vor einigen Tagen war mein Nachbar mit ihrer Tochter bei mir zu Besuch. Während sich die Erwachsenen unterhielten, war das Kind am Rechner beschäftigt. Womöglich hat si etwas "falsches" heruntergeladen oder eine "falsche" Seite angeklickt. Seitdem habe ich kleine Probleme an meinem Rechner. Bitte um einen Check. Log-Dateien unten aufgeführt.
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-01-2025
Ran by ali_b (administrator) on DESKTOP-G9F6VUF (HP HP Pavilion Gaming Desktop TG01-2xxx) (04-01-2025 20:43:08)
Running from C:\Users\ali_b\OneDrive\Desktop\FRST64.exe
Loaded Profiles: ali_b
Platform: Microsoft Windows 10 Home Single Language Version 22H2 19045.5247 (X64) Language: Türkçe (Türkiye)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <4>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe <2>
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.24.167.1\extnhost\mc-extn-browserhost.exe <2>
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Corsair Components, Inc. -> Corsair Components, Inc.) D:\Corsair\HeadsetControlPanel.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2412.1001.22.0_x64__8wekyb3d8bbwe\XboxPcTray.exe
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVerMedia TECHNOLOGIES, INC. -> AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7aa6ca9dbb25bff8\jhi_service.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.24.167.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdc.inf_amd64_a40f4449e80e2ef2\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee, LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.24.167.1\neo\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2412.1001.22.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2410.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2021-08-17] (Corel Corporation -> WinZip Computing, S.L.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3138560 2023-01-11] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [851928 2022-08-22] (DIVX LLC -> DivX, LLC)
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => D:\Corsair\HeadsetControlPanel.exe [2918152 2014-08-18] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [Steam] => D:\Steam\steam.exe [4412512 2024-12-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [MicrosoftEdgeAutoLaunch_51FA75F58421240AA0A293AA15CB097C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-12-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe (No File)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3412576 2024-12-13] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [AF_uuid_234330] => d4f7da7a-d797-4176-a386-5fec04ee2cd6************46b4245a-c31a-4602-a0ec- (No File)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\...\Run: [AF_counter_234330] => 2 (No File)
HKLM\...\Windows x64\Print Processors\Canon E410 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDJ.DLL [30720 2016-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor E410 series: C:\windows\system32\CNMLMDJ.DLL [484352 2016-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-19] (Google LLC -> Google LLC)
Startup: C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar51.lnk [2022-10-20]
ShortcutTarget: Sidebar51.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2021-11-17]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {78E27041-221F-45F8-A8F5-49AB69825A6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {C0EAA437-8301-4C1D-945C-899517B64543} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68056 2022-08-22] (DIVX LLC -> DivX, LLC)
Task: {A7111BA1-F206-4679-AF01-7EDF6F13553B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{A1AFB225-0428-438B-996F-598D610CF758} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {5D809019-F36D-493C-A9D9-0054FFE71904} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003528 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {4F3AABC6-B020-43B1-8794-B9AFF82F0F38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2024-12-17] (HP Inc. -> HP Inc.)
Task: {A6609191-D1EE-401A-AA74-20E6E8CCD986} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1170440 2024-12-17] (HP Inc. -> HP Inc.)
Task: {AD82DDD8-5796-4C93-83E0-04094F10B304} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {468AF0B8-2014-467D-9AFC-A1147BD6B701} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60880 2024-01-11] (HP Inc. -> HP Inc.)
Task: {9F877C7A-1F31-4068-A057-0D1FDDB30703} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60880 2024-01-11] (HP Inc. -> HP Inc.)
