blaxus67 | 25.01.2024 17:19 | Code:
=================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{6E5329FE-8ECC-4526-8E92-A898B6EBF822}] => (Allow) C:\Program Files (x86)\Waves\SoundGrid for Venue\SoundGrid Inventory.exe (Waves Inc -> )
FirewallRules: [{F4485F9F-D1C2-4465-A921-1F40E43EED25}] => (Allow) C:\Program Files (x86)\Waves\SuperRack\SuperRack SoundGrid.exe (Waves Inc -> )
FirewallRules: [{65518A89-B518-44DF-A720-6E8933DCB128}] => (Allow) C:\Program Files (x86)\Waves\eMotion LV1\eMotion LV1.exe (Waves Inc -> )
FirewallRules: [{523EDB2F-8F7E-4853-B227-5ACF883F68DB}] => (Allow) C:\ProgramData\Waves Audio\MyMon\MyMonService.bundle\Contents\Win64\MyMonControlPanel.exe (Waves Inc -> )
FirewallRules: [UDP Query User{A057DE6E-183D-489E-8AB1-93CF4FA907F3}C:\users\ugur1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ugur1\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{93E1D5A7-549B-4534-B3EF-353784C79EB7}C:\users\ugur1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ugur1\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B7308EBF-143A-46A0-8587-2166FB631F96}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97BCE386-9AFA-4531-989E-C9BC4F4B4EF6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{681E1F4E-30AA-4502-B60D-F9C7C531CB70}E:\programme\epic\gta v\gtav\gta5.exe] => (Allow) E:\programme\epic\gta v\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{C3AE37E1-BC24-461F-80D9-55C852C09CFE}E:\programme\epic\gta v\gtav\gta5.exe] => (Allow) E:\programme\epic\gta v\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E47B4683-2620-4AB7-B1D8-B74D191466D6}] => (Allow) E:\Programme\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F23DDD3F-E191-4873-9F2A-E40E903FC468}] => (Allow) E:\Programme\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7CDA1A57-9054-47E3-9561-AFBC7C267D48}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FDF7E71A-07A7-4DC8-91F4-4F42797962F5}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{501B3C89-54E7-4078-ADAA-A852F3BD614D}] => (Allow) E:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe () [Datei ist nicht signiert]
FirewallRules: [{BE678086-2B13-41FD-9996-C6586B9D71E4}] => (Allow) E:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7F93E6A1-FC81-4266-8EF9-ED3F811CA333}C:\program files\google\chrome\application\chrome.exe.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{0EE39112-1A92-410D-AEFE-7B71ADCACD3C}C:\program files\google\chrome\application\chrome.exe.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{9F13C3D5-4857-4A39-A1E3-1D265328222F}C:\users\ugur1\appdata\local\programs\neuron\bin\ckb.exe] => (Allow) C:\users\ugur1\appdata\local\programs\neuron\bin\ckb.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{96FD49A5-7FB4-4394-897E-982B5119BE66}C:\users\ugur1\appdata\local\programs\neuron\bin\ckb.exe] => (Allow) C:\users\ugur1\appdata\local\programs\neuron\bin\ckb.exe () [Datei ist nicht signiert]
FirewallRules: [{7422E3DB-9A33-41CF-98A6-2F0A2C73448D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC1D820D-C4AC-4A82-9F07-C9EF6AE85CB1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E0A0B6AF-28BB-41AE-99AB-A6C0984D2C9B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2EAC02B3-4C52-49CC-BA9A-8D55B5FCB4A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFB46221-172D-4046-8C7F-7B29675198F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E7E96C32-7967-4CFF-9FFF-13F6B2024D1F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B2A0376F-4D49-49AE-B12B-D2F417280FD4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D0214E2B-B354-4604-8197-661E60E4BC03}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{BCBFB3E1-EF48-4E4F-8138-7C3579D38206}C:\users\ugur1\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\ugur1\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{0022361A-B977-4CA2-B67E-11FA6C34A8D5}C:\users\ugur1\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\ugur1\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{BD96D00C-6F25-4275-ADBC-59739D900F0A}] => (Allow) E:\Programme\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{34119C21-EDB4-4070-8DD5-6CA233BB4707}] => (Allow) E:\Programme\Steam\steamapps\common\Prometheus\Prometheus.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{784000D3-5F22-47A4-AC7F-F9FD67A77DD5}C:\users\ugur1\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ugur1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{86511542-0468-4DF8-8C19-37D991D117BA}C:\users\ugur1\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ugur1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C72B3EFB-20A2-4F5F-957B-77C81AA1BE93}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D83BF86-78AC-4D55-9EF9-9BDF4152B8C7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6897727-5BB9-49C9-AF90-4FB4B8A6AA3A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{20BA4180-0C23-47ED-94E4-CC58267B07CC}C:\program files\adobe\adobe premiere pro 2024\dvaaudiofilterscan.exe] => (Allow) C:\program files\adobe\adobe premiere pro 2024\dvaaudiofilterscan.exe (Adobe Inc. -> Adobe)
