[S21].txt - [3174 octets] - [07/08/2022 01:14:02]
AdwCleaner[S22].txt - [3235 octets] - [09/08/2022 13:40:52]
AdwCleaner[S23].txt - [3296 octets] - [26/08/2022 09:37:11]
AdwCleaner[S24].txt - [3568 octets] - [14/09/2022 22:04:14]
AdwCleaner[S25].txt - [3425 octets] - [14/09/2022 22:07:36]
AdwCleaner[S26].txt - [3486 octets] - [14/09/2022 22:10:29]
AdwCleaner[C26].txt - [3656 octets] - [14/09/2022 22:11:17]
AdwCleaner[S27].txt - [3608 octets] - [14/09/2022 22:12:32]
AdwCleaner[C27].txt - [3828 octets] - [14/09/2022 22:14:21]
AdwCleaner[S28].txt - [3730 octets] - [14/09/2022 22:15:14]
AdwCleaner[C28].txt - [3950 octets] - [14/09/2022 22:22:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S29].txt ##########
         
FRST-Log:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
durchgeführt von deniz (Administrator) auf DESKTOP-257JBJM (Micro-Star International Co., Ltd MS-7C02) (15-09-2022 07:23:11)
Gestartet von C:\Users\deniz\Downloads
Geladene Profile: deniz
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCopyAccelerator.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.2.0\ABService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18630280 2018-05-07] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH) [Datei ist nicht signiert]
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2021-07-26] (Adobe Inc. -> )
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126328160 2021-11-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2021-07-26] (Adobe Inc. -> )
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\deniz\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-09-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [E-MU USB Audio Control Panel] => C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe [319488 2010-11-11] (E-MU Systems) [Datei ist nicht signiert]
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [819888 2022-03-16] (OpenVPN Inc. -> )
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [GoogleChromeAutoLaunch_2BA8F60ECFBFE87EA407B9C5C6AAA578] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2860320 2022-09-02] (Google LLC -> Google LLC)
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [VLC Plus Player Updater] => C:\Users\deniz\AppData\Local\VLC Plus Player Updater\Updater.exe [208336 2022-09-14] (Aller Media e.K. -> ) <==== ACHTUNG
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\RunOnce: [FinalSetup] => C:\Windows\system32\url.dll [236032 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.102\Installer\chrmstp.exe [2022-09-03] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{F69213F0-C729-C1BC-6234-7B824B6A4267}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2019-09-04]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.) [Datei ist nicht signiert]
Startup: C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-04-27]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logseq.lnk [2022-02-28]
ShortcutTarget: Logseq.lnk -> C:\Users\deniz\AppData\Local\Logseq\Logseq.exe (Logseq) [Datei ist nicht signiert]
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {16D4A853-C52A-440C-AC51-39D6932133BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B180D2D-4F66-43A2-9B09-A611E2E2AC71} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CF365FB-CC13-4E77-B15F-2474D77210AC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {218E9418-E25B-469D-8DEE-C795DF124810} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D937FA0-5217-430E-8E42-C5164B413063} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1798280388-614632519-694548969-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4154248 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EAEF139-D504-49DC-9316-40D6F0339274} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1555696 2022-08-03] (Adobe Inc. -> Adobe Inc.)
Task: {3406F6AA-5FE9-4F0B-8BF6-A9A6D2B591BB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {389F1C54-917C-44F9-8025-13E240EA66D1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3ABC01A0-9F75-48F5-9DD5-E3B197D30294} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3853976 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FC53220-4F66-467D-8896-F9339FDB6AFA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {463D1D97-7B93-45C3-A249-276CD7D06FF0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {50BCB29F-37DA-48DD-84E1-C263CE26D5D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-01] (Google LLC -> Google LLC)
Task: {50CE9C55-D5F9-4596-8168-BC1F83CC4EA7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {54797F91-E73A-4F72-8238-6C0BF146B2DD} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {5AC70C13-3847-4383-9B61-AD20082905BD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 (Keine Datei)
Task: {5C0ADAB3-1D11-4A86-8EBF-642C23243D8E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Keine Datei)
Task: {725E0E1E-7415-451E-ACC3-7B314A7606CE} - System32\Tasks\RemoteDesktop\deniz\Remote Desktop Feed Refresh Task => C:\Users\deniz\AppData\Local\Apps\Remote Desktop\msrdcw.exe [9391536 2022-09-08] (Microsoft Corporation -> Microsoft)
Task: {802BA2E5-546E-422A-B1FF-D4B5F6426BE1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81DCB042-4368-43F8-A23C-D4372DE33FCC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Keine Datei)
Task: {8A87E267-9FEE-4D9C-87CA-537D22A07976} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92AF700C-FF02-4DDD-AE8D-25D7A0D7764F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A04C0A57-714B-458A-B61D-CF541760C52F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6B0D587-2D7D-424C-96CA-5DA37E917548} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {C563400F-AEB2-4364-85D4-642D3B4504B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {C94C309D-9961-411C-A983-6B8E337E62F4} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-06-22] (Microsoft Corporation -> Microsoft)
Task: {C9D8C7CB-7EEC-4A00-9C6C-7B62B6FC7754} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6601184 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD08136B-6E4C-4383-88B4-8DE5D84C1F1B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4154248 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D382437B-210B-4F1B-B705-3980C138172B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF15420D-E162-4D2C-B0B4-E35FD8D3D860} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {E0BD7ABC-3E5F-4E6C-ACA6-0CFE3930B46D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EA3FD7C6-53DC-4068-9803-FA01EA71B37F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB3FC06E-C806-4CB2-A19A-46B4469EF8D4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6601184 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBB99C66-5489-4B93-B087-C94F68EC8EFD} - System32\Tasks\VLC Plus Player Updater => C:\Users\deniz\AppData\Local\VLC [Argument = Plus Player Updater\Updater.exe]
Task: {ECC262FC-EDC8-4102-9637-C011A2D33F45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ECD56C44-27C3-4782-A016-77ADB0BBF15E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F97E8D4E-86DD-4C10-B0BE-4E8F952FB7F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-01] (Google LLC -> Google LLC)
Task: {FB3278B7-EC3E-451D-BF16-02E7AC2DB876} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{15ef4eb5-d39b-4e25-a3ff-9ebc0d8dc8e4}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5001967f-b754-4f3d-9ad2-4557837ef19e}: [DhcpNameServer] 172.25.0.1

Edge: 
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\deniz\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-30]

FireFox:
========
FF DefaultProfile: 8lgqry44.default
FF ProfilePath: C:\Users\deniz\AppData\Roaming\Mozilla\Firefox\Profiles\8lgqry44.default [2019-09-04]
FF ProfilePath: C:\Users\deniz\AppData\Roaming\Mozilla\Firefox\Profiles\j1rv7zsk.default-release-1571035822549 [2022-09-14]
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\deniz\AppData\Roaming\Mozilla\Firefox\Profiles\j1rv7zsk.default-release-1571035822549\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-25] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\deniz\AppData\Roaming\Mozilla\Firefox\Profiles\j1rv7zsk.default-release-1571035822549\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2022-08-10]
FF Extension: (ColorZilla) - C:\Users\deniz\AppData\Roaming\Mozilla\Firefox\Profiles\j1rv7zsk.default-release-1571035822549\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2020-08-02]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-09-08] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default [2022-09-15]
CHR Extension: (Rabby) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmacodkjbdgmoleebolmdjonilkdbch [2022-09-14]
CHR Extension: (Productor for Merch by Amazon) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\almiakmbepejhcjnfhhjkcfabeepefno [2022-09-14]
CHR Extension: (AMZ Suggestion Expander) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpeaihkccbeemkfefcapijechkbfjlhb [2022-08-31]
CHR Extension: (Productor for Merch by Amazon Autopilot) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\egacpbbnghmjilffefkeeeiodlijbbej [2022-08-09]
CHR Extension: (AMZSprout) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnhnioaedoaejmjcpjlniaonmiinnphh [2020-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (SeoStack Keyword Tool) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\labjajhkfjfncpiddbgdimcaldgeognn [2020-10-12]
CHR Extension: (Save to Notion) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmmifpegigmeammaeckplhnjbbpccmm [2022-09-13]
CHR Extension: (MetaMask) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-09-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-08-06]
CHR Extension: (Productor for Spreadshirt) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcleedpkdpfooafagigglockmighelee [2022-06-29]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172264 2022-08-03] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.2.0\ABService.exe [898216 2020-11-17] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12126112 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-05-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [25514952 2021-08-22] (FACE IT LIMITED -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncHelper.exe [3380624 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [224320 2022-08-19] (HP Inc. -> HP Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-05-07] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-14] (Malwarebytes Inc. -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.166.0807.0002\OneDriveUpdaterService.exe [3800976 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64176 2022-03-16] (OpenVPN Inc. -> The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2022-09-13] () [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1001736 2020-10-25] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [31248 2020-12-22] (AOMEI International Network Limited -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [12278776 2021-08-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-05-07] (Logitech Inc -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-05-07] (Logitech Inc -> Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-14] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2022-04-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2022-04-10] (WireGuard LLC -> WireGuard LLC)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-09-15 07:23 - 2022-09-15 07:23 - 000031163 _____ C:\Users\deniz\Downloads\FRST.txt
2022-09-15 07:23 - 2022-09-15 07:23 - 000000000 ____D C:\Users\deniz\Downloads\FRST-OlderVersion
2022-09-15 07:22 - 2022-09-15 07:23 - 002371072 _____ (Farbar) C:\Users\deniz\Downloads\FRST64.exe
2022-09-15 07:22 - 2022-09-15 07:23 - 000000000 ____D C:\FRST
2022-09-15 07:16 - 2022-09-15 07:21 - 000000000 ____D C:\Users\deniz\Desktop\vlc de problem
2022-09-15 07:16 - 2022-09-15 07:16 - 000000000 ____D C:\Users\deniz\AppData\Local\VLC Plus Player Updater
2022-09-15 07:15 - 2022-09-15 07:15 - 008551608 _____ (Malwarebytes) C:\Users\deniz\Desktop\adwcleaner.exe
2022-09-15 07:09 - 2022-09-15 07:09 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-09-14 22:21 - 2022-09-14 22:21 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-09-14 22:21 - 2022-09-14 22:21 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-09-14 22:21 - 2022-09-14 22:21 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-09-14 22:21 - 2022-09-14 22:21 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-09-14 22:21 - 2022-09-14 22:21 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-09-14 22:20 - 2022-09-14 22:20 - 002638472 _____ (Malwarebytes) C:\Users\deniz\Downloads\MBSetup.exe
2022-09-14 22:20 - 2022-09-14 22:20 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-14 18:43 - 2022-09-14 18:43 - 000003446 _____ C:\WINDOWS\system32\Tasks\VLC Plus Player Updater
2022-09-14 18:41 - 2022-09-14 18:41 - 000208336 _____ C:\Users\deniz\Desktop\vlc-setup-win64.exe
2022-09-14 15:50 - 2022-09-14 15:50 - 000108100 _____ C:\Users\deniz\Downloads\ZusammenfassungModul4PDF.pdf
2022-09-14 15:30 - 2022-09-14 15:30 - 000065901 _____ C:\Users\deniz\Downloads\aufgaben-python-modul-4.pdf
2022-09-14 14:48 - 2022-09-14 14:48 - 004038961 _____ C:\Users\deniz\Downloads\Der_schnelle_Einstieg_in_Python.pdf
2022-09-14 08:57 - 2022-09-14 08:57 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-14 08:57 - 2022-09-14 08:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-14 08:57 - 2022-09-14 08:57 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-14 08:57 - 2022-09-14 08:57 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-09-14 08:57 - 2022-09-14 08:57 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-14 08:53 - 2022-09-14 08:53 - 000000000 ___HD C:\$WinREAgent
2022-09-12 18:35 - 2022-09-12 18:35 - 000000000 ____D C:\Users\deniz\AppData\Roaming\com.adobe.dunamis
2022-09-12 18:19 - 2022-09-12 18:19 - 000000222 _____ C:\Users\deniz\Desktop\They Bleed Pixels.url
2022-09-12 16:58 - 2022-09-12 16:58 - 000051670 _____ C:\Users\deniz\Downloads\aufgaben-python-modul-3.pdf
2022-09-12 16:07 - 2022-09-12 16:07 - 003341960 _____ C:\Users\deniz\Downloads\Mr. President - Simbaleo (1999)-MP4.m4a
2022-09-11 11:33 - 2022-09-11 12:07 - 100394708 _____ C:\Users\deniz\Desktop\CarlaFlyer.psd
2022-09-11 10:38 - 2022-09-11 10:38 - 025833863 _____ C:\Users\deniz\Downloads\Pizza Flyer Images-20220911T083805Z-001.zip
2022-09-11 10:38 - 2022-09-11 10:38 - 000000000 ____D C:\Users\deniz\Downloads\Pizza Flyer Images-20220911T083805Z-001
2022-09-10 11:00 - 2022-09-10 11:00 - 000000000 ____D C:\Users\deniz\AppData\Local\pip
2022-09-10 10:59 - 2022-09-10 10:59 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.10
2022-09-10 10:59 - 2022-09-10 10:59 - 000000000 ____D C:\Users\deniz\AppData\Local\Package Cache
2022-09-10 10:58 - 2022-09-10 10:58 - 000000101 _____ C:\Users\deniz\.gitconfig
2022-09-10 10:58 - 2022-09-10 10:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2022-09-10 10:58 - 2022-09-10 10:58 - 000000000 ____D C:\Program Files\Git
2022-09-10 10:49 - 2022-09-14 16:27 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Code
2022-09-10 10:49 - 2022-09-13 19:25 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2022-09-10 10:49 - 2022-09-10 10:49 - 028953568 _____ (Python Software Foundation) C:\Users\deniz\Downloads\python-3.10.7-amd64.exe
2022-09-10 10:49 - 2022-09-10 10:49 - 000001400 _____ C:\Users\deniz\Desktop\Visual Studio Code.lnk
2022-09-10 10:49 - 2022-09-10 10:49 - 000000000 ____D C:\Users\deniz\.vscode
2022-09-10 10:48 - 2022-09-10 10:48 - 049375864 _____ (The Git Development Community ) C:\Users\deniz\Downloads\Git-2.37.3-64-bit.exe
2022-09-08 13:19 - 2022-09-08 13:19 - 000000000 ____D C:\Users\deniz\AppData\LocalLow\StoneLantern
2022-09-08 09:37 - 2022-09-08 09:37 - 000000223 _____ C:\Users\deniz\Desktop\Evergate Ki's Awakening.url
2022-09-07 14:21 - 2022-09-07 19:50 - 000000000 ____D C:\Users\deniz\Desktop\LauraArmandoFotos
2022-09-07 14:07 - 2022-09-07 16:31 - 000000000 ___RD C:\Users\deniz\Dropbox
2022-09-07 14:06 - 2022-09-07 14:07 - 000000000 ____D C:\Users\deniz\AppData\Roaming\DropboxElectron
2022-09-07 14:04 - 2022-09-07 14:04 - 000655232 _____ (Dropbox, Inc.) C:\Users\deniz\Downloads\DropboxInstaller.exe
2022-09-07 10:46 - 2022-09-07 19:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-09-07 08:16 - 2022-09-07 08:16 - 000000000 ____D C:\Users\deniz\Downloads\vecteezy_world-diabetes-day-logo-or-banner-with-blood-on-finger-and-glucosure-autocode-illustration_1520184
2022-09-07 08:16 - 2022-09-07 08:16 - 000000000 ____D C:\Users\deniz\Downloads\vecteezy_world-diabetes-day-logo-or-banner-with-blood-drop-on-finger-illustration_1778011
2022-09-07 08:16 - 2022-09-07 08:16 - 000000000 ____D C:\Users\deniz\Downloads\vecteezy_world-diabetes-day-concept-in-flat-design_3316765
2022-09-05 14:18 - 2022-09-05 14:18 - 000049536 _____ (Python Software Foundation) C:\WINDOWS\pyshellext.amd64.dll
2022-09-05 14:17 - 2022-09-05 14:17 - 000736640 _____ (Python Software Foundation) C:\WINDOWS\pyw.exe
2022-09-05 14:17 - 2022-09-05 14:17 - 000736128 _____ (Python Software Foundation) C:\WINDOWS\py.exe
2022-08-31 08:39 - 2022-08-31 08:39 - 000000223 _____ C:\Users\deniz\Desktop\Greak Memories of Azur.url
2022-08-30 13:59 - 2022-08-30 13:59 - 000000000 ____D C:\Users\deniz\AppData\Local\Unbound
2022-08-30 12:59 - 2022-08-30 12:59 - 000000222 _____ C:\Users\deniz\Desktop\Unbound Worlds Apart.url
2022-08-23 18:08 - 2022-08-23 18:08 - 000020458 _____ C:\Users\deniz\Downloads\abmeldung_bmg.pdf
2022-08-22 14:20 - 2022-08-22 14:20 - 000000896 _____ C:\Users\deniz\Desktop\WiseTransaktionen8.csv
2022-08-22 14:16 - 2022-08-22 14:19 - 000010401 _____ C:\Users\deniz\Desktop\WiseTransaktionen8.xlsx
2022-08-18 20:46 - 2022-08-18 20:46 - 000000000 ____D C:\ESD
2022-08-18 20:45 - 2022-08-18 20:45 - 000000000 ___HD C:\$Windows.~WS
2022-08-18 20:45 - 2022-08-18 20:45 - 000000000 ____D C:\$WINDOWS.~BT