Task: {DA8EF575-95C5-48AD-84EA-E28F48D59260} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {E43E5C55-AD00-44CA-8BA5-F1D8633FEE41} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {C5EBE2E7-0B1F-4703-8E3D-506864F41145} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {F271E4B9-7A19-495E-826B-571100331DAF} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {0E7FF967-2796-42C0-9C63-09C441EB0FA6} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\WPS\1.24.167.1\sustainability\mc-sustainability.exe [958176 2024-12-13] (McAfee, LLC -> McAfee, LLC)
Task: {B59C9093-C3B7-47A0-8851-40DABBEC383C} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.24.167.1\dad\mc-dad.exe [2675552 2024-12-13] (McAfee, LLC -> McAfee, LLC)
Task: {46CF7393-6C83-4E1D-8058-AD83F45B5BF6} - System32\Tasks\McAfee\WPS\McAfee Message Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {C4996C94-77BA-4956-B3AD-F78EDEEDBCA6} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {47656533-BCCF-496A-B499-6672877A6D42} - System32\Tasks\McAfee\WPS\McAfee restart of PC => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {218666F2-3D00-4968-BBC4-310321DC3E93} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {C172D237-DC51-422F-A701-28750BE6ADD2} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {8E846341-9E64-4222-B1EE-E661B3F0FF22} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.24.167.1\mc-update.exe [3334032 2024-12-13] (McAfee, LLC -> McAfee, LLC)
Task: {4CEDEB0A-2F7C-4AB6-BF5D-5E4E60AB45BA} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {8D3BE26D-EAE8-4DB3-93AD-F0EDF8C077C3} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\WPS\1.24.167.1\mc-wns-client\mc-wns-client.exe [935976 2024-12-13] (McAfee, LLC -> )
Task: {9775EF85-B731-4072-81D2-4680D73B151C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {26C874DE-4FC9-497A-B93E-501877604CA8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {85FF0D1E-9B07-406E-9969-3BFD9200B68B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9CBF4A2-358C-4B88-B289-F83B6ADC1834} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F341FDE9-05AB-466C-A462-4B7D9A885537} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [186992 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A68A726-B324-4ED6-9C74-CD84DE1795E4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {623171E2-B004-4A3B-94EF-84D681CEE192} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7F50C329-4BB3-4ABD-A8D1-DF6AFD44FFC3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E188BE51-54AC-4EE5-9B5B-104C040596CB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {1DA2BBBB-9B85-4FBC-95D0-F95C91BF0F0F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E60514E-D189-4AD6-9BAD-739927AA163C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C8A76CC-D931-42D4-B8E3-0761B9CF76D1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7695B6A-A684-4E9F-95B5-F86E97CC3642} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC6C9388-409D-4CA6-83AE-E039626D2226} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB931CC0-D2AD-4520-B52D-8CD6AE66503C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F4D703A-C94E-4052-BA65-23D9EAF783A8} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [71632 2024-12-13] (HP Inc. -> HP Inc.)
Task: {C710B4A4-CA98-495C-8492-8CAD3E8B0CA5} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [71632 2024-12-13] (HP Inc. -> HP Inc.)
Task: {F744ECEB-D9E7-46D6-B832-BA7E18E4ECB8} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [67024 2024-12-13] (HP Inc. -> HP Inc.)
Task: {9F8AA907-34C2-4CB7-A270-7E63A1941A58} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [67024 2024-12-13] (HP Inc. -> HP Inc.)
Task: {95555EF2-DCB7-4B03-AC36-84D011DC3104} - System32\Tasks\RtkAudUService64_BG => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {556583BC-8B96-4062-B360-D82C3064F9D3} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [152048 2022-11-18] (HP Inc. -> HP Inc.)