FirewallRules: [UDP Query User{2E88DDA1-A123-40AA-9DC2-9EDBC6766B53}C:\program files\adobe\adobe premiere pro 2024\dvaaudiofilterscan.exe] => (Allow) C:\program files\adobe\adobe premiere pro 2024\dvaaudiofilterscan.exe (Adobe Inc. -> Adobe)
FirewallRules: [{A48DF020-84C9-41B3-8B3B-4BE56369EA5B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3314.2555.9628_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22AB680B-A003-4864-9544-8ABDB9C4F990}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3314.2555.9628_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E100779F-6057-4E4E-9C8A-5974BB5E08C1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7EDE0FE6-6FDA-4CC9-9D3B-ED824078D276}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{9C8E50A6-3EF4-446B-8557-742738E37A27}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{52EAD02F-37EC-4A6B-AFE7-2D97A462376C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{3F814BC1-3905-407C-BAFB-56EAD71FC971}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F624D9DA-4835-4E01-9494-754C2A7DC520}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7A4034D9-770D-44F3-A808-81B0F155A5E2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{CE1ECCCB-D9BD-4AC7-90B9-7CB09030726F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8DE60CEF-7D06-46D5-8826-D896A1CFE614}] => (Allow) C:\Program Files\Opera GX\105.0.4970.74\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{441ED5CE-E909-40BD-8E05-5D108B33C75C}] => (Allow) C:\Program Files\Opera GX\105.0.4970.76\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{405C1B8E-0B80-49E5-9492-89E5C23DFF7B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FBF88191-4A36-44A6-9403-C5F7A19AFE85}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A98B7889-166B-46DE-9865-1248EF660F48}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{3B778257-613C-4F9C-862C-ECC6810BC017}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{D8D21F4E-6C87-4A11-8841-1B387D52CB29}C:\program files (x86)\dropbox\client\dropbox.exeexe] => (Block) C:\program files (x86)\dropbox\client\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{1B5937D3-3AF3-4CBB-B5C3-882353A9EAA6}C:\program files (x86)\dropbox\client\dropbox.exeexe] => (Block) C:\program files (x86)\dropbox\client\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
25-01-2024 16:42:18 TRON v12.0.6: Pre-run checkpoint
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/25/2024 05:06:22 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.
Error: (01/25/2024 05:06:22 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.
Error: (01/25/2024 05:06:21 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.
Error: (01/25/2024 05:06:20 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.
Error: (01/25/2024 05:06:11 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.
Error: (01/25/2024 05:05:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.19041.3758, Zeitstempel: 0x873a6ae7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6bd481f0
ID des fehlerhaften Prozesses: 0x11b4
Startzeit der fehlerhaften Anwendung: 0x01da4fa85b3e1e35
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\explorer.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 18dbe5aa-53f7-456e-abee-3e29f05af6c1
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/25/2024 05:05:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzDiagnostic, Version: 1.0.0.18, Zeitstempel: 0x6554826b
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.19041.3636, Zeitstempel: 0x6763d3a2
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0009eddb
ID des fehlerhaften Prozesses: 0x1758
Startzeit der fehlerhaften Anwendung: 0x01da4fa8484303f9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: ba545c27-1922-4f9a-8a18-3b75557ee1ec
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/25/2024 01:04:25 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.