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-09-15 07:20 - 2020-12-22 13:08 - 000000104 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2022-09-15 07:20 - 2020-12-22 13:06 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2022-09-15 07:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-15 07:20 - 2019-09-03 22:38 - 000000000 ____D C:\ProgramData\NVIDIA
2022-09-15 07:17 - 2021-09-08 15:22 - 000000000 ____D C:\Users\deniz\AppData\Local\rdclientwpf
2022-09-15 07:17 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-15 07:17 - 2019-09-04 06:53 - 000000000 ____D C:\Users\deniz\AppData\LocalLow\Mozilla
2022-09-15 07:16 - 2020-12-18 18:29 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-15 07:16 - 2019-12-07 16:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2022-09-15 07:16 - 2019-12-07 16:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2022-09-15 07:15 - 2022-02-28 10:15 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Logseq
2022-09-15 07:11 - 2020-06-06 23:28 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-15 07:10 - 2020-12-15 10:55 - 000000000 ___RD C:\Users\deniz\iCloudDrive
2022-09-15 07:09 - 2020-09-27 09:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-15 07:09 - 2020-08-13 19:29 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-15 07:09 - 2019-10-24 13:00 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-09-14 23:13 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-09-14 23:11 - 2020-09-27 07:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-14 22:21 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-09-14 22:20 - 2020-12-18 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-09-14 22:10 - 2019-09-04 06:52 - 000000000 ____D C:\Program Files (x86)\Steam
2022-09-14 20:23 - 2021-06-14 07:51 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Notion
2022-09-14 19:52 - 2020-10-14 19:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-09-14 17:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-14 17:21 - 2020-09-27 07:33 - 000515040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-14 17:20 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-14 11:44 - 2022-02-09 10:40 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-14 11:36 - 2019-12-07 16:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-09-14 09:06 - 2020-04-30 13:28 - 000000000 ____D C:\ProgramData\Riot Games
2022-09-14 08:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-14 08:57 - 2020-09-27 09:35 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-14 08:57 - 2019-09-03 22:33 - 000000000 ____D C:\Users\deniz\Documents\Outlook-Dateien
2022-09-14 08:49 - 2019-09-04 11:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-14 08:47 - 2019-09-04 11:07 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-14 06:34 - 2019-09-04 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2022-09-13 20:16 - 2021-09-24 07:41 - 000000000 ____D C:\Users\deniz\AppData\Roaming\discord
2022-09-13 20:11 - 2021-09-24 07:40 - 000000000 ____D C:\Users\deniz\AppData\Local\Discord
2022-09-13 18:29 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-13 16:07 - 2022-08-07 10:49 - 000001047 _____ C:\Users\Public\Desktop\Remote Mouse.lnk
2022-09-13 16:07 - 2022-08-07 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2022-09-13 16:07 - 2022-08-07 10:49 - 000000000 ____D C:\Program Files (x86)\Remote Mouse
2022-09-13 16:07 - 2019-09-05 20:47 - 000000000 ____D C:\Users\deniz\AppData\Local\CrashDumps
2022-09-13 00:07 - 2019-12-16 00:49 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Sky Go
2022-09-12 23:08 - 2021-09-13 12:10 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Anki2
2022-09-12 18:33 - 2021-11-23 18:57 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-09-12 18:33 - 2021-11-23 18:57 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-09-12 18:33 - 2020-12-18 18:29 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-09-12 16:22 - 2019-09-03 22:27 - 000000000 ____D C:\Users\deniz\AppData\Local\Packages
2022-09-12 14:37 - 2019-09-03 22:52 - 000000000 ____D C:\Users\deniz\AppData\Local\D3DSCache
2022-09-11 14:07 - 2022-02-09 17:21 - 000000000 ____D C:\Users\deniz\Desktop\bilder
2022-09-11 00:12 - 2022-06-11 00:16 - 000001042 _____ C:\Users\deniz\Desktop\Sky Go.lnk
2022-09-11 00:12 - 2022-06-11 00:16 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky
2022-09-10 10:59 - 2019-09-03 22:38 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-10 10:58 - 2020-12-18 18:24 - 000000000 ____D C:\Users\deniz
2022-09-10 09:56 - 2020-09-27 09:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-09 20:07 - 2021-09-08 15:22 - 000002464 _____ C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Remote Desktop.lnk
2022-09-09 20:07 - 2021-09-08 15:22 - 000000000 ____D C:\Users\deniz\AppData\Local\Apps\Remote Desktop
2022-09-08 14:50 - 2019-09-04 16:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-09-07 19:43 - 2019-09-04 06:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-09-07 14:04 - 2021-10-09 20:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-09-07 14:04 - 2019-09-04 06:53 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-09-07 09:31 - 2020-08-13 19:01 - 000002364 _____ C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-09-07 09:31 - 2020-08-13 19:01 - 000002356 _____ C:\Users\deniz\Desktop\Microsoft Teams.lnk
2022-09-07 06:51 - 2020-09-27 09:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-09-06 16:13 - 2020-12-18 21:36 - 000149631 ____H C:\Users\deniz\AppData\Local\IconCache.db.backup
2022-09-04 18:24 - 2020-12-17 10:22 - 000000000 ____D C:\Users\deniz\AppData\Roaming\WhatsApp
2022-09-03 21:35 - 2020-09-01 17:33 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-03 21:35 - 2020-09-01 17:33 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-03 00:13 - 2022-04-13 06:56 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-09-02 12:39 - 2022-04-11 16:49 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1798280388-614632519-694548969-1001
2022-09-02 12:39 - 2022-04-10 14:25 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-09-02 12:39 - 2022-04-10 14:25 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-01 14:45 - 2020-12-17 10:22 - 000000000 ____D C:\Users\deniz\AppData\Local\WhatsApp
2022-08-31 08:40 - 2020-08-02 18:55 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Bitwarden
2022-08-30 07:30 - 2020-12-18 18:29 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 07:30 - 2020-12-18 18:29 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-24 15:59 - 2021-09-24 07:41 - 000002227 _____ C:\Users\deniz\Desktop\Discord.lnk
2022-08-23 20:14 - 2022-03-29 10:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-08-23 20:14 - 2021-09-11 15:50 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-08-23 13:36 - 2020-12-18 18:29 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-23 07:41 - 2020-09-27 09:35 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-23 07:41 - 2020-09-27 09:35 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-18 21:34 - 2020-12-18 17:52 - 000000000 ___DC C:\WINDOWS\Panther

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-08-02 13:22 - 2021-08-19 11:16 - 000004294 _____ () C:\Users\deniz\AppData\Roaming\SpeedRunnersLog.txt
2020-10-14 20:26 - 2020-10-14 20:26 - 000000000 _____ () C:\Users\deniz\AppData\Local\oobelibMkey.log
2020-03-19 10:50 - 2020-03-19 10:50 - 000000837 _____ () C:\Users\deniz\AppData\Local\recently-used.xbel
2021-07-26 16:31 - 2021-07-26 16:31 - 000007605 _____ () C:\Users\deniz\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
Die restlichen Logs kommen unter diesem Beitrag. Danke für jede Hilfe!

Alt 15.09.2022, 09:37   #2
Enanta
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