Task: {9AD9E7D8-868F-47EF-861E-535BB14C96C4} - System32\Tasks\Telemetry update-S-1-5-21-3460174932 => C:\ProgramData\Local\Microsoft\Windows\Telemetry\wlanext32.exe (No File) <==== ATTENTION
Task: {30FA7B8E-509A-406F-9B4A-DFA9FCA7547A} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
Task: {329931A7-F5F8-49AF-A150-0C7BB3D0C83D} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
Task: {005D1EB9-B0FF-4842-A973-A6737FA50DB3} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-17] (Corel Corporation -> Corel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{507b289c-f15b-41df-bf8f-4bbaa984ed9c}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{b65a5150-3e30-4e18-99b9-9f5bdf3ce9e0}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-04]
Edge DownloadDir: Default -> C:\Users\ali_b\OneDrive\Desktop
Edge HomePage: Default -> hxxp://www.google.de/
Edge StartupUrls: Default -> "hxxp://search.mpc.am/"
Edge Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cdbkakmeogejmlpgioplhjkaablahbmj [2024-02-15]
Edge Extension: (McAfee® WebAdvisor) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2024-12-21]
Edge Extension: (Google Dokümanlar Çevrimdışı) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-21]
Edge Extension: (Adblock Plus - ücretsiz reklam engelleyici) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-12-21]
Edge Extension: (AdGuard VPN — ücretsiz ve güvenli proxy) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hhdobjgopfphlmjbmnpglhfcgppchgje [2024-12-31]
Edge Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ighhnpmaabelnfcbbkijikgghajbiaml [2024-02-15]
Edge Extension: (Edge relevant text changes) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-15]
Edge Extension: (ZenMate Ücretsiz VPN - Edge için En İyi VPN) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kepdippgcikacmcdaijnponnfgljfbea [2024-02-15]
Edge Extension: (AdBlock — en iyi reklam engelleyici) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-12-21]
Edge Extension: (AdGuard Reklam Engelleyici) - C:\Users\ali_b\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2024-12-31]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2024-03-25] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-13] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default [2025-01-01]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-01-01]
CHR Extension: (McAfee® Web Boost) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\klekeajafkkpokaofllcadenjdckhinm [2023-05-18]
CHR Extension: (Online Security) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2024-04-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-16]
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-17]
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-01-04]
CHR Notifications: Profile 1 -> hxxps://www.tahtakaledenal.com
CHR HomePage: Profile 1 -> hxxp://www.google.de/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.de/"
CHR Extension: (AdGuard Werbeblocker) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2024-12-27]
CHR Extension: (Touch VPN – Kostenloses VPN und kostenloser Proxy) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2023-09-27]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-12-18]
CHR Extension: (Adblock für Youtube™) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2024-12-24]
CHR Extension: (Adblock Ad Blocker Pro) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dgjbaljgolmlcmmklmmeafecikidmjpi [2024-12-19]
CHR Extension: (VPN Kostenlos ZenMate - Free VPN für Chrome) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2024-05-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-12-20]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-12-18]
CHR Extension: (Adblock Unlimited - Adblocker) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jiaopkfkampgnnkckajcbdgannoipcne [2024-07-06]
CHR Extension: (Avengers Assemble) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kaplllhgohhnjpfldlglneignfjlenac [2021-11-16]