Systemfehler:
=============
Error: (01/25/2024 05:05:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 25.01.2024 um 16:30:57 unerwartet heruntergefahren.
Error: (01/24/2024 06:16:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070705 fehlgeschlagen: 9NBLGGH3FRZM-Microsoft.VCLibs.140.00
Error: (01/23/2024 11:25:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Razer Synapse Service erreicht.
Error: (01/23/2024 11:25:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Razer Synapse Service erreicht.
Error: (01/23/2024 02:12:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone
Error: (01/23/2024 02:12:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070705 fehlgeschlagen: 9WZDNCRFHVJL-MICROSOFT.OFFICE.ONENOTE
Error: (01/20/2024 02:27:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200b fehlgeschlagen: 2024-01 Sicherheitsupdate für Windows 10 Version 22H2 für x64-basierte Systeme (KB5034441)
Error: (01/20/2024 07:45:18 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Razer Synapse Service erreicht.
Windows Defender:
================
Date: 2024-01-25 17:05:23
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi!ml&threatid=2147748148&enterprise=0
Name: Backdoor:Win32/Bladabindi!ml
Schweregrad: Schwerwiegend
Kategorie: Hintertür
Pfad: file:_E:\Downloads\Licenses\Output_KeyGen_by_R2R.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: System
Benutzer:
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.2688.0, AS: 1.403.2688.0, NIS: 1.403.2688.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2024-01-25 16:54:30
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi!ml&threatid=2147748148&enterprise=0
Name: Backdoor:Win32/Bladabindi!ml
Schweregrad: Schwerwiegend
Kategorie: Hintertür
Pfad: file:_E:\Downloads\Licenses\Output_KeyGen_by_R2R.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: System
Benutzer:
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.2688.0, AS: 1.403.2688.0, NIS: 1.403.2688.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2024-01-24 14:26:39
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {121EAB61-64DB-452B-A399-FE8B151A8804}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2024-01-23 14:28:51
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {77FFA985-80B3-4C21-AB25-3134F34F0490}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2024-01-22 23:29:06
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EEFE91C2-E826-40C0-BAB7-49F2810047EF}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]:
Date: 2023-11-10 10:13:10
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.401.369.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.23100.2009
Fehlercode: 0x80240438
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2023-10-27 03:16:14
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.399.1343.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.23090.2007
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2023-10-18 08:17:55
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.399.817.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.23090.2007
Fehlercode: 0x80240438
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2023-09-17 16:31:22
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.397.1094.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.23080.2005
Fehlercode: 0x8024001e
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
CodeIntegrity:
===============
Date: 2024-01-25 17:09:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2024-01-25 17:07:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F9 07/31/2015
Hauptplatine: Gigabyte Technology Co., Ltd. Z97-HD3
Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 16245.17 MB
Verfügbarer physikalischer RAM: 7414 MB
Summe virtueller Speicher: 21877.17 MB
Verfügbarer virtueller Speicher: 10944.57 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.88 GB) (Free:639.08 GB) (Model: CT1000MX500SSD1) NTFS
Drive d: (Volume) (Fixed) (Total:119.24 GB) (Free:0.76 GB) (Model: Crucial_CT128MX100SSD1) NTFS
Drive e: (Volume) (Fixed) (Total:1863.01 GB) (Free:880.84 GB) (Model: ST2000DM001-1ER164) NTFS
Drive f: (Volume) (Fixed) (Total:186.31 GB) (Free:185.98 GB) (Model: ST3200822AS) NTFS
Drive g: (Volume) (Fixed) (Total:465.76 GB) (Free:278.49 GB) (Model: WDC WD5000AAKS-22A7B0) NTFS
\\?\Volume{9587eda4-89c5-43bd-8389-bcc574bb89d4}\ (Wiederherstellung) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{629458e4-0000-0000-0000-010000000000}\ (PortableBaseLayer) (Fixed) (Total:8 GB) (Free:7.49 GB) NTFS
\\?\Volume{24470118-0780-4ba6-9fa9-9dcd06b32318}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 4BCB3781)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 00DCA327)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 186.3 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=186.3 GB) - (Type=07 NTFS)
==========================================================
Disk: 4 (Size: 465.8 GB) (Disk ID: 202541AA)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 8 GB) (Disk ID: 629458E4)
Partition 1: (Not Active) - (Size=8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25.01.2024
durchgeführt von Ugur (Administrator) auf DESKTOP-V3S39TG (Gigabyte Technology Co., Ltd. Z97-HD3) (25-01-2024 17:07:55)
Gestartet von E:\Downloads\FRST64.exe
Geladene Profile: Ugur
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Users\ugur1\AppData\Local\MathWorks\ServiceHost\v2024.1.0.3\bin\win64\MathWorksServiceHost.exe ->) (The MathWorks, Inc. -> The MathWorks Inc.) C:\Users\ugur1\AppData\Local\MathWorks\ServiceHost\v2024.1.0.3\bin\win64\MSHHealthMonitor.exe