FRST-Addition-Log:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-08-2022
durchgeführt von deniz (15-09-2022 07:24:32)
Gestartet von C:\Users\deniz\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) (2020-12-18 16:30:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-1798280388-614632519-694548969-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1798280388-614632519-694548969-503 - Limited - Disabled)
deniz (S-1-5-21-1798280388-614632519-694548969-1001 - Administrator - Enabled) => C:\Users\deniz
Gast (S-1-5-21-1798280388-614632519-694548969-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1798280388-614632519-694548969-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 22.002.20212 - Adobe)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_6) (Version: 17.6 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.0.0.11 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_1) (Version: 9.1 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_3) (Version: 13.1.3 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601013}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.3.5 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2}) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
Anki (HKLM-x32\...\Anki) (Version: 2.1.47 - )
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version:  - AOMEI Technology Co., Ltd.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitwarden (HKLM\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 1.32.1 - Bitwarden Inc.)
Bitwarden (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 2022.8.1 - Bitwarden Inc.)
Cableguys HalfTime 1.0.1 (HKLM\...\HalfTime_is1) (Version: 1.0.1 - Cableguys)
Discord (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
E-MU USB Audio (HKLM-x32\...\{1C99893D-BC98-4456-AA3E-B67AB42301A6}) (Version: 1.1 - )
FACEIT (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\FACEIT) (Version: 1.31.5 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Flying Upload version Chapter 2 (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\{23DFEFB8-55E1-4E48-96CB-6BB00990588B}_is1) (Version: Chapter 2 - Bavaria2TM UG)
Git (HKLM\...\Git_is1) (Version: 2.37.3 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 105.0.5195.102 - Google LLC)
Helm (HKLM\...\{971514BD-7CC3-414F-9258-B79E6D53EC46}) (Version: 0.9.0.0 - Matt Tytel)
HWiNFO64 Version 7.06 (HKLM\...\HWiNFO64_is1) (Version: 7.06 - Martin Malik - REALiX)
iCloud Outlook (HKLM\...\{58EF239A-565E-4854-9769-DE7BB82ED781}) (Version: 11.4.0.12 - Apple Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LazyMerch (HKLM-x32\...\{6F331B47-2567-42BD-9195-1861FA35893B}) (Version: 4.0.0.415 - root)
League of Legends (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech Gaming Software 9.00 (HKLM\...\Logitech Gaming Software) (Version: 9.00.42 - Logitech Inc.)
Logseq (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Logseq) (Version: 0.6.1 - Logseq)
Malwarebytes version 4.5.14.210 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.14.210 - Malwarebytes)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Mendeley Reference Manager 2.71.0 (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\b4b58389-01e4-5dfd-9842-aad36733657a) (Version: 2.71.0 - Mendeley)
Microsoft .NET Framework 4.7.1 Targeting Pack (HKLM-x32\...\{5686C5E9-A3B3-451E-A2EA-4C246CDE5CC9}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Developer Pack (HKLM-x32\...\{e2b3431b-3f10-4f53-abdd-d3ff3feaa1ad}) (Version: 4.7.3081 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 SDK (HKLM-x32\...\{F42C96C1-746B-442A-B58C-9F0FD5F3AB8A}) (Version: 4.7.03081 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 Targeting Pack (ENU) (HKLM-x32\...\{B517DBD3-B542-4FC8-9957-FFB2C3E65D1D}) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.15601.20088 - Microsoft Corporation)
Microsoft Access MUI (German) 2013 (HKLM-x32\...\{90150000-0015-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.33 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.33 - Microsoft Corporation)
Microsoft Excel MUI (German) 2013 (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (HKLM-x32\...\{90150000-0044-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (HKLM\...\{90150000-002A-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (HKLM-x32\...\{90150000-00E1-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (HKLM-x32\...\{90150000-00E2-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (German) 2013 (HKLM-x32\...\{90150000-002C-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (HKLM\...\{90150000-002A-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.166.0807.0002 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Teams (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Teams) (Version: 1.5.00.21668 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2019 Tools for Unity (HKLM-x32\...\{D4839185-0878-491F-B9E3-B01DC1EA50F9}) (Version: 4.6.1.0 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.71.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.6.2035.522 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{FB35CE7A-61B3-4229-9EA5-70A5D9110DE5}) (Version: 2.6.2109.55756 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{6DDEEF4C-BB84-4B59-9335-EAFB932B4521}) (Version: 2.6.2109.55756 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 104.0.2 (x64 de)) (Version: 104.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
Notion 2.0.29 (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.29 - Notion Labs, Inc)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 512.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.15601.20064 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.5.6-I601 amd64 (HKLM\...\{F69213F0-C729-C1BC-6234-7B824B6A4267}) (Version: 2.5.029 - OpenVPN, Inc.)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von "Doc Redirected"-Zielversionen von Microsoft .NET Framework 4.7.1 (Deutsch) (HKLM-x32\...\{5B970BE4-A2F2-41BD-8B91-FEA8DAA1DB9B}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Python 3.10.7 (64-bit) (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\{c62ef944-a7c9-4646-9fc7-d9e658defc1f}) (Version: 3.10.7150.0 - Python Software Foundation)
Python 3.10.7 Core Interpreter (64-bit) (HKLM\...\{D4C83865-A602-4834-8390-B094CAF22F71}) (Version: 3.10.7150.0 - Python Software Foundation) Hidden
Python 3.10.7 Development Libraries (64-bit) (HKLM\...\{C9D65557-5B19-4B9B-860E-4E5477F9B10A}) (Version: 3.10.7150.0 - Python Software Foundation) Hidden
Python 3.10.7 Documentation (64-bit) (HKLM\...\{51EC70CA-6E66-499A-B7F7-94912F3EA381}) (Version: 3.10.7150.0 - Python Software Foundation) Hidden
Python 3.10.7 Executables (64-bit) (HKLM\...\{CE8E4C24-9C7B-447B-B974-CD8236BE09B9}) (Version: 3.10.7150.0 - Python Software Foundation) Hidden
Python 3.10.7 pip Bootstrap (64-bit) (HKLM\...\{30C9588C-5E1D-479E-988A-DA38CADFA384}) (Version: 3.10.7150.0 - Python Software Foundation) Hidden
Python 3.10.7 Standard Library (64-bit) (HKLM\...\{08D7A4E8-F704-409B-A676-457432DA3248}) (Version: 3.10.7150.0 - Python Software Foundation) Hidden
Python 3.10.7 Tcl/Tk Support (64-bit) (HKLM\...\{7BB23EC2-FD76-4BDB-813C-3EEFBB7FD3D9}) (Version: 3.10.7150.0 - Python Software Foundation) Hidden
Python 3.10.7 Test Suite (64-bit) (HKLM\...\{099B73AD-9E34-4ADF-B982-7E3A75610CA6}) (Version: 3.10.7150.0 - Python Software Foundation) Hidden
Python 3.10.7 Utility Scripts (64-bit) (HKLM\...\{E1A1200C-5CC4-404B-BF93-E33C463963CD}) (Version: 3.10.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{96BFBDD2-78C9-42B5-9893-FABA2BB527C4}) (Version: 3.10.7917.0 - Python Software Foundation)
Remote Mouse version 4.500 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 4.500 - Remote Mouse)
Remotedesktop (HKLM\...\{BCDCE018-457F-4F56-B292-D53D704F8723}) (Version: 1.2.3496.0 - Microsoft Corporation)
ROCCAT  KoneXTD Driver (HKLM\...\{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.21.001 - Roccat GmbH) Hidden
ROCCAT  KoneXTD Driver (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.21.001 - Roccat GmbH)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0015 - Roccat GmbH)
Sky Go 22.8.1.0 (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\com.bskyb.skygoplayer_is1) (Version: 22.8.1.0 - Sky)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
tax 2020 (HKLM-x32\...\{911206AE-A132-4258-8DE2-E2A76971EFE6}) (Version: 27.14.2810 - Buhl Data Service GmbH)
tax 2021 (HKLM-x32\...\{1B029679-D87C-44BC-B894-D579FD7CA963}) (Version: 28.10.2720 - Buhl Data Service GmbH)
tax 2022 (HKLM-x32\...\{B25B40FF-36D8-4AF3-AFB8-491AB11B658B}) (Version: 29.08.3260 - Buhl Data Service GmbH)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.32771 - Microsoft Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.6.1 - Telegram FZ-LLC)
Tools for .Net 3.5 - DEU Lang Pack (HKLM-x32\...\{13BD574A-7F41-420A-B486-7A2D4CEB7F3B}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Tools for .Net 3.5 (HKLM-x32\...\{1690CE56-2231-4E59-9006-A0876D949EA8}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
Visual Studio Community 2019 (HKLM-x32\...\477389ed) (Version: 16.6.30204.135 - Microsoft Corporation)
VLC Plus Player Updater (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\AM VLC Plus Player Updater) (Version: 1.0.6 - ) <==== ACHTUNG
vs_communitymsi (HKLM-x32\...\{2CCEC45B-1462-4FFD-8214-90E3C25000F7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{A90E107F-D024-4EEC-A6F4-9E2858B4E506}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{7A991159-9069-471D-B85F-89B1E4E66822}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{16E73A5A-339C-4177-A0BD-04278C06625C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{C8E7C1FC-925C-4163-BAB3-769E6C7961D2}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{DA7AB063-D1A3-4D5A-8221-598ACF4574B4}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6691EA7F-A585-4A9A-A6A9-160CEB236393}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{5F2E2347-2042-4340-BBDD-262BB1791EC7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{B3BDDC31-5C64-47F0-A25C-DB5032C62279}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
WhatsApp (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\WhatsApp) (Version: 2.2230.15 - WhatsApp)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\ZoomUMX) (Version: 5.10.7 (6120) - Zoom Video Communications, Inc.)

Packages:
=========
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_138.2.414.0_x64__v10z8vjag6ke6 [2022-09-08] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa [2022-08-07] (Apple Inc.) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-03] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-18] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-16] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-17] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0 [2022-09-09] (Spotify AB) [Startup Task]