CHR Extension: (McAfee® Web Boost) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klekeajafkkpokaofllcadenjdckhinm [2022-11-11]
CHR Extension: (Kostenloses VPN für Chrome - VPN Proxy VeePN) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2025-01-04]
CHR Extension: (Microsoft 365) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2023-12-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-16]
CHR Profile: C:\Users\ali_b\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-2266882305-1638506966-3997672796-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
Yandex:
=======
YAN Profile: C:\Users\ali_b\AppData\Local\Yandex\YandexBrowser\User Data\Default [2024-08-02]
YAN DownloadDir: C:\Users\ali_b\OneDrive\Desktop
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [1930848 2018-03-31] (AVerMedia TECHNOLOGIES, INC. -> AVerMedia TECHNOLOGIES, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512888 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19068000 2024-12-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\AppHelperCap.exe [912480 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\DiagsCap.exe [910944 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe [906848 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe [755152 2023-10-19] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-11] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe [911480 2024-11-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446360 2022-04-27] (Canon Inc. -> )
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.24.167.1\mc-fw-host.exe [2592000 2024-12-13] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.24.167.1\mc-update.exe [3334032 2024-12-13] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [926176 2024-12-13] (McAfee, LLC -> McAfee, LLC)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\windows\System32\DriverStore\FileRepository\nvhdc.inf_amd64_a40f4449e80e2ef2\Display.NvContainer\NVDisplay.Container.exe [1275432 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVer330USB; C:\windows\system32\DRIVERS\AVer330USB.sys [1551616 2015-04-09] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 CorsairAudioFilter; C:\windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-14] (Corsair Components, Inc. -> Corsair Components, Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
R2 HpReadHWData; C:\windows\system32\drivers\HpReadHWData.sys [57952 2024-12-13] (HP Inc. -> Windows (R) Win 7 DDK provider)
S0 mfeelam; C:\windows\System32\DRIVERS\mfeelam.sys [19536 2024-12-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> McAfee, LLC)
R0 mfesec; C:\windows\System32\DRIVERS\mfesec.sys [76000 2024-12-13] (McAfee, LLC -> McAfee, LLC)
R1 rtf64; C:\windows\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 ViGEmBus; C:\windows\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [22104 2024-11-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [606624 2024-11-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-20] (Microsoft Windows -> Microsoft Corporation)
U4 Sense; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-04 20:43 - 2025-01-04 20:43 - 000038860 _____ C:\Users\ali_b\OneDrive\Desktop\FRST.txt
2025-01-04 20:42 - 2025-01-04 20:43 - 000000000 ____D C:\FRST
2025-01-04 20:42 - 2025-01-04 20:42 - 002403840 _____ (Farbar) C:\Users\ali_b\OneDrive\Desktop\FRST64.exe
2025-01-03 21:50 - 2025-01-03 21:50 - 000000446 _____ C:\Users\ali_b\OneDrive\Desktop\Backup-codes-cananbirol34.txt
2025-01-03 07:06 - 2025-01-03 07:06 - 000021202 _____ C:\Users\ali_b\AppData\Local\recently-used.xbel
2025-01-02 19:31 - 2025-01-02 19:56 - 000001361 _____ C:\Users\ali_b\OneDrive\Desktop\FreemakeVC.exe.lnk
2025-01-02 14:41 - 2025-01-02 14:41 - 000001529 _____ C:\Users\ali_b\OneDrive\Desktop\DaVinci Resolve.lnk
2025-01-02 14:40 - 2025-01-02 14:41 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2025-01-02 14:40 - 2025-01-02 14:40 - 000000000 ____D C:\ProgramData\Blackmagic Design