(DriverStore\FileRepository\u0382934.inf_amd64_cbf07db13ec1507d\B381983\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0382934.inf_amd64_cbf07db13ec1507d\B381983\atieclxx.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe
(E:\Programme\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) E:\Programme\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <39>
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) E:\Programme\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (The MathWorks, Inc. -> The MathWorks Inc.) C:\Users\ugur1\AppData\Local\MathWorks\ServiceHost\v2024.1.0.3\bin\win64\MathWorksServiceHost.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0382934.inf_amd64_cbf07db13ec1507d\B381983\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) E:\Programme\Origin\OriginWebHelperService.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) E:\PDF24\pdf24.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Numecent, Inc. -> Numecent, Inc.) C:\Program Files\Numecent\Application Jukebox Player\StreamingCore.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) E:\Programme\Razer\Synapse3\Service\Razer Synapse Service.exe
(svchost.exe ->) () [Datei ist nicht signiert] C:\Program Files\MATLAB\R2023b\bin\win64\MATLABStartupAccelerator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [PDF24] => E:\PDF24\pdf24.exe [587000 2022-01-05] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [Endeavors Technologies JukeboxPlayer] => C:\Program Files\Numecent\Application Jukebox Player\JukeboxPlayer.exe [3405040 2023-12-04] (Numecent, Inc. -> Numecent, Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62636856 2020-10-10] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3084288 2012-07-31] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11551456 2024-01-23] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Opera GX Browser Assistant] => C:\Program Files\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2008856 2022-02-27] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2023-10-11] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-10-11] (Adobe Inc. -> )
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [Spotify] => C:\Users\ugur1\AppData\Roaming\Spotify\Spotify.exe [30315848 2024-01-13] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [Discord] => C:\Users\ugur1\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [com.squirrel.splice.Splice] => C:\Users\ugur1\AppData\Local\splice\app-4.0.55796\Splice.exe [113645568 2022-02-05] (Splice) [Datei ist nicht signiert]
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [EpicGamesLauncher] => E:\Programme\Epic\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33620960 2022-01-14] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [Synapse3] => E:\Programme\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3572488 2024-01-10] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\ugur1\AppData\Local\WebEx\WebexHost.exe [8077920 2023-08-16] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [Steam] => E:\Programme\Steam\steam.exe [4234088 2022-10-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [PTOneClick] => C:\Program Files (x86)\Webex\Webex\Applications\ptoneclk.exe [7795912 2021-02-05] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [CiscoSpark] => C:\Users\ugur1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [2052 2021-10-26] () [Datei ist nicht signiert]
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [Opera GX Stable] => C:\Program Files\Opera GX\launcher.exe [2296224 2024-01-05] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26454024 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [MicrosoftEdgeAutoLaunch_0DA54DBF295F7FAA3E4A6642497CC323] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\ugur1\AppData\Local\Microsoft\Teams\Update.exe [2587416 2023-01-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [RiotClient] => E:\Programme\Riot Games\Riot Client\RiotClientServices.exe [70918144 2023-12-31] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11556768 2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1958577779-657850760-3606704500-1001\...\Run: [Mathworks Service Host] => C:\Users\ugur1\AppData\Local\MathWorks\ServiceHost\v2024.1.0.3\bin\win64\MathWorksServiceHost.exe [534376 2024-01-24] (The MathWorks, Inc. -> The MathWorks Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => E:\Programme\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3572488 2024-01-10] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2023-11-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\Windows\system32\hpinkstsC211LM.dll [342232 2015-07-03] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\PLAP Providers: [{C15C0AAF-C309-FE12-BB17-814630A2009F}] -> C:\WINDOWS\SysWOW64\vpnplap64.dll [2022-02-27] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
Startup: C:\Users\ugur1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2024-01-20]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\ugur1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SoundGridStudioSilent.lnk [2020-10-10]
ShortcutTarget: SoundGridStudioSilent.lnk -> C:\Program Files (x86)\Waves\SoundGrid Studio\SoundGrid Studio.exe (Waves Inc -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {66D0D613-EA1F-4F3D-B300-BA74F735BDB9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.)