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1798280388-614632519-694548969-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\deniz\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22209.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1798280388-614632519-694548969-1001_Classes\CLSID\{36A59EC1-CEF4-4932-BDC3-D24B1E0C9C6D} -> [iCloud Drive] => C:\Users\deniz\iCloudDrive [2020-12-15 10:55]
CustomCLSID: HKU\S-1-5-21-1798280388-614632519-694548969-1001_Classes\CLSID\{9E2A2D5A-6C78-47FF-BBEE-F8B1D5FBD4EB} -> [iCloud-Fotos] => C:\Users\deniz\Pictures\iCloud Photos\Photos [2020-12-16 15:40]
CustomCLSID: HKU\S-1-5-21-1798280388-614632519-694548969-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\deniz\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1798280388-614632519-694548969-1001_Classes\CLSID\{D41C51E3-41F5-4622-92C6-F12196B88A74} -> [iCloud-Fotos] => C:\Users\deniz\Pictures\iCloud Photos\Photos [2020-12-16 15:40]
CustomCLSID: HKU\S-1-5-21-1798280388-614632519-694548969-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-09-14] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncShell64.dll [2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\nvshext.dll [2022-06-03] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-09-14] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2020-12-18 18:24 - 2020-12-18 18:24 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2022-04-10 14:21 - 2022-04-10 14:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2022-04-10 14:21 - 2022-04-10 14:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2019-09-05 13:15 - 2021-05-20 12:18 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-09-05 13:15 - 2021-05-20 12:18 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2019-09-05 13:15 - 2021-05-20 12:18 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-08-11 22:26 - 2021-05-20 12:18 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-08-11 22:26 - 2021-05-20 12:18 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-08-11 22:26 - 2021-05-20 12:18 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-08-11 22:26 - 2021-05-20 12:18 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-08-11 22:26 - 2021-05-20 12:18 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-08-11 22:26 - 2021-05-20 12:18 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\Users\deniz\Desktop\LX-12177.jpg:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\deniz\Desktop\LX-12183.jpg:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\deniz\Desktop\LX-12185.jpg:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\deniz\Desktop\LX-13004.jpg:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kein Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-08] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\sharepoint.com -> hxxps://bkwuv-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2020-10-14 09:54 - 2020-10-14 09:54 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Java\jdk-14.0.1\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.2.0;C:\Program Files\Git\cmd
HKU\S-1-5-21-1798280388-614632519-694548969-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\deniz\Pictures\SpaceWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\StartupApproved\Run: => "Windscribe"
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\StartupApproved\Run: => "E-MU USB Audio Control Panel"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{9866063F-47D2-40BD-B765-8F0A6098CEB0}C:\program files (x86)\ubisoft\ubisoft game launcher\games\hyper scape\hyperscape.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\hyper scape\hyperscape.exe => Keine Datei
FirewallRules: [TCP Query User{B37456E7-E208-4D4D-8737-F73A38E6C6B2}C:\program files (x86)\ubisoft\ubisoft game launcher\games\hyper scape\hyperscape.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\hyper scape\hyperscape.exe => Keine Datei
FirewallRules: [{5A0A6442-D39A-4E13-A2F0-B9E50BD7CE22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{367443C0-4621-4FA4-A7B7-9AE6981CB9C1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A9DACA95-4A5A-4D37-AC29-0A1EBEE36931}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{606B45C6-75CE-4174-B3C2-4B68F9414021}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{B534049C-72A8-4794-8DDC-056D4CB493A0}C:\program files (x86)\steam\steamapps\common\unfortunate spacemen\unfortunatespacemen\binaries\win64\unfortunatespacemen-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\unfortunate spacemen\unfortunatespacemen\binaries\win64\unfortunatespacemen-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{3E579A23-0D80-4C5E-A62D-B6C78C2DD2D7}C:\program files (x86)\steam\steamapps\common\unfortunate spacemen\unfortunatespacemen\binaries\win64\unfortunatespacemen-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\unfortunate spacemen\unfortunatespacemen\binaries\win64\unfortunatespacemen-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{E7462AD7-D66F-4D72-BF67-E66C6DF47D9B}C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A532B4F0-15CB-4611-A8AE-DDFFF2C7E24B}C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{265ECFC1-C11E-416D-98E3-2A56C91E0A26}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Keine Datei
FirewallRules: [TCP Query User{7D057E8A-C753-4526-96E6-273A955648A3}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Keine Datei
FirewallRules: [{C3716D26-D3CA-4206-A43C-3AE494E291A4}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => Keine Datei
FirewallRules: [UDP Query User{5D1B8DB7-518E-445D-AA0D-F07E67009288}C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe => Keine Datei
FirewallRules: [TCP Query User{06C6DE90-CDA2-4BE5-9D7D-2739A7E02DE4}C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe => Keine Datei
FirewallRules: [UDP Query User{47FAFA26-6558-4E51-B3D0-19C8597E7266}C:\program files (x86)\magenta_tv_mobil_web_plugin\webtvplugin\magentatv_mobil_player.exe] => (Allow) C:\program files (x86)\magenta_tv_mobil_web_plugin\webtvplugin\magentatv_mobil_player.exe => Keine Datei
FirewallRules: [TCP Query User{A1AF386B-35C5-47A2-A8EC-EAA708008182}C:\program files (x86)\magenta_tv_mobil_web_plugin\webtvplugin\magentatv_mobil_player.exe] => (Allow) C:\program files (x86)\magenta_tv_mobil_web_plugin\webtvplugin\magentatv_mobil_player.exe => Keine Datei
FirewallRules: [UDP Query User{FA0A57BF-DB96-45BC-86A9-169974E0046B}C:\users\deniz\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe] => (Allow) C:\users\deniz\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe => Keine Datei
FirewallRules: [TCP Query User{AA2C13FF-3BEB-4A8F-A5A5-C293BF0F3C2A}C:\users\deniz\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe] => (Allow) C:\users\deniz\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe => Keine Datei
FirewallRules: [UDP Query User{433192BA-564E-45E8-8DD8-3716E9B7526B}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [TCP Query User{2139FE77-A9C1-4B8B-B44B-65DB97E7FA53}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [UDP Query User{F28987D0-2CEA-486A-9C88-07C379012B1B}C:\program files\epic games\thestanleyparable\stanley.exe] => (Allow) C:\program files\epic games\thestanleyparable\stanley.exe => Keine Datei
FirewallRules: [TCP Query User{095AB348-CA6B-42D2-A603-DB926AAF16D3}C:\program files\epic games\thestanleyparable\stanley.exe] => (Allow) C:\program files\epic games\thestanleyparable\stanley.exe => Keine Datei
FirewallRules: [UDP Query User{8DFEEE2E-132A-407C-822F-9A0FCB920D60}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [TCP Query User{F56CEDF6-0F68-412A-97B3-F4E497E82ECC}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [{9DA60388-7CC9-4E77-9C6E-48965600722B}] => (Block) C:\Program Files (x86)\Image-Line\FL Studio 20\FL64.exe (Image Line -> Image-Line)
FirewallRules: [{D99BC8D7-0CA2-4873-BD3D-CDF5462E24C1}] => (Block) C:\Program Files (x86)\Image-Line\FL Studio 20\FL64.exe (Image Line -> Image-Line)
FirewallRules: [{2FA914F3-76BD-4E0B-ADF8-D9A9398FB932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Settlers 7 - History Edition\Data\Base\Bin\Settlers7R.exe => Keine Datei
FirewallRules: [{6CDEEC1B-F148-47C0-849C-B154E6B83BB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Settlers 7 - History Edition\Data\Base\Bin\Settlers7R.exe => Keine Datei
FirewallRules: [UDP Query User{071F19D0-6BF1-44A6-9A20-F0333840241A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{127C1E51-D4FF-460E-BCAA-B05F24F8E255}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{DC0E85D9-0B83-4F84-87CD-F7526B6D409F}] => (Allow) C:\Program Files (x86)\Origin Games\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe => Keine Datei
FirewallRules: [{CD37C26C-7FE5-4F5F-B34B-01A100669E31}] => (Allow) C:\Program Files (x86)\Origin Games\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe => Keine Datei
FirewallRules: [{A8BC5F92-0DC1-41D4-99F0-63D568B2CF27}] => (Allow) C:\Program Files (x86)\Origin Games\AWayOut\Haze1\Binaries\Win64\AWayOut.exe => Keine Datei
FirewallRules: [{C7A99256-AFDE-49AE-89FA-7480E67B3182}] => (Allow) C:\Program Files (x86)\Origin Games\AWayOut\Haze1\Binaries\Win64\AWayOut.exe => Keine Datei
FirewallRules: [{9DF4C553-1187-44AC-B20B-1FB7D7B4FD56}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CED4EDC8-E72F-45C8-8183-DB954C1B5B22}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{83F7BAE5-D4AE-46B6-88D8-8E15F5684470}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{32E16DB3-949C-4465-A8BD-FC13BE3DAE2F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{311F6DC6-EB73-4E0A-AD82-03BA981AED37}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => Keine Datei
FirewallRules: [TCP Query User{65E63CD6-CDFA-497B-AE3E-FC988C876B1A}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => Keine Datei
FirewallRules: [{F7201D14-728B-4593-9DB3-AAE02E8B83D9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9E09189F-0B26-4AD7-8AA4-CBE838AE54BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D4C6239C-8E0F-4EA5-8846-F199FF098BAB}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [Datei ist nicht signiert]
FirewallRules: [{340D8272-260D-4E95-9DDA-36B04A2BD16B}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [Datei ist nicht signiert]
FirewallRules: [{BEB3B746-D117-407D-B246-AF3977583219}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [Datei ist nicht signiert]
FirewallRules: [{6AC3210D-7868-46C1-8A47-D8EA9D9682C2}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{E57B38F8-FDF9-47DE-9C73-21FEEA4D3F62}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Keine Datei
FirewallRules: [TCP Query User{86DE4A98-37D3-41C9-9CBC-6E573BE86E21}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Keine Datei
FirewallRules: [{5FD2E807-0792-4EFC-A02A-06A0A6ECBCBA}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Keine Datei
FirewallRules: [{69F403AB-020D-4C10-9AC7-E70CFAEB8F54}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Keine Datei
FirewallRules: [UDP Query User{7FC72D93-0672-4DBC-A700-24E39C4283C8}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Keine Datei
FirewallRules: [TCP Query User{069B1096-A2F3-4276-B238-47398F474FAB}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Keine Datei
FirewallRules: [UDP Query User{B4302425-5911-44CD-B5FB-7C2FD69FE0A3}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Keine Datei
FirewallRules: [TCP Query User{A5F912C0-FDEA-4CFF-B68F-9D047CD71080}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Keine Datei
FirewallRules: [{ED8CF129-7983-4845-8C0A-AAC3AEACCEBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{0C6939C2-5F8B-4515-803E-C3DA06FC2422}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{3C3978A2-5508-43DA-94FC-5974D4C51D36}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe => Keine Datei
FirewallRules: [TCP Query User{A95CCD05-36F3-407C-8C87-EFC7500164B3}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe => Keine Datei
FirewallRules: [UDP Query User{6E0B3C83-BA6C-4189-84A2-AAAF6C2FB8BC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{4AE5708B-5F61-4646-BC18-ACD325E9D053}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{ADCA2C3C-F9AD-4C93-899F-F6926F4F7E38}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{E792540E-893B-4FA0-8A1E-4E055FA68421}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{F56E8727-FD69-45B5-8BE6-CCE91C1FFB5C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F694F11D-E9DB-4576-BF0A-56096F1BA0B0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C0AFC7B5-761F-4EC3-ACBF-B280D22FA578}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B01C0803-F7B4-49FB-BD81-F31C78514A79}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{61E63A23-07A5-4C90-87D8-A803463B80E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3E29BEE-30F2-474C-9651-3D76845EEDD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A2CC7FD7-CF5A-454D-ACA7-6C1F18A889A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0191CBC3-8784-4A9F-A590-55B049A36480}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EDB672CC-7317-4C18-9E1E-443A1A3EDF65}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EA793947-931D-4E28-B9B4-197BE6D6B4AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CD7E7A04-38D8-4C85-A67B-C287291A25A9}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => Keine Datei
FirewallRules: [{2EEBBD7E-1560-4234-A072-8F2AF6B3789C}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => Keine Datei
FirewallRules: [{333DEEB8-3177-46CA-90AF-69F9295D813D}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe => Keine Datei
FirewallRules: [{0AB8A00F-26F0-4D9F-83A0-EC84A07E2AFE}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe => Keine Datei
FirewallRules: [TCP Query User{DBAB180C-42D2-4E9B-AA29-36D805A5270E}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [UDP Query User{A696F3CD-CD8B-4610-9B33-FC09A9689398}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [{D0D43DEE-09F2-4731-BBBE-EBB6DC4A63DA}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => Keine Datei
FirewallRules: [{10FB9A50-C6E7-4445-B591-C60E3B5A6C8B}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => Keine Datei
FirewallRules: [{0C93AC24-3A48-4915-B9FC-7D52B8D6220C}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => Keine Datei
FirewallRules: [{726F975A-81DB-42E4-837B-9427A95F6E74}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => Keine Datei
FirewallRules: [TCP Query User{4521453A-B976-49F9-B790-E7D0FEA3E5B9}C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe] => (Allow) C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{B15C70DC-A121-44FE-AE38-6ADE9C6DEC4A}C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe] => (Allow) C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{8C109AC7-F915-44E2-B29F-A24932B31CF0}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => Keine Datei
FirewallRules: [UDP Query User{BAA92982-1FB8-440D-B6A2-E4B3103E6A34}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => Keine Datei
FirewallRules: [TCP Query User{3D25B5DA-1365-4C4C-84F6-F32D133BA5FF}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe => Keine Datei
FirewallRules: [UDP Query User{C5E44546-BB3C-4123-A8A6-D55BDB65D17A}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe => Keine Datei
FirewallRules: [{60AD795D-3E7C-4826-A072-09ABD4FA978F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => Keine Datei
FirewallRules: [{C77C6971-78D2-473F-B4D1-4091F357C046}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => Keine Datei
FirewallRules: [{63C8FF4B-2888-4841-B7D1-77CF5840231C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei
FirewallRules: [{B7469470-5035-483A-90FB-0D0F4E537E5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei
FirewallRules: [TCP Query User{584E3D1E-4643-4FE1-9399-7EA2DA209688}C:\program files\epic games\tonyhawksproskater\base\binaries\win64\thps12.exe] => (Allow) C:\program files\epic games\tonyhawksproskater\base\binaries\win64\thps12.exe => Keine Datei
FirewallRules: [UDP Query User{C39E1A11-FE01-42F4-BF84-10167D089685}C:\program files\epic games\tonyhawksproskater\base\binaries\win64\thps12.exe] => (Allow) C:\program files\epic games\tonyhawksproskater\base\binaries\win64\thps12.exe => Keine Datei
FirewallRules: [{9506268A-B686-49B5-88AB-5CE5C7831906}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.2.0\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{DF8438BD-982B-410D-9DC0-DBB531F60A16}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.2.0\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{B78710A6-872A-4D66-8048-88024F946D02}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.2.0\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{F72B9857-B52E-4AFC-8217-DCBEAEFDDB4B}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.2.0\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [TCP Query User{B86E76D2-54C5-4636-A4BE-4E70835E416E}C:\users\deniz\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\deniz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{31A7F172-CA43-4C03-8021-D924B939BAE9}C:\users\deniz\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\deniz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3036A5B4-B977-4CAB-B830-17FF1288A748}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{852A4F7A-CD00-4ECE-BA53-E407FC65BC9F}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{AD7D459D-0D2C-4DE9-80E0-489FA2367BAC}C:\program files (x86)\origin games\fifa 21\fifa21.exe] => (Allow) C:\program files (x86)\origin games\fifa 21\fifa21.exe => Keine Datei
FirewallRules: [UDP Query User{ED4C8337-E004-4C1E-9A8C-69A1B59A642E}C:\program files (x86)\origin games\fifa 21\fifa21.exe] => (Allow) C:\program files (x86)\origin games\fifa 21\fifa21.exe => Keine Datei
FirewallRules: [{F27DCAC6-0F53-4F66-8581-A92DDAA51174}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => Keine Datei
FirewallRules: [{296348C7-AD82-4154-A19C-D71BA589DBD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => Keine Datei
FirewallRules: [{2BB80496-276C-41F9-A109-C55CC3BD9946}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B986169-4F1B-4D76-AB8F-0A2906961366}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D576D00-C2B6-4201-B1F9-CE17C4F12DFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3539EE91-8741-4213-9421-F0110A5A7DAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2A030702-4A22-482D-A9F5-8E18A69E713A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe => Keine Datei
FirewallRules: [{BFF751FE-C97C-4228-8220-99865DF19D11}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe => Keine Datei
FirewallRules: [TCP Query User{F035FEC0-B0E6-41FC-A41A-F01C53798F0A}C:\users\deniz\appdata\local\apps\remote desktop\msrdc.exe] => (Allow) C:\users\deniz\appdata\local\apps\remote desktop\msrdc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{34E2B3BB-7CCC-49D6-874F-B442E26A1694}C:\users\deniz\appdata\local\apps\remote desktop\msrdc.exe] => (Allow) C:\users\deniz\appdata\local\apps\remote desktop\msrdc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CA18889B-94D9-4CAF-9A96-4797A3399F12}C:\users\deniz\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\deniz\appdata\local\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [UDP Query User{4032853F-0489-4C58-9CA6-BDCF8348F1B4}C:\users\deniz\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\deniz\appdata\local\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [TCP Query User{64B7A895-7D24-4DC7-BDAE-7AFE3E056532}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe => Keine Datei
FirewallRules: [UDP Query User{3D111DDF-84A6-4A8C-A3D6-98526C5A4C18}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe => Keine Datei
FirewallRules: [{EBB11048-F30F-443A-843F-85FBC118DDA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe => Keine Datei
FirewallRules: [{8B6DA136-1BC3-4D1D-98D8-43EC7DD55622}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe => Keine Datei
FirewallRules: [{4310FEB2-4F5B-496B-A4B2-B6E7202C6D95}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => Keine Datei
FirewallRules: [{D5EAA78F-072E-4F4F-97E4-9E17FA786145}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => Keine Datei
FirewallRules: [TCP Query User{DCBF0617-C2AA-4763-AB29-E3D99B3A0A94}C:\program files (x86)\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsix_vulkan.exe => Keine Datei
FirewallRules: [UDP Query User{BD55AA04-C89E-482F-B040-E55EDD0B860B}C:\program files (x86)\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsix_vulkan.exe => Keine Datei
FirewallRules: [{8E900A20-C500-4B60-9DF1-EB5CAB0508EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Celeste\Celeste.exe (Matt Makes Games) [Datei ist nicht signiert]
FirewallRules: [{83152162-3C73-4EDC-AAA6-19463B4AAED9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Celeste\Celeste.exe (Matt Makes Games) [Datei ist nicht signiert]
FirewallRules: [{24CDFF09-60AE-4323-9272-DB3438C6AD5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRIS\GRIS.exe () [Datei ist nicht signiert]
FirewallRules: [{50719B31-7FC6-4895-A311-7DA8043FFCA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRIS\GRIS.exe () [Datei ist nicht signiert]
FirewallRules: [{39741809-C3E9-4CED-8D3D-EB21085A47BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe => Keine Datei
FirewallRules: [{08E0B254-ADAF-4B18-88EA-16CB8A3BAEF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe => Keine Datei
FirewallRules: [TCP Query User{F899C348-5F5C-4F45-9AB3-1DBE5CAF63D7}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{95ED617C-0E43-4BE8-BD0C-315CFD488EF7}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{A7C43233-9206-48BC-8219-9DDB7BF19D7D}C:\users\deniz\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\deniz\appdata\local\discord\app-1.0.9004\discord.exe => Keine Datei
FirewallRules: [UDP Query User{4F7D6D39-A7A6-4108-B492-F3FE95B9AFBD}C:\users\deniz\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\deniz\appdata\local\discord\app-1.0.9004\discord.exe => Keine Datei
FirewallRules: [{9530B4A7-1C4D-494A-BA2F-DE23BC7AC798}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe () [Datei ist nicht signiert]
FirewallRules: [{235C947C-06AD-45D1-BE80-AD82E4327141}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe () [Datei ist nicht signiert]
FirewallRules: [{5982D9FF-3E2D-4C6D-9963-737B89269DBF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DCFD403F-46C5-4533-ABCF-E107BB92B905}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{376BD600-A5B9-4700-9659-D0A63384319D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1AB7922-E4A3-4D8E-8EF3-F856A779FD04}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{73A74A53-6C93-4462-BEBD-D8B2CFCD725E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5A834DF2-AEC0-4268-8549-6C41D3EA8BCB}C:\users\deniz\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\deniz\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{94979D20-29B6-47A5-B656-364C1615F2EF}C:\users\deniz\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\deniz\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{88520CAF-6DA2-494A-954B-1CC8717D07C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuphead\Cuphead.exe () [Datei ist nicht signiert]
FirewallRules: [{ABEA7C51-1465-46E1-B7E8-85504DE3461C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuphead\Cuphead.exe () [Datei ist nicht signiert]
FirewallRules: [{11C43D9B-6C30-4F5E-9654-B58898870F47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dust An Elysian Tail\DustAET.exe (Humble Hearts LLC) [Datei ist nicht signiert]
FirewallRules: [{59350978-72C1-40A5-85FD-EEFEFF69EBF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dust An Elysian Tail\DustAET.exe (Humble Hearts LLC) [Datei ist nicht signiert]
FirewallRules: [{12A024B5-4530-4B46-BF28-CB7F28577884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RITE\RITE.exe (Pond Games Pty Ltd) [Datei ist nicht signiert]
FirewallRules: [{EAE23C3F-DA85-4417-B5E3-362735D6C5E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RITE\RITE.exe (Pond Games Pty Ltd) [Datei ist nicht signiert]
FirewallRules: [{F5CF5E53-9A7D-40FC-B0F6-97694B960CDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\UnboundWorldsApart\Unbound.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{2103069B-9114-4868-A81C-F411C1C6CB97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\UnboundWorldsApart\Unbound.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{BD93C6F2-789F-47EE-9DA9-79424668A98C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Greak Memories of Azur\Greak Memories of Azur.exe () [Datei ist nicht signiert]
FirewallRules: [{42980D30-6F26-42B1-B45C-49725520B4D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Greak Memories of Azur\Greak Memories of Azur.exe () [Datei ist nicht signiert]
FirewallRules: [{EAD1A237-127A-4D89-B079-EA9C17C3AAC9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D2E18E11-1E33-41BC-A0A2-9128491CBD8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Evergate Prologue\Evergate Ki's Awakening.exe () [Datei ist nicht signiert]
FirewallRules: [{42F22495-8141-476E-9361-284F6812EAC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Evergate Prologue\Evergate Ki's Awakening.exe () [Datei ist nicht signiert]
FirewallRules: [{736B4BE9-51C4-491D-86AA-BE7CE81E712E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADDFEBF4-B0BC-49D7-98B7-2CC8D7AEBC69}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F245809D-E2ED-4C43-B614-109A3E388A29}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D4F2154-9996-4991-B139-2C45685E6AF6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DAF421A7-7416-488B-90A7-2E44D086F174}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79CF906B-E08F-4A8D-BF5C-F5127DFF04FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC2E0319-E769-45CA-AA1C-E93C4BB1B2B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3B53E645-A857-4DDA-9D0A-3D6E6225C951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C6194D5D-D484-414F-850E-921D3AA4A805}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.33\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF8C2ED9-4F63-4720-8D89-E3952366ADD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\they bleed pixels\They Bleed Pixels PC.exe () [Datei ist nicht signiert]
FirewallRules: [{D038A02F-7EC4-4782-B2C9-657F76A5AA48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\they bleed pixels\They Bleed Pixels PC.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{08E4BE9F-DB2D-4A50-A870-65AE84CEADEA}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{5647CFC9-B491-4F53-85B5-A20787C16265}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [Datei ist nicht signiert]
FirewallRules: [{C8ACF7A6-7389-40D3-97FF-3C8E4265118A}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [Datei ist nicht signiert]
FirewallRules: [{1DBCB8DE-7543-43C1-A53E-5B96DACA7696}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [Datei ist nicht signiert]
FirewallRules: [{EC29FE85-2D9B-4CA0-8534-C54442A1ACFE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E1FE828-7BC1-4E6E-9FB1-18C8015C8582}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0E30131F-0245-443A-962E-CF7D918A45DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83B1A0F8-E27F-4CA0-B35F-0098A0602543}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