2025-01-02 14:39 - 2025-01-02 14:39 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2025-01-02 02:59 - 2025-01-02 02:59 - 000000000 ____D C:\ProgramData\Freemake
2025-01-02 02:35 - 2025-01-02 02:35 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\edcf
2025-01-02 02:17 - 2025-01-04 01:07 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Any Video Converter
2025-01-02 02:17 - 2025-01-02 02:20 - 000000000 ____D C:\Users\ali_b\OneDrive\Dokumente\Any Video Converter
2025-01-02 02:17 - 2025-01-02 02:17 - 000000036 _____ C:\Users\ali_b\AppData\Local\_LOCAL_GUID
2025-01-02 02:17 - 2025-01-02 02:17 - 000000000 ____H C:\Users\ali_b\MJKJRegInfo_JSOIGNLOFVI6W4DODRL5DLLUHYENUXTM
2025-01-02 02:15 - 2025-01-02 02:15 - 000001124 _____ C:\Users\ali_b\OneDrive\Desktop\Any Video Converter.lnk
2025-01-02 02:15 - 2025-01-02 02:15 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvsoft
2025-01-02 02:15 - 2025-01-02 02:15 - 000000000 ____D C:\Program Files\Anvsoft
2025-01-02 01:28 - 2025-01-02 01:28 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\ufcphsom
2025-01-02 01:21 - 2025-01-02 01:54 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\XMedia Recode
2025-01-02 01:04 - 2025-01-02 01:04 - 000000000 ____D C:\Users\ali_b\downloadtemp
2025-01-02 01:04 - 2025-01-02 01:04 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\TSHelpService
2025-01-02 01:04 - 2025-01-02 01:04 - 000000000 ____D C:\Users\ali_b\AppData\Local\HitPawCNV
2025-01-02 01:03 - 2025-01-02 01:28 - 000000000 ____D C:\Users\ali_b\AppData\Local\HitPaw Software
2025-01-02 01:02 - 2025-01-02 01:28 - 000000000 ____D C:\Program Files (x86)\HitPaw
2025-01-02 00:39 - 2025-01-02 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2024-12-31 20:58 - 2025-01-01 22:58 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\obs-studio
2024-12-31 17:55 - 2024-12-31 17:55 - 000000000 ____D C:\Users\ali_b\OneDrive\Dokumente\Foxy Voxel
2024-12-31 17:54 - 2024-12-31 20:42 - 000000016 _____ C:\Users\ali_b\AppData\Roaming\obs-virtualcam.txt
2024-12-31 15:08 - 2024-12-31 15:08 - 000000000 ____D C:\Users\ali_b\OneDrive\Dokumente\Blackmagic Design
2024-12-31 15:07 - 2024-12-31 15:07 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Blackmagic Design
2024-12-31 15:07 - 2024-12-31 15:07 - 000000000 ____D C:\Users\ali_b\AppData\Local\DaVinci Resolve Welcome
2024-12-30 19:56 - 2024-12-30 19:56 - 000000000 ____D C:\Users\ali_b\AppData\Local\ContractVille
2024-12-30 15:36 - 2024-12-30 15:36 - 000000203 _____ C:\Users\ali_b\OneDrive\Desktop\ContractVille.url
2024-12-23 16:12 - 2024-12-23 16:12 - 000000000 ____D C:\Users\ali_b\AppData\Local\CenterStationV1
2024-12-23 15:40 - 2024-12-23 15:40 - 000000203 _____ C:\Users\ali_b\OneDrive\Desktop\Center Station Simulator.url
2024-12-17 19:28 - 2024-12-17 19:28 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-12-16 16:45 - 2024-12-16 16:45 - 004906380 _____ C:\windows\Minidump\121624-11500-01.dmp
2024-12-13 19:11 - 2024-12-13 19:11 - 000022205 _____ C:\windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-13 19:11 - 2024-12-13 19:11 - 000022205 _____ C:\windows\system32\IntegratedServicesRegionPolicySet.json
2024-12-13 18:08 - 2024-12-13 18:08 - 000000000 ___HD C:\$WinREAgent
2024-12-10 01:17 - 2024-12-10 01:17 - 003451100 _____ C:\windows\Minidump\121024-16734-01.dmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2031-06-28 11:43 - 2022-05-10 10:27 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\StardewValley
2025-01-04 20:26 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-04 19:55 - 2021-11-20 14:27 - 000000000 ____D C:\Users\ali_b\AppData\Local\Sidebar7
2025-01-04 19:13 - 2021-11-16 14:21 - 000000000 ____D C:\Users\ali_b\AppData\Local\Steam
2025-01-04 19:10 - 2021-11-19 15:46 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\vlc
2025-01-04 17:50 - 2022-10-17 00:01 - 000000000 ____D C:\Users\ali_b\AppData\Local\OGH