Task: {48DBD762-D9C1-4EE4-8524-C8048B338643} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B7996D51-FA91-440B-B3AC-E1D225DD68C8} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {9C1E0222-2A64-4D25-9E24-2FB7628513CF} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (Keine Datei)
Task: {CF95C384-F2A7-41E2-A102-A17F16D5A5F0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Keine Datei)
Task: {53CCD021-9944-456F-8C4C-8A71FB5B9C3E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1AEB551F-B9DA-4702-B64B-7CD69E044DF5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "7edd53d8-7560-4d64-ad78-8411edb9657e" --version "6.20.10897" --silent
Task: {36BDB2B7-145C-4ED2-82E8-CB4FD9144079} - System32\Tasks\CCleanerSkipUAC - Ugur => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1BC6765E-2B1B-482D-BF37-3405B4D52326} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {96D49EA6-CCAB-46DB-9425-D440307E252C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B5492EF7-873C-4AE2-87DF-B874926BB8AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-08] (Google LLC -> Google LLC)
Task: {4FFC7067-A3B6-459B-8540-7813A1E82D79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-08] (Google LLC -> Google LLC)
Task: {97AA7FD1-3B68-46E7-B7AA-C337BE7F0AD3} - System32\Tasks\MATLAB R2023b Startup Accelerator => C:\Program Files\MATLAB\R2023b\bin\win64\MATLABStartupAccelerator.exe [98816 2023-08-02] () [Datei ist nicht signiert]
Task: {6DE6E31C-E757-4EB9-AB14-694E7BB39B1A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E1401EF-1B63-49BD-AA89-FB09729E1ED3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7049042B-7165-4EB2-8269-FCA0B27D79D2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAE1C6DC-FFEB-4086-8989-3F038D0AE9F8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E195263-830A-4306-8D8F-DEF74330FD9F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {78910E70-0533-49FB-B23B-95320FB7B104} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [555616 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C107D93-FA68-4185-BB58-F62C03349F85} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1636470738 => C:\Program Files\Opera GX\launcher.exe [2296224 2024-01-05] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera GX\assistant" $(Arg0)
Task: {05F02D83-4854-4934-A749-645B00361346} - System32\Tasks\Opera GX scheduled Autoupdate 1634810090 => C:\Program Files\Opera GX\launcher.exe [2296224 2024-01-05] (Opera Norway AS -> Opera Software)
Task: {36C1E832-5E1F-4FF5-BF5A-63F59E47C360} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57312 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {21BDA24F-AAD6-419E-B2E3-9176E66C0184} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [263136 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2023b Startup Accelerator.job => C:\Program Files\MATLAB\R2023b\bin\win64\MATLABStartupAccelerator.exe C:\Program Files\MATLAB\R2023bDESKTOP-V3S39TG\Ugur.Sta
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5bdf3c59-8a5e-4def-8c1f-0f4f7273c327}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5bdf3c59-8a5e-4def-8c1f-0f4f7273c327}: [DhcpDomain] fritz.box
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ugur1\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-25]
Edge Extension: (Cisco Webex Extension) - C:\