12-09-2022 16:13:03 PROPLUS
14-09-2022 08:53:32 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (09/14/2022 10:02:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (09/14/2022 10:02:24 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (09/14/2022 05:20:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (09/14/2022 05:20:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (09/13/2022 04:07:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RemoteMouse.exe, Version: 4.5.0.0, Zeitstempel: 0x631ffa4d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.1889, Zeitstempel: 0xdc0d8494
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0012ca42
ID des fehlerhaften Prozesses: 0x1750
Startzeit der fehlerhaften Anwendung: 0x01d8c77a34ae735e
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 6f45b9d3-3cf2-4075-979e-c7fa614f7426
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/13/2022 04:07:50 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RemoteMouse.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
   bei System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
   bei System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
   bei RemoteMouse.Form_Main.h()
   bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (09/12/2022 04:18:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm Setup.exe Version 15.0.4569.1503 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4a9c

Startzeit: 01d8c6b28e4add19

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe

Bericht-ID: 06794939-2045-483e-a968-c97dca88d310

Vollständiger Name des fehlerhaften Pakets: 

Relative Anwendungs-ID des fehlerhaften Pakets: 

Absturztyp: Top level window is idle

Error: (09/12/2022 04:14:02 PM) (Source: MsiInstaller) (EventID: 11500) (User: DESKTOP-257JBJM)
Description: Produkt: Microsoft Office Professional Plus 2013 -- Fehler 1500.Zurzeit wird eine andere Installation ausgeführt. Sie müssen erst die andere Installation abschließen, bevor Sie diese Installation fortsetzen können.


Systemfehler:
=============
Error: (09/15/2022 07:20:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/15/2022 07:20:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/15/2022 07:20:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "AOMEI Backupper Scheduler Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/15/2022 07:20:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RemoteMouseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/15/2022 07:20:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Genuine Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/15/2022 07:20:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/15/2022 07:20:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Genuine Software Integrity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/15/2022 07:20:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AdobeUpdateService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Windows Defender:
================
Date: 2022-09-15 07:23:38
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner!MSR&threatid=2147743972&enterprise=0
Name: Trojan:Win32/CoinMiner!MSR
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450; file:_C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-257JBJM\deniz
Prozessname: C:\Users\deniz\Downloads\FRST64.exe
Sicherheitsversion: AV: 1.375.374.0, AS: 1.375.374.0, NIS: 1.375.374.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-09-15 07:23:38
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner!MSR&threatid=2147743972&enterprise=0
Name: Trojan:Win32/CoinMiner!MSR
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-257JBJM\deniz
Prozessname: C:\Users\deniz\Downloads\FRST64.exe
Sicherheitsversion: AV: 1.375.374.0, AS: 1.375.374.0, NIS: 1.375.374.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-09-14 07:17:36
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {086ACCCF-EED5-453B-98C2-C7C685C527F7}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2022-09-11 11:16:35
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {2FEFFE95-B68B-43BA-93EE-DDEE176ED4A0}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2022-09-11 11:00:06
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B3517704-7443-4F96-9EA8-581706198444}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===============
Date: 2022-09-14 22:21:44
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2022-09-14 07:16:32
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-06 14:01:30
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 3.00 07/11/2019
Hauptplatine: Micro-Star International Co., Ltd B450 TOMAHAWK MAX (MS-7C02)
Prozessor: AMD Ryzen 5 3600 6-Core Processor 
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 16337.95 MB
Verfügbarer physikalischer RAM: 10584.42 MB
Summe virtueller Speicher: 26065.95 MB
Verfügbarer virtueller Speicher: 18871.94 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.88 GB) (Free:451.29 GB) (Model: CT1000MX500SSD1) NTFS

\\?\Volume{cef52c61-1a61-4b66-a26d-0e172f4a98e4}\ () (Fixed) (Total:0.52 GB) (Free:0.06 GB) NTFS
\\?\Volume{5c20841e-ed1a-4bcc-b3ee-b6237c4cdb57}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
__________________


Alt 15.09.2022, 09:38   #3
Enanta
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



HitMan Pro Log:

Code:
ATTFilter
HitmanPro 3.8.30.326
www.hitmanpro.com

   Computer name . . . . : DESKTOP-257JBJM
   Windows . . . . . . . : 10.0.0.19044.X64/12
   User name . . . . . . : DESKTOP-257JBJM\deniz
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2022-09-15 07:30:28
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 2m 23s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 1
   Traces  . . . . . . . : 1

   Objects scanned . . . : 3.920.003
   Files scanned . . . . : 266.668
   Remnants scanned  . . : 1.882.230 files / 1.771.105 keys