2025-01-04 17:31 - 2020-05-06 11:58 - 000000000 ____D C:\windows\system32\SleepStudy
2025-01-04 16:38 - 2024-06-19 11:13 - 000004198 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{4ED26314-62CD-41AF-B0F4-C2E98EA233F0}
2025-01-04 12:25 - 2021-09-21 08:47 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-04 11:31 - 2019-12-07 12:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-04 11:31 - 2019-12-07 12:14 - 000000000 ____D C:\windows\AppReadiness
2025-01-03 21:47 - 2021-09-21 19:08 - 000725372 _____ C:\windows\system32\perfh01F.dat
2025-01-03 21:47 - 2021-09-21 19:08 - 000159030 _____ C:\windows\system32\perfc01F.dat
2025-01-03 21:47 - 2020-05-06 12:03 - 001820854 _____ C:\windows\system32\PerfStringBackup.INI
2025-01-03 21:47 - 2019-12-07 12:13 - 000000000 ____D C:\windows\INF
2025-01-03 20:26 - 2021-12-01 00:34 - 000000000 ____D C:\Users\ali_b\AppData\Local\CrashDumps
2025-01-03 07:06 - 2021-12-11 17:42 - 000000000 ____D C:\Users\ali_b\AppData\Local\babl-0.1
2025-01-03 07:05 - 2021-12-11 18:01 - 000000000 ____D C:\Users\ali_b\AppData\Local\gtk-2.0
2025-01-02 14:34 - 2023-09-23 20:45 - 000000000 ____D C:\Users\ali_b\AppData\Local\cache
2025-01-02 14:23 - 2021-11-16 13:48 - 000000000 ____D C:\Users\ali_b
2025-01-02 14:23 - 2020-05-06 11:58 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-02 14:23 - 2020-05-06 11:58 - 000000006 ____H C:\windows\Tasks\SA.DAT
2025-01-02 14:23 - 2019-12-07 12:14 - 000000000 ____D C:\windows\ServiceState
2025-01-02 14:23 - 2019-12-07 12:03 - 000786432 _____ C:\windows\system32\config\BBI
2025-01-02 02:58 - 2023-03-04 00:28 - 000000000 ____D C:\Program Files (x86)\Freemake
2025-01-02 02:44 - 2021-12-11 20:52 - 000000000 ____D C:\Users\ali_b\AppData\Local\FreemakeVideoConverter
2025-01-02 02:19 - 2021-11-16 13:54 - 000000000 ____D C:\Users\ali_b\AppData\Local\D3DSCache
2025-01-01 23:36 - 2021-11-16 13:54 - 000000000 ____D C:\Users\ali_b\AppData\Local\Packages
2025-01-01 05:22 - 2022-11-08 12:26 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-12-31 20:58 - 2024-03-13 14:37 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-12-31 20:58 - 2024-03-13 14:37 - 000000000 ____D C:\ProgramData\obs-studio
2024-12-31 20:58 - 2024-03-13 14:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2024-12-31 20:55 - 2024-03-13 14:37 - 000000000 ____D C:\Program Files\obs-studio
2024-12-31 17:55 - 2022-11-06 21:16 - 000000000 ____D C:\Users\ali_b\AppData\LocalLow\Unity
2024-12-31 14:17 - 2024-03-26 20:26 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\paradox-launcher-v2
2024-12-31 11:38 - 2021-12-13 10:46 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Audacity
2024-12-30 22:51 - 2022-12-16 21:13 - 000000000 ____D C:\Users\ali_b\OneDrive\Desktop\YT Downloads
2024-12-30 15:36 - 2021-11-16 14:33 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-12-24 03:42 - 2022-01-28 21:13 - 000000000 ____D C:\windows\SystemTemp
2024-12-23 16:12 - 2021-11-22 12:29 - 000000000 ____D C:\Users\ali_b\AppData\Local\UnrealEngine
2024-12-21 20:17 - 2021-09-21 08:20 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-21 10:11 - 2021-09-21 08:20 - 000003622 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-21 10:11 - 2021-09-21 08:20 - 000003498 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-19 23:37 - 2021-11-16 14:03 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-17 19:28 - 2021-09-21 08:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-12-17 19:28 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-12-17 11:35 - 2021-12-11 20:26 - 000003592 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2266882305-1638506966-3997672796-1001
2024-12-17 11:35 - 2021-11-16 13:56 - 000003380 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2266882305-1638506966-3997672796-1001
2024-12-17 11:35 - 2021-11-16 13:48 - 000002364 _____ C:\Users\ali_b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-16 16:45 - 2022-10-22 19:06 - 1462450221 _____ C:\windows\MEMORY.DMP