Malware _____________________________________________________________________

   C:\$Recycle.Bin\S-1-5-21-1798280388-614632519-694548969-1001\$R6XSQN6\FRST64.exe
      Size . . . . . . . : 2.299.904 bytes
      Age  . . . . . . . : 0.0 days (2022-09-15 07:22:37)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4DA5C61652C9929FB3AADDF57E581AD4590A103E84E6271414E6D3E11F7DD1F4
      Needs elevation  . : Yes
      Product  . . . . . : FRST64
      Publisher  . . . . : Farbar
      Description  . . . : Farbar Recovery Scan Tool
      Version  . . . . . : 19.5.2021.0
      LanguageID . . . . : 2057
    > SurfRight  . . . . : Generic ML PUA (PUA)
      Fuzzy  . . . . . . : 110.0
      Forensic Cluster
         -117.8s C:\AdwCleaner\Quarantine\v1\20220915.072039\
         -117.7s C:\Windows\Temp\officeclicktorun.exe_streamserver(202209150720393D88).log
         -117.3s C:\AdwCleaner\Logs\AdwCleaner[C29].txt
         -116.7s C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.2.0\log\ABService1422.txt
         -113.8s C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Recent\AdwCleaner[C29].lnk
         -113.7s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\
         -113.7s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\container.dat
         -113.7s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\appcache[1].man
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\Init[1].htm
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\9kAvRypYmWc9B8vB-LFOrkNKVL8[1].css
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\Xk0n9ycPBpl3ibUiCDpx5bvphM0[1].css
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\8yOt-qMgl3wFFpnXBbdaeUrdWpM[1].css
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\SB56yVuNdvC-OyyWcZWznq3rtro[1].css
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\QNBBNqWD9F_Blep-UqQSqnMp-FI[1].css
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\-EXiQWiSBwbQ0Pg7VEepVvk4lf0.br[1].js
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\-UmcO6TXoFXP3PrVfI8GdNQvZFw.br[1].js
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\-pBqIguxLDC5C1YjXzlKax0RNqE.br[1].js
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\04mxmzO00QtKgdiRug4w0u7I_vM.br[1].js
         -113.6s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\14QiL7wch1pkRwcWSSxMHCOxJbY.br[1].js
         -113.5s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\26Pt5PvK51HgeLA2eGQca_iZ1j0.br[1].js
         -113.5s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\6mDplh2-tnrwx7GcRbXrFrcA_p8.br[1].js
         -113.5s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\98-tFzBbrLP3oaKdmZtyZ4BBBI4.br[1].js
         -113.5s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\9LFaD1s34lDeqJJ9GCvquEUlNjE.br[1].js
         -113.5s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\BQR--Mi6Hdug9aUgfjMzORag63E.br[1].js
         -113.5s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\FfpNMdo0vKfG5ZTD5JKxtjVlD2c.br[1].js
         -113.4s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\J33O5juVQjupXMmKUOY2661rD9k.br[1].js
         -113.4s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\MAi8ZrMgFhG81tZ07Arc2JEjTY8.br[1].js
         -113.4s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\Mf7TuvhI5PXz6worVd8szu0rbaw.br[1].js
         -113.3s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\PvVze1dcpBMAPV5PYO5uw3GriyY.br[1].js
         -113.3s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\WeaqEJfS9Yrl9laS6TOxoSX0WqM.br[1].js
         -113.3s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\Wu02onbRpcKfRWLLlaPlNPrJMD8.br[1].js
         -113.3s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\Yi3Flkft8YS8nbd9qCHjIlXAHPg.br[1].js
         -113.3s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\Z_GJ62uUjIGBtHsKSBYBwY74EHY.br[1].js
         -113.2s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\_F0M0yoTmc2b-_eS3W0Eu-fGENs.br[1].js
         -113.2s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\_UuhVxYdoujMCo65q2K3CJYHYBM.br[1].js
         -113.2s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\dye0oi0oSKo4PwRjyp6o2bKfFRg.br[1].js
         -113.2s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\dzRx58mIgzcP68MM1cY_DvGksfM.br[1].js
         -113.2s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\h70X_CXjGxCPmsxsoFPq_Qb3OkQ.br[1].js
         -113.2s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\hPlNScrKKGfUAhwQVepjVKsWqRY.br[1].js
         -113.2s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\jIc4kNQcCnXVPMb7KcS_EpEDmoA.br[1].js
         -113.2s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\jReNPx8gS5IWDxQLFD-EkpG1n7w.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\jz5JHWe_2WCod7u1RNWmByRezL4.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\lhgXDPuakBioCT_GC_cTrDlP6gs.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\lu2PFUTcnpg4NsQIcCHykj_HUKM.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\n01iOi98IkyoZZM5sVziF8czFB8.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\nHdwjs01Qlycde5b5LheEc9mgXE.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\qHQm8CxZq2duiKylvcB-3AUQKUc.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\qIHza_wsGzJzIFTMvvxtk0KHn4U.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\sjyuJZ7P-x0ivMmGA2wf2b0d0QM.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\x0Cvpg0MmmBx9EUGxLDfa2xcV-E.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\zEQqhwKoETyGdQapOnP2uL1FFF0.br[1].js
         -113.1s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\YG0ZMS7Z\1595\onra7PQl9o5bYT2lASI1BE4DDEs[1].css
         -112.7s C:\Windows\Temp\DESKTOP-257JBJM-20220915-0720.log
         -111.5s C:\ProgramData\NVIDIA Corporation\RX\rxdiag_220915_0720_00.log
         -111.5s C:\ProgramData\NVIDIA\MessageBus_16024_0x1B324BEFA30.log
         -111.2s C:\ProgramData\NVIDIA\MessageBus_16024_0x1B324BF00C0.log
         -109.3s C:\Users\deniz\AppData\Local\Temp\8326e946-47d9-49cf-8e05-625a0e34258e.tmp
         -109.2s C:\Users\deniz\AppData\Local\Temp\971f1609-1d0b-4d41-80b1-42e88d04b0ab.tmp
         -109.2s C:\Users\deniz\AppData\Local\Temp\1acd07c4-3389-4aa9-ae29-8aab8f97d513.tmp
         -109.2s C:\Users\deniz\AppData\Local\Temp\bed812ce-bf98-4ee5-a988-35302aaf9dd5.tmp
         -109.2s C:\Users\deniz\AppData\Local\Temp\63afc178-dc37-4d5f-9e7b-59e574d3d28a.tmp
         -109.2s C:\Users\deniz\AppData\Local\Temp\85b6eea2-6eac-49ff-8719-bcc758bbc7ba.tmp
         -107.9s C:\Users\deniz\AppData\Local\Temp\2e96ace4-0c51-47ed-8611-cf91032e592e.tmp
         -107.8s C:\Windows\Prefetch\OFFICECLICKTORUN.EXE-F5CCE208.pf
         -107.2s C:\Users\deniz\AppData\Local\Temp\7d58abc2-23d9-4cd5-bd75-9cd611a262aa.tmp
         -107.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\blob_storage\123e5bc1-d0bb-4e31-974b-4f49791de38f\
         -107.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b356fc08ed3eefc4_0
         -106.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13307692850652040
         -106.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\66294b95685818b2_0
         -106.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0ee74bf661d921f0_0
         -106.8s C:\Windows\Prefetch\ABSERVICE.EXE-C3867159.pf
         -105.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2ee
         -105.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2ef
         -105.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\441292135f4f9c64_0
         -105.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13b2452e3130d29f_0
         -104.9s C:\Users\deniz\AppData\Local\Temp\6d6e7cc7-c4ff-4323-b937-ce3f8bb18976.tmp
         -104.9s C:\Users\deniz\AppData\Local\Temp\ae814e3e-5c0e-482b-b31f-34a83833b894.tmp
         -104.1s C:\Users\deniz\AppData\Local\Temp\32e1fe74-1ebd-40da-8b49-b3acaa0eefcc.tmp
         -104.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2f0
         -104.0s C:\Users\deniz\AppData\Local\Temp\b0aa11de-2745-4834-a60d-9575e57ad35e.tmp
         -104.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2f1
         -103.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9022a4d3168b6d19_0
         -103.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\47ff27e08abff5fd_0
         -103.8s C:\Windows\Prefetch\CHROME.EXE-AED7BA3D.pf
         -103.8s C:\Users\deniz\AppData\Local\Temp\3dbd284d-e4d9-44cd-b8d1-1c7456c1db02.tmp
         -103.8s C:\Users\deniz\AppData\Local\Temp\a1984322-231d-41cb-b52f-4a2b25548601.tmp
         -103.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2f2
         -103.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9ee22800b42b5337_0
         -103.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2f3
         -103.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2f4
         -103.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2f5
         -103.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2f6
         -103.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\471bfbb4cca9b7ad_0
         -103.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\29001189b6d1627b_0
         -103.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2f7
         -103.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7face9e121188b2f_0
         -103.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\96492d20afeb5b3e_0
         -103.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2f8
         -103.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\382fdffdd7a758fd_0
         -103.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a724d92e4eb49e1e_0
         -103.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2f9
         -103.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d0fde09264c55881_0
         -103.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\76f74a389e0da7db_0
         -103.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2fa
         -103.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\33f7eb7dc88a1dec_0
         -103.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2fb
         -103.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aa6ad14045a9baa6_0
         -103.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2fc
         -103.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2fd
         -103.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\15e09522767f833f_0
         -103.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1261e0966279e3a7_0
         -103.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2fe
         -103.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\caefbf94df866471_0
         -103.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b2ff
         -103.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f3be74acb59b882f_0
         -103.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b409f142a9e01f7a_0
         -103.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b300
         -103.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b301
         -103.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\59295a93fb33110e_0
         -103.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\74c2adfc673af4ac_0
         -103.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b302
         -103.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83bdaf00d68bde0d_0
         -103.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e885a608f652e5c9_0
         -103.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\780790828963f43d_0
         -103.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13047a98635b96c3_0
         -103.0s C:\ProgramData\NVIDIA\MessageBus_4028_0x1C22542AB80.log
         -103.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\80cbf4408dcc6067_0
         -102.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b303
         -102.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eafee9113bb6b086_0
         -102.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\135c45f93a219486_0
         -102.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b304
         -102.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1d23893e4ccd04a9_0
         -102.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b305
         -102.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fd2167937b41fc6f_0
         -102.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b306
         -102.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d48d49af203c2cc3_0
         -102.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b307
         -102.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b308
         -102.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d0224a74b5f8c9b7_0
         -102.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4c79815eef835d11_0
         -102.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b309
         -102.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\73b2c1bad903fede_0
         -102.8s C:\Windows\Prefetch\HPPRINTSCANDOCTORSERVICE.EXE-65C8537A.pf
         -102.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\80f8ecdcf67d5824_0
         -102.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b30a
         -102.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b30b
         -102.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b30c
         -102.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a9ac2c7501b3d479_0
         -102.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b30d
         -102.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\06c62e605efbc3fe_0
         -102.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\62551be5fd0f2495_0
         -102.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\52d30dbe8f455cc2_0
         -102.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c2d4013b99644e0e_0
         -102.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f24ff7ec11d1e097_0
         -102.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5529cad4e00d086b_0
         -102.5s C:\Users\deniz\AppData\Local\Temp\f2f1300a-4485-46a9-b910-d44106923625.tmp
         -102.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e574e275ea733a85_0
         -102.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b30e
         -102.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e9437ff1cc5c786e_0
         -102.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5c5365e92449d802_0
         -102.5s C:\Windows\Prefetch\RUNDLL32.EXE-8FD7DBF0.pf
         -102.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b30f
         -102.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83dae1c8aa03fa01_0
         -102.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bc657c1a1ad592e_0
         -102.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_portfolio.nansen.ai_0.indexeddb.leveldb\000336.log
         -102.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\302ca17c71c51cf3_0
         -102.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\70df0d78711e136f_0
         -102.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\89166ab5d6a9b941_0
         -101.4s C:\Users\deniz\AppData\Local\Temp\0c6c0be7-2614-47bd-983a-e204e970289f.tmp
         -100.8s C:\Users\deniz\AppData\Local\Temp\7a076195-c872-4f1a-80b2-fb658cb9d866.tmp
         -100.8s C:\Users\deniz\AppData\Local\Temp\0e179b32-32f6-44c1-b81b-d74eb7b77996.tmp
         -100.8s C:\Users\deniz\AppData\Local\Temp\e6b842d3-1c37-46f2-9621-d2fc68a679e6.tmp
         -100.4s C:\Users\deniz\AppData\Local\Temp\544d1cd8-4103-4722-96c8-3f7307889436.tmp
         -100.3s C:\Users\deniz\AppData\Local\Temp\7424bb8b-5033-4a2f-b17d-61674dcf2746.tmp
         -100.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dbdd5789bc73ca6b_0
         -100.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bacfcb9115fada1_0
         -99.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d2a50edb8fc98c94_0
         -99.8s C:\Users\deniz\AppData\Local\Temp\ac9c0fcc-4e11-4691-8e2a-902b05641b23.tmp
         -97.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\21a8bd8b9d633509_0
         -97.5s C:\Windows\Prefetch\DLLHOST.EXE-810B6BBE.pf
         -97.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\37ee33493799235a_0
         -97.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f1882d7b56010649_0
         -96.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b310
         -96.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\24470e2e9316d8ac_0
         -96.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b311
         -95.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\815439531f27bb96_0
         -95.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\036963.ldb
         -95.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\036964.ldb
         -95.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\036965.ldb
         -95.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\036966.ldb
         -95.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\036967.ldb
         -94.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b312
         -79.9s C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Recent\AdwCleaner[S29].lnk
         -79.6s C:\Windows\Prefetch\CHROME.EXE-AED7BA44.pf
         -75.7s C:\Windows\Prefetch\NOTEPAD.EXE-032BB3D8.pf
         -60.5s C:\Users\deniz\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\blob_storage\2b7ab2b2-d918-40e1-a6fb-b6997ec26365\
         -60.3s C:\Windows\Prefetch\COMPPKGSRV.EXE-4780F0C1.pf
         -59.4s C:\Windows\Prefetch\DLLHOST.EXE-95A95592.pf
         -59.2s C:\Users\deniz\Desktop\vlc de problem\AdwCleanerScan.txt
         -59.1s C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Recent\AdwCleanerScan.lnk
         -54.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_portfolio.nansen.ai_0.indexeddb.leveldb\000338.ldb
         -53.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b313
         -51.1s C:\Windows\Prefetch\DLLHOST.EXE-7D5CE0CA.pf
         -48.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\f_000f0d
         -48.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b315
         -48.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\f_000f0e
         -48.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b316
         -48.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\84cd9a5b175f134c_0
         -48.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b317
         -48.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f6619c4718244ce3_0
         -48.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1e2ec649bfe43a2a_0
         -48.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b318
         -48.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1176c659c52b498f_0
         -48.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\feec6a801356dcaa_0
         -48.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a58a145be393cca_0
         -44.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b360ec7471b32876_0
         -44.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\01c634ca28f4fa60_0
         -43.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\005617.ldb
         -38.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b31a
         -38.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f2674488c93073ee_0
         -38.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8ef5313b75a3298c_0
         -38.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\db2420db66076406_0
         -37.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b31b
         -37.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f05922b9964b25d9_0
         -37.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cb74ac3c79df22a8_0
         -37.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4710862873b7fff2_0
         -37.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b31c
         -37.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a0a20a66f604a24e_0
         -25.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b31d
         -25.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b31e
         -24.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b31f
         -24.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cd4538db0f208682_0
         -24.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5b0b80b2bd02af67_0
         -24.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b320
         -24.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\70802dfa364950af_0
         -24.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1792db21eaa9e2c5_0
         -24.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3262550f50b7a49d_0
         -24.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7f66b455b707955f_0
         -24.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b321
         -24.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b322
         -24.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b323
         -24.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b324
         -24.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\442e878bd1c00319_0
         -24.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0bf28612058b0e03_0
         -24.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8207fe688f3960e2_0
         -24.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c6030ba3751875ec_0
         -24.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b325
         -24.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2401195ec6416f75_0
         -24.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b326
         -24.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\94f6ebd4f1ced1c6_0
         -24.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b327
         -24.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b328
         -24.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b329
         -24.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b32a
         -24.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\848050b166f33398_0
         -24.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7b248fa0f3523eab_0
         -24.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\26b8bd2a96734512_0
         -24.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\552833a5d1ccbbed_0
         -24.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5963eb1b55a4694e_0
         -24.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\528da89d59515d7b_0
         -24.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e8a20bc444aaa4a3_0
         -24.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b32b
         -24.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a71596b79d9882d5_0
         -24.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\92e1b9badc09e20e_0
         -23.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\f_000f0f
         -23.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b32c
         -23.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b32d
         -23.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b32e
         -23.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b32f
         -23.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b330
         -23.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b331
         -23.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b332
         -23.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b333
         -23.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b334
         -23.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b335
         -23.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b336
         -23.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8185e68f9ce90b3b_0
         -22.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e0b944c8de7d12a5_0
         -22.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e72fbaf3e685ba27_0
         -22.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b8764fa31c539593_0
         -22.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff3447d908100ba9_0
         -22.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\758505dd6a6ca1ae_0
         -19.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\BrowserMetrics-spare.pma
         -18.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b337
         -18.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b338
         -18.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cba8579c64b97d6f_0
         -18.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\032566162ee900c8_0
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b339
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b33a
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0e444310a70a33eb_0
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e26c765fcf714829_0
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dfa01d8dbbb2d42d_0
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\75933ac5b2ff831c_0
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1d6c99b4f568206d_0
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e41575d3d548c5cf_0
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c6f0ed943d1157ff_0
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3a43c5c97898b81b_0
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\45147588a9ddec37_0
         -18.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b33b
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cf96d3c30a43f719_0
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2018610339c2ee70_0
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b33c
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c424a62ed016c05b_0
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8bdd008a5dded195_0
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\63cb90ac67d0cf84_0
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b33d
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\490e7d2c5f0fc433_0
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1aac85762d1693e6_0
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c0c4f9b48ab538ea_0
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b33e
         -18.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83c9f1c966af4138_0
         -18.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8542adc698544a1c_0
         -18.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\36a563e656dbf39c_0
         -18.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b340
         -18.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b341
         -17.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b342
         -17.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b343
         -17.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b344
         -17.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\57afa2950bcc05aa_0
         -17.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b345
         -17.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b346
         -17.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8d9feb1f82a3e3f1_0
         -17.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b347
         -17.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3a49064412d3f935_0
         -17.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b348
         -17.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b349
         -17.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b34a
         -17.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b34b
         -17.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b0e4ae1585d5b55b_0
         -17.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b4dd46f942101caa_0
         -17.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b34c
         -17.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a9cb30d189cf9330_0
         -17.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b34d
         -17.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c2c716a743cb54b_0
         -17.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b34e
         -17.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\43acd69261bd462e_0
         -17.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b34f
         -17.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f79b238e66ec084e_0
         -17.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b350
         -17.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b351
         -17.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\daf2b676b3374544_0
         -17.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dab69040e12ca317_0
         -17.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b9d67ef8bebc08bc_0
         -17.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b352
         -17.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e97535ea9cb8d5d3_0
         -17.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b353
         -15.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa161f588e665543_0
         -6.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b354
         -6.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b355
         -5.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b356
         -5.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6c007d0357743797_0
         -5.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\12ef8f73c8b56137_0
         -5.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1f47765e973b9610_0
         -5.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1620686636ee21ab_0
         -4.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\58af3054d07d82ad_0
         -4.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64e5f7258da9ae7c_0
         -4.6s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b357
         -4.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b358
         -4.4s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b359
         -4.3s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b35a
          0.0s C:\$Recycle.Bin\S-1-5-21-1798280388-614632519-694548969-1001\$R6XSQN6\FRST64.exe
          0.0s C:\$Recycle.Bin\S-1-5-21-1798280388-614632519-694548969-1001\$R4R5UI6.exe
          0.7s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b35b
          2.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{9007F6B1-9F73-4216-9AC6-80EDE853ABCB}
          9.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\4DBE7DEDBF7128C10627277D66E4EC89
         10.6s C:\Windows\Prefetch\CHROME.EXE-AED7BA3E.pf
         10.7s C:\Windows\Prefetch\CONSENT.EXE-40419367.pf
         16.3s C:\FRST\bin\
         16.3s C:\FRST\Logs\
         16.3s C:\FRST\
         16.3s C:\FRST\Quarantine\
         16.3s C:\FRST\bin\sqlite3_x64.dll
         16.3s C:\FRST\Hives\
         16.3s C:\FRST\Logs\ct.ini
         16.3s C:\FRST\Hives\deniz\
         16.4s C:\Windows\Prefetch\CMD.EXE-0BD30981.pf
         16.7s C:\FRST\Hives\BCD
         16.7s C:\Windows\Prefetch\BCDEDIT.EXE-FE221428.pf
         17.7s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{E283716F-273F-44C5-AA2F-3F1BBB749548}
         18.8s C:\System Volume Information\{88dbb30d-34b4-11ed-bd0b-00d8619dc780}{3808876b-c176-4e48-b7ae-04046e6cc752}
         20.8s C:\Windows\Prefetch\FRST64.EXE-4EFAFA08.pf
         23.6s C:\FRST\Hives\SOFTWARE
         23.9s C:\FRST\Hives\SYSTEM
         23.9s C:\FRST\Hives\SAM
         24.0s C:\FRST\Hives\DEFAULT
         24.0s C:\FRST\Hives\SECURITY
         24.5s C:\FRST\Hives\COMPONENTS
         24.6s C:\FRST\Hives\deniz\NTUSER.DAT
         24.8s C:\FRST\Hives\deniz\UsrClass.dat
         25.7s C:\Users\deniz\AppData\Local\Microsoft\Windows\INetCache\IE\VRQKTK0Q\82[1]
         26.5s C:\Users\deniz\AppData\Local\Microsoft\Windows\INetCache\IE\6CLTUVQ8\82[1].htm
         26.8s C:\Windows\Prefetch\WMIPRVSE.EXE-E8B8DD29.pf
         26.9s C:\Windows\Prefetch\VSSVC.EXE-6C8F0C66.pf
         26.9s C:\Windows\Prefetch\SVCHOST.EXE-4B98D760.pf
         27.0s C:\Users\deniz\AppData\Local\Microsoft\Windows\INetCache\IE\Q1XTPA5Q\FRST64[1].exe
         28.1s C:\$Recycle.Bin\S-1-5-21-1798280388-614632519-694548969-1001\$R6XSQN6\
         28.7s C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\022e7b8b7493c82baa946248b5b3059d3cac3e1b
         33.5s C:\Users\deniz\Desktop\vlc de problem\FRST.txt
         34.0s C:\Windows\Prefetch\MPCOPYACCELERATOR.EXE-88238748.pf
         46.1s C:\System Volume Information\{88dbb33a-34b4-11ed-bd0b-00d8619dc780}{3808876b-c176-4e48-b7ae-04046e6cc752}
         52.2s C:\Windows\Prefetch\REG.EXE-A93A1343.pf
         59.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b35d
         59.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b35e
         60.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\005619.ldb
         61.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\
         61.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\FDCF2E54-E429-4F8C-A13E-3884E130C998
         61.5s C:\Windows\Prefetch\SECURITYHEALTHHOST.EXE-06344EE9.pf
         65.7s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\AC\NVIDIA\DXCache\d08c1d58a6210fda8173245232e9f3a5_fce8395c8fd8a998_1ceaf63c932c79cc_0_0.0.toc
         65.7s C:\Users\deniz\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\AC\NVIDIA\DXCache\d08c1d58a6210fda8173245232e9f3a5_fce8395c8fd8a998_1ceaf63c932c79cc_0_0.0.bin
         65.9s C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Recent\windowsdefender--threat- (5).lnk
         66.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{8A907336-89AF-4B43-A6E8-DC3EC0557845}
         71.6s C:\Windows\Prefetch\SHELLEXPERIENCEHOST.EXE-B3EF1F80.pf
         71.8s C:\Windows\Prefetch\RUNTIMEBROKER.EXE-B99D7653.pf
         75.6s C:\Windows\Prefetch\APPLICATIONFRAMEHOST.EXE-8CE9A1EE.pf
         75.6s C:\Windows\Prefetch\SECHEALTHUI.EXE-FAB65C18.pf
         75.9s C:\Windows\Prefetch\SVCHOST.EXE-952637C2.pf
         75.9s C:\Windows\Prefetch\SVCHOST.EXE-F952D9A9.pf
         76.0s C:\Windows\Prefetch\SVCHOST.EXE-B18C213B.pf
         82.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{2E5F80D0-BCEC-4455-99D3-C9290EA0A0AC}
         82.5s C:\ProgramData\Microsoft\Windows Defender\Quarantine\ResourceData\AB\ABD5C00487E0E8C060713E61566C6627CA920B75
         82.5s C:\ProgramData\Microsoft\Windows Defender\Quarantine\ResourceData\AB\
         82.5s C:\ProgramData\Microsoft\Windows Defender\Quarantine\Entries\{8003F8E4-0000-0000-48D9-0E6582F60A16}
         82.5s C:\ProgramData\Microsoft\Windows Defender\Quarantine\Resources\AB\
         82.5s C:\ProgramData\Microsoft\Windows Defender\Quarantine\Resources\AB\ABD5C00487E0E8C060713E61566C6627CA920B75
         102.7s C:\Windows\Prefetch\TASKHOSTW.EXE-2E5D4B75.pf
         102.7s C:\Windows\Prefetch\RUNTIMEBROKER.EXE-A5E8D7A2.pf
         112.6s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{F54F0C17-6CFF-4F4D-9D29-D363B20061FE}
         114.6s C:\ProgramData\USOShared\Logs\System\MoUsoCoreWorker.b54c499a-dc5b-435c-b703-fd944588aa9a.1.etl
         114.6s C:\ProgramData\USOShared\Logs\System\WuProvider.745f0d79-0ece-49c0-8a06-da17d5c21bdf.1.etl
         114.7s C:\Windows\Logs\waasmedic\waasmedic.20220915_052432_180.etl
         115.0s C:\Users\deniz\Desktop\vlc de problem\Addition.txt
         117.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\f_000f10
         117.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\f_000f11
         117.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\f_000f12
         117.8s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b360
         118.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b361
         118.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a710342a8de7c83_0
         118.0s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b362
         118.1s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\10efce51bb2381f5_0
         118.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\85d867f8244bb1b5_0
         118.2s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_01b363
         118.6s C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{82BD1E6D-5D6F-4B72-9EA8-8B0A2E02C527}\MpKslDrv.sys
         124.6s C:\Windows\Prefetch\MOUSOCOREWORKER.EXE-4429AC2B.pf
         124.7s C:\Windows\Prefetch\SVCHOST.EXE-9A28EB78.pf
         124.9s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsRecentClosed\144b65d1-0571-4d54-8111-d0f290064139.tmp
         128.4s C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf
         128.5s C:\Windows\Prefetch\TIWORKER.EXE-252288BE.pf
         131.8s C:\Windows\Prefetch\SDXHELPER.EXE-7F6435C6.pf
         155.1s C:\Windows\INF\basicdisplay.PNF
         155.2s C:\Windows\INF\basicrender.PNF
         156.8s C:\Windows\Prefetch\WEVTUTIL.EXE-1E154F39.pf
         157.2s C:\FRST\Logs\Addition_15-09-2022 07.25.14.txt
         157.2s C:\FRST\Logs\FRST_15-09-2022 07.25.14.txt
         158.6s C:\Windows\Prefetch\SVCHOST.EXE-BE3D0421.pf
         160.1s C:\Windows\Prefetch\DLLHOST.EXE-D200FEC3.pf
         160.1s C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Recent\FRST.lnk
         160.5s C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13307693118050560
         162.9s C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Recent\Addition.lnk
         170.0s C:\Windows\Prefetch\NOTEPAD.EXE-C5670914.pf
         196.6s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Quick\{0ECC8234-048B-44AF-864B-9BB888BEC988}
         197.8s C:\Users\deniz\AppData\Local\Packages\AppleInc.iCloud_nzyj5cx40ttqa\LocalCache\Local\Logs\AOSKit-iCloudDrive.2022-09-15_0725.log
         197.8s C:\Users\deniz\AppData\Local\Packages\AppleInc.iCloud_nzyj5cx40ttqa\LocalCache\Local\Logs\iCloudDrive.2022-09-15_0725.log
         197.9s C:\Users\deniz\AppData\Local\Packages\AppleInc.iCloud_nzyj5cx40ttqa\LocalCache\Local\Apple Inc\CloudKit\iCloudDrive\MMCS\
         199.1s C:\Users\deniz\AppData\Local\Packages\AppleInc.iCloud_nzyj5cx40ttqa\LocalCache\Roaming\Apple Computer\Preferences\com.apple.AOSKit.plist
         199.1s C:\Users\deniz\AppData\Local\Packages\AppleInc.iCloud_nzyj5cx40ttqa\LocalCache\Local\Apple Inc\CloudKit\iCloudDrive\MMCS\.cs\
         199.1s C:\Users\deniz\AppData\Local\Packages\AppleInc.iCloud_nzyj5cx40ttqa\LocalCache\Local\Apple Inc\CloudKit\iCloudDrive\MMCS\.cs\ChunkStoreDatabase
         199.1s C:\Users\deniz\AppData\Local\Packages\AppleInc.iCloud_nzyj5cx40ttqa\LocalCache\Local\Apple Inc\CloudKit\iCloudDrive\MMCS\.cs\ChunkStoreDatabase-journal
         200.7s C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Recent\windowsdefender--fullhistory-.lnk
         204.4s C:\Windows\Prefetch\DLLHOST.EXE-D8244CD9.pf
         208.0s C:\Windows\Prefetch\APSDAEMON.EXE-67460176.pf
         209.5s C:\Windows\Prefetch\SECD.EXE-388CE80C.pf
         216.8s C:\$Recycle.Bin\S-1-5-21-1798280388-614632519-694548969-1001\$I6XSQN6
         216.8s C:\$Recycle.Bin\S-1-5-21-1798280388-614632519-694548969-1001\$IAQWWD3.exe
         
ESET-Log:
Code:
ATTFilter
15.09.2022 09:30:10
Geprüfte Dateien: 778792
Erkannte Dateien: 3
Gesäuberte Dateien: 3
Prüfdauer gesamt 01:33:26
Prüfstatus: Abgeschlossen
C:\Program Files (x86)\GTA\altv-client.dll	eine Variante von Win32/Packed.VMProtect.ACR Trojaner	durch Löschen gesäubert

C:\Program Files (x86)\Image-Line\FL Studio 20\FLEngine_x64.dll	Win64/HackTool.Crack.CI potenziell unsichere Anwendung	durch Löschen gesäubert

C:\Program Files (x86)\Image-Line\FL Studio 20\fl_patch_installer_20_1_1.exe	Win64/HackTool.Crack.CI potenziell unsichere Anwendung	durch Löschen gesäubert
         
__________________

Alt 15.09.2022, 10:39   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Zitat:
C:\Program Files (x86)\GTA\altv-client.dll eine Variante von Win32/Packed.VMProtect.ACR Trojaner
C:\Program Files (x86)\Image-Line\FL Studio 20\FLEngine_x64.dll Win64/HackTool.Crack.CI
C:\Program Files (x86)\Image-Line\FL Studio 20\fl_patch_installer_20_1_1.exe
Cracks, Keygens und andere illegale Software

Bitte lesen => Cracks, Keygens und andere illegale Software

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
Logs bitte immer in CODE-Tags posten

Alt 15.09.2022, 11:01   #5
Enanta
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Zitat:
Zitat von cosinus Beitrag anzeigen
Cracks, Keygens und andere illegale Software

Bitte lesen => Cracks, Keygens und andere illegale Software

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
Ok entschuldige, das ist schon ewig auf meinem System, wusste gar nicht mehr, dass das ein Crack ist bzw. das es drauf ist. War nicht geplant, nur ein Überbleibsel aus den alten Zeiten.

edit/ Als "Beweis" habe ich die Deinstallation angehängt und auch alle Ordner gelöscht, die etwas damit etwas zu tun haben könnten. Oder soll ich nochmal einen Scan starten?

Angehängte Grafiken
Dateityp: jpg Screenshot 2022-09-15 110258.jpg (63,1 KB, 29x aufgerufen)

Geändert von Enanta (15.09.2022 um 11:06 Uhr)

Alt 15.09.2022, 11:19   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Kontrollscans mit MBAM und RK
Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________
--> PUP.optional.startfenster entfernen - vlc.de

Alt 15.09.2022, 12:45   #7
Enanta
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Zitat:
Zitat von cosinus Beitrag anzeigen
Kontrollscans mit MBAM und RK
  • Malwarebytes
  • RogueKiller
Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
Ok top danke, habe ich gemacht. Was sagst du eigentlich dazu, dass FRST als Trojaner erkannt wird? Bekanntes "Problem"?