2024-12-16 16:45 - 2021-12-11 21:35 - 000000000 ____D C:\windows\Minidump
2024-12-14 14:00 - 2024-01-31 10:44 - 000004290 _____ C:\windows\system32\Tasks\OmenInstallMonitorCustomEvent
2024-12-14 14:00 - 2024-01-31 10:44 - 000004230 _____ C:\windows\system32\Tasks\OmenOverlayCustomEvent
2024-12-14 14:00 - 2023-09-13 11:20 - 000003888 _____ C:\windows\system32\Tasks\OmenInstallMonitor
2024-12-14 14:00 - 2023-09-13 11:20 - 000003828 _____ C:\windows\system32\Tasks\OmenOverlay
2024-12-14 01:15 - 2020-05-06 11:58 - 000699840 _____ C:\windows\system32\FNTCACHE.DAT
2024-12-14 01:14 - 2024-07-11 01:01 - 000000000 ____D C:\windows\system32\compatrel
2024-12-14 01:14 - 2021-09-21 19:42 - 000000000 ____D C:\windows\TextInput
2024-12-14 01:14 - 2021-09-21 19:42 - 000000000 ____D C:\windows\HoloShell
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ___RD C:\windows\PrintDialog
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\SysWOW64\setup
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\SystemResources
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\ShellExperiences
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\setup
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\oobe
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\system32\appraiser
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\ShellExperiences
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\ShellComponents
2024-12-14 01:14 - 2019-12-07 12:14 - 000000000 ____D C:\windows\bcastdvr
2024-12-13 19:15 - 2023-06-22 11:51 - 000057952 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\HpReadHWData.sys
2024-12-13 19:14 - 2019-12-07 12:03 - 000000000 ____D C:\windows\CbsTemp
2024-12-13 19:11 - 2020-05-06 12:01 - 003016192 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2024-12-13 18:12 - 2023-05-18 17:51 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-12-13 18:12 - 2023-05-18 17:44 - 000004562 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2024-12-13 18:09 - 2023-11-08 23:01 - 000076000 _____ (McAfee, LLC) C:\windows\system32\Drivers\mfesec.sys
2024-12-13 18:09 - 2023-11-08 23:01 - 000019536 _____ (McAfee, LLC) C:\windows\system32\Drivers\mfeelam.sys
2024-12-13 18:09 - 2019-12-07 12:14 - 000000000 ___HD C:\windows\ELAMBKUP
2024-12-13 18:07 - 2023-09-23 20:45 - 000000000 ____D C:\ProgramData\EA Desktop
2024-12-06 17:59 - 2022-05-15 14:13 - 000000000 ____D C:\Users\ali_b\AppData\Roaming\Microsoft\Word
2024-12-05 09:55 - 2024-11-02 07:45 - 000296488 _____ (Microsoft Corporation) C:\windows\system32\gamingservicesproxy_6.dll
2024-12-05 09:55 - 2022-10-20 13:27 - 000124456 _____ (Microsoft Corporation) C:\windows\system32\xgamehelper.exe
2024-12-05 09:55 - 2022-10-20 13:27 - 000075328 _____ (Microsoft Corporation) C:\windows\system32\xgamecontrol.exe
2024-12-05 09:55 - 2021-12-01 10:23 - 000259648 _____ (Microsoft Corporation) C:\windows\system32\gamelaunchhelper.dll
2024-12-05 09:55 - 2021-11-16 10:24 - 002872896 _____ (Microsoft Corporation) C:\windows\system32\xgameruntime.dll
2024-12-05 09:55 - 2021-11-16 10:24 - 000775720 _____ (Microsoft Corporation) C:\windows\system32\gameplatformservices.dll
2024-12-05 09:55 - 2021-11-16 10:24 - 000243264 _____ (Microsoft Corporation) C:\windows\system32\gameconfighelper.dll
2024-12-05 09:55 - 2021-11-16 10:24 - 000153152 _____ (Microsoft Corporation) C:\windows\system32\gamingtcuihelpers.dll
==================== Files in the root of some directories ========
2024-12-31 17:54 - 2024-12-31 20:42 - 000000016 _____ () C:\Users\ali_b\AppData\Roaming\obs-virtualcam.txt
2025-01-03 07:06 - 2025-01-03 07:06 - 000021202 _____ () C:\Users\ali_b\AppData\Local\recently-used.xbel
2025-01-02 02:17 - 2025-01-02 02:17 - 000000036 _____ () C:\Users\ali_b\AppData\Local\_LOCAL_GUID
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt =======================
04.01.2025, 19:07
Baum-Darstellung