Malwarebytes-Log:
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 15.09.22
Scan-Zeit: 11:29
Protokolldatei: eda92b32-34d8-11ed-8126-00d8619dc780.json

-Softwaredaten-
Version: 4.5.14.210
Komponentenversion: 1.0.1767
Version des Aktualisierungspakets: 1.0.60079
Lizenz: Abgelaufen

-Systemdaten-
Betriebssystem: Windows 10 (Build 19044.2006)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-257JBJM\deniz

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 358201
Erkannte Bedrohungen: 15
In die Quarantäne verschobene Bedrohungen: 15
Abgelaufene Zeit: 18 Min., 31 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.StartFenster, C:\USERS\DENIZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 474, 455286, , , , , , 
PUP.Optional.StartFenster, C:\USERS\DENIZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 474, 455286, , , , , , 

Datei: 13
PUP.Optional.StartFenster, C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, In Quarantäne, 474, 455286, , , , , 159D9C5F1534DCA7FDB8D93429719215, 8BA96CE9B0A61C6102265AE86B4352AB1A41BCE143E27A06C454E76D05EC3E65
PUP.Optional.StartFenster, C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb, In Quarantäne, 474, 455286, , , , , 8F39A1A1C0941E22EFC6EE6571B03130, BA2038F423349E8B1C1ED480E9A95CD0D77C864EE2DF7106329737490FE0C7E3
PUP.Optional.StartFenster, C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000010.ldb, In Quarantäne, 474, 455286, , , , , 7FB4DFBE8B1425B63E320C38B7370D54, 13B0BEA5F4885130700249EDC73BF855D94E39102C0CC4DCA6E835BD16648E67
PUP.Optional.StartFenster, C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000011.log, In Quarantäne, 474, 455286, , , , , A27630935C1E462B3B13F8A5E4C70EFB, 4E5FC20049BCF5B8E1613B61ED16716A4DD0D68976773FF920A9814286BE9504
PUP.Optional.StartFenster, C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000012.ldb, In Quarantäne, 474, 455286, , , , , AEF5716FDD6E0D5C7768B071A37A612A, D2C882882185CF5C38A14D1BDC9A1DE3DCE409D8A515C7A5B0B185B451B72811
PUP.Optional.StartFenster, C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, In Quarantäne, 474, 455286, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.StartFenster, C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, In Quarantäne, 474, 455286, , , , , , 
PUP.Optional.StartFenster, C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, In Quarantäne, 474, 455286, , , , , FF935093EAAC4A54AE8A48D2730F7643, C4EB0622013B6349F9030222D10FC29A6EECA178C032FBAD4278D40C92CBF393
PUP.Optional.StartFenster, C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, In Quarantäne, 474, 455286, , , , , DC0FBF84BCC6C9C0CFDA4B04B11656A4, 3485F6984B36B565446303E68A6F6B9669014589060E6AE31E3C3DB594CD8354
PUP.Optional.StartFenster, C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, In Quarantäne, 474, 455286, , , , , 7BF035A561717CF83F6E23815528FFA7, C365FA37EC83D852820F73C444BF19E86A1E46A64FC4D9D4AA4E5B258103681D
PUP.Optional.StartFenster, C:\USERS\DENIZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Ersetzt, 474, 455286, , , , , EABFE826C030ABEB099BAF82814B7CCB, 80EF7B1AEA72F353E42554EF8F4C55D9A7B2846D60166519558ECBF28C91DD60
PUP.Optional.StartFenster, C:\USERS\DENIZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 474, 455286, 1.0.60079, , ame, , 0BC947FB7E73EDE68A48C35467266C78, 9401AFEB9F63ED564A063161D560145B92BAF82F8D52F4DF0AEB55B5C8A2FD5A
PUP.Optional.StartFenster, C:\USERS\DENIZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 474, 455286, 1.0.60079, , ame, , 0BC947FB7E73EDE68A48C35467266C78, 9401AFEB9F63ED564A063161D560145B92BAF82F8D52F4DF0AEB55B5C8A2FD5A

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         
Rogue Killer Log:
Code:
ATTFilter
Program            : RogueKiller Anti-Malware
Version            : 15.6.1.0
x64                : Yes
Program Date       : Sep 13 2022
Location           : C:\Users\deniz\Downloads\RogueKiller_portable64.exe
Premium            : No
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19044) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : deniz
User is Admin      : Yes
Date               : 2022/09/15 10:42:32
Type               : Removal
Aborted            : No
Scan Mode          : Standard
Duration           : 652
Found items        : 10
Total scanned      : 143443
Signatures Version : 20220912_141521
Truesight Driver   : Yes
Updates Count      : 10

************************* Warnings *************************

************************* Removal *************************
[PUP.BundleInstaller (Potenziell bösartig)] \VLC Plus Player Updater -- C:\Users\deniz\AppData\Local\VLC (Plus Player Updater\Updater.exe) -> Gelöscht
  [+] scan_what       : 0
  [+] vendors         : PUP.BundleInstaller
  [+] Name            : \VLC Plus Player Updater
  [+] value           : C:\Users\deniz\AppData\Local\VLC (Plus Player Updater\Updater.exe)
  [+] Type            : Task
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 0
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-1798280388-614632519-694548969-1001\Software\OCS --  -> Gelöscht
  [+] scan_what       : 2
  [+] vendors         : PUP.Gen1
  [+] Name            : HKEY_USERS\S-1-5-21-1798280388-614632519-694548969-1001\Software\OCS
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 1
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[PUP.BundleInstaller (Potenziell bösartig)] HKEY_USERS\S-1-5-21-1798280388-614632519-694548969-1001\Software\Microsoft\Windows\CurrentVersion\Run|VLC Plus Player Updater -- [%localappdata%\VLC Plus Player Updater\Updater.exe] -> Gelöscht
  [+] scan_what       : 1
  [+] vendors         : PUP.BundleInstaller
  [+] Name            : HKEY_USERS\S-1-5-21-1798280388-614632519-694548969-1001\Software\Microsoft\Windows\CurrentVersion\Run|VLC Plus Player Updater
  [+] value           : [%localappdata%\VLC Plus Player Updater\Updater.exe]
  [+] Type            : Registry
  [+] file_hash       : 9367D5767113478C142151A19AC156D3F2FF9871C231656745E42A26AB3ACEBC
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 2
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{FA0A57BF-DB96-45BC-86A9-169974E0046B}C:\users\deniz\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe -- [%localappdata%\programs\mobalytics-desktop\mobalytics desktop.exe] -> Gelöscht
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{FA0A57BF-DB96-45BC-86A9-169974E0046B}C:\users\deniz\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe
  [+] value           : [%localappdata%\programs\mobalytics-desktop\mobalytics desktop.exe]
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 3
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{AA2C13FF-3BEB-4A8F-A5A5-C293BF0F3C2A}C:\users\deniz\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe -- [%localappdata%\programs\mobalytics-desktop\mobalytics desktop.exe] -> Gelöscht
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{AA2C13FF-3BEB-4A8F-A5A5-C293BF0F3C2A}C:\users\deniz\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe
  [+] value           : [%localappdata%\programs\mobalytics-desktop\mobalytics desktop.exe]
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 4
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[PUP.BundleInstaller (Potenziell bösartig)] vlc-setup-win64.exe [Aller Media e.K.] -- %USERPROFILE%\Desktop\vlc-setup-win64.exe -> Gelöscht
  [+] scan_what       : 1
  [+] vendors         : PUP.BundleInstaller
  [+] Name            : vlc-setup-win64.exe [Aller Media e.K.]
  [+] value           : %USERPROFILE%\Desktop\vlc-setup-win64.exe
  [+] Type            : File/Folder
  [+] file_hash       : 9367D5767113478C142151A19AC156D3F2FF9871C231656745E42A26AB3ACEBC
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 5
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[Adw.Dealply (Bösartig)] Obsidian -- %localappdata%\Obsidian -> Gelöscht
  [+] scan_what       : 1
  [+] vendors         : Adw.Dealply
  [+] Name            : Obsidian
  [+] value           : %localappdata%\Obsidian
  [+] Type            : File/Folder
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 2
  [+] id              : 6
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[PUP.BundleInstaller (Potenziell bösartig)] vlcplus-3.0.17.4-win64.exe [Aller Media e.K.] -- %localappdata%\Temp\vlcplus-3.0.17.4-win64.exe -> Gelöscht
  [+] scan_what       : 1
  [+] vendors         : PUP.BundleInstaller
  [+] Name            : vlcplus-3.0.17.4-win64.exe [Aller Media e.K.]
  [+] value           : %localappdata%\Temp\vlcplus-3.0.17.4-win64.exe
  [+] Type            : File/Folder
  [+] file_hash       : 2A0A4FF41D20FC3ADFDDA56B3371BEF667F8B27EA31DC8F86E65D5C5F3F9D1E8
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 7
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[PUP.BundleInstaller (Potenziell bösartig)] Updater.exe [Aller Media e.K.] -- %localappdata%\VLC Plus Player Updater\Updater.exe -> Gelöscht
  [+] scan_what       : 1
  [+] vendors         : PUP.BundleInstaller
  [+] Name            : Updater.exe [Aller Media e.K.]
  [+] value           : %localappdata%\VLC Plus Player Updater\Updater.exe
  [+] Type            : File/Folder
  [+] file_hash       : 9367D5767113478C142151A19AC156D3F2FF9871C231656745E42A26AB3ACEBC
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 8
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[PUP.BundleInstaller (Potenziell bösartig)] vlc-setup-win64.exe [Aller Media e.K.] -- %USERPROFILE%\Desktop\vlc-setup-win64.exe -> Gefunden
  [+] scan_what       : 1
  [+] vendors         : PUP.BundleInstaller
  [+] Name            : vlc-setup-win64.exe [Aller Media e.K.]
  [+] value           : %USERPROFILE%\Desktop\vlc-setup-win64.exe
  [+] Type            : File/Folder
  [+] file_hash       : 9367D5767113478C142151A19AC156D3F2FF9871C231656745E42A26AB3ACEBC
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 9
  [+] status          : 1
  [+] status_str      : Gefunden
  [+] removed         : No
  [+] status_choice   : 2
  [+] malpe_score     : 0
         
Der VLC-Updater hat sich auf jeden Fall wieder selbstständig installiert...

Alt 15.09.2022, 13:01   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Dann wären wir durch!

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Abschließend unbedingt folgende Sicherheitsmaßnahmen lesen und umsetzen:

__________________
Logs bitte immer in CODE-Tags posten

Alt 16.09.2022, 07:00   #9
Enanta
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Zitat:
Zitat von cosinus Beitrag anzeigen
Dann wären wir durch!

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Abschließend unbedingt folgende Sicherheitsmaßnahmen lesen und umsetzen:

Anleitung: Cleanup & Maßnahmen zur Absicherung des Rechners
Ok super, ich danke dir! Soll ich denn das TBCleanUpTool mal drüber laufen lassen oder besteht kein Bedarf? Die von dir neu gelernten Tools werde ich auf jeden Fall monatlich durchlaufen lassen. Danke dir und du kriegst eine Bewertung.

Guten Morgen, tatsächlich wurde heute beim Hochfahren meines Rechners direkt wieder Chrome geöffnet und vlc.de besucht. Die Seite wurde zwar blockiert, da ich jetzt uBlock habe, aber warum öffnet sich denn nun die Seite wieder? Ich bin alle Chrome Einstellungen durchgegangen, habe nichts gefunden. Adwcleaner hat nichts gefunden, gerade lasse ich Malwarebytes durchlaufen.

Alt 16.09.2022, 13:36   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Chrome deinstallieren und nur Firefox verwenden.
__________________
Logs bitte immer in CODE-Tags posten

Alt 16.09.2022, 14:21   #11
Enanta
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Zitat:
Zitat von cosinus Beitrag anzeigen
Chrome deinstallieren und nur Firefox verwenden.
Geht nicht, da ich bestimmte Plugins benötige, die es nur für Chrome gibt.

Alt 17.09.2022, 19:16   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Trotzdem wirst du Chrome deinstallieren und neu installieren müssen, denn so wie es aussieht ist dein Chromeprofil versaut.
__________________
Logs bitte immer in CODE-Tags posten

Alt 24.09.2022, 14:50   #13
M-K-D-B
/// TB-Ausbilder
 
PUP.optional.startfenster entfernen - vlc.de - Standard

PUP.optional.startfenster entfernen - vlc.de



Fehlende Rückmeldung
Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten.
Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen!

Thema geschlossen

Themen zu PUP.optional.startfenster entfernen - vlc.de
administrator, avast, defender, dll, entfernen, firefox, geforce, google, installation, internet, microsoft, mozilla, nvcontainer.exe, nvidia, ordner, prozesse, registry, rundll, software, svchost.exe, system, trojaner, updates, usb, windows, wmi



Ähnliche Themen: PUP.optional.startfenster entfernen - vlc.de


  1. Startfenster.de endlich entfernen
    Mülltonne - 11.06.2020 (4)
  2. Win10: PUP.Optional.Startfenster sowie .Legacy verschwindet nicht
    Mülltonne - 01.06.2020 (6)
  3. Pup.optional.delta/Startfenster/Trovi über Google Chrome bei angemeldetem Google-Konto
    Log-Analyse und Auswertung - 23.04.2020 (13)
  4. PUP.Optional.StartFenster
    Log-Analyse und Auswertung - 19.12.2019 (1)
  5. Adware/Malware in Firefox? PUP.Optional.StartFenster & Adware.KeenValue
    Plagegeister aller Art und deren Bekämpfung - 05.11.2019 (14)
  6. Win10: PUP.Optional.Startfenster und anderes
    Plagegeister aller Art und deren Bekämpfung - 10.11.2018 (18)
  7. PUP.Optional.ReMarkIt.PrxySvrRST und PUP.Optional.Yontoo lassen sich nicht entfernen AnitMalwarebytes mit 4 Funden
    Log-Analyse und Auswertung - 19.12.2016 (24)
  8. GMER stürzt ab - MBAM erkennt PUP.Optional.Agent, PUP.Optional.IEBho.A, PUP.Optional.MyFreeze.A
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (13)
  9. WIN7: Fund PUP.Optional.DigitalSites.A, PUP.Optional.OpenCandy, PUP.Optional.Softonic.A, PUP.Optional.Updater.A. Weitere Vorgehensweise
    Log-Analyse und Auswertung - 08.10.2014 (11)
  10. Trojaner: PUP.Optional.CrossRider.A, PUP.Optional.MySearchDial.A, PUP.Optional.Babylon.A, PUP.Optional.BuenoSearch
    Plagegeister aller Art und deren Bekämpfung - 17.07.2014 (3)
  11. Security.Hijack, PUP.Optional.OpenCandy, PUP.Optional.Somoto, PUP.Optional.MoviesToolBar etc gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.04.2014 (1)
  12. Windows 8: Fund von TR/Dropper.gen, PUP.Optional.Iminent.A, PUP.Optional.BizzyBolt, PUP.Optional.DigitalSites.A
    Log-Analyse und Auswertung - 10.12.2013 (13)
  13. Windows Vista: PUP.Optional.Tarma.A PUP.Optional.OpenCandy PUP.Optional.InstallCore.A
    Plagegeister aller Art und deren Bekämpfung - 11.09.2013 (13)
  14. Startfenster.com entfernen
    Plagegeister aller Art und deren Bekämpfung - 28.02.2013 (3)
  15. www.Startfenster.com entfernen
    Plagegeister aller Art und deren Bekämpfung - 08.12.2012 (15)
  16. Startfenster.com entfernen
    Anleitungen, FAQs & Links - 05.10.2012 (0)
  17. Startfenster.com nach Neuintallation wie entfernen
    Log-Analyse und Auswertung - 03.10.2012 (1)

Zum Thema PUP.optional.startfenster entfernen - vlc.de - Guten Morgen zusammen, gestern Abend bin ich tatsächlich auf vlc.de reingefallen. Seit 15 Jahren bin ich clean unterwegs, aber gestern habe ich leider erst nach der Installation verstanden, dass VLC - PUP.optional.startfenster entfernen - vlc.de...
Archiv
Du betrachtest: PUP.optional.startfenster entfernen - vlc.de auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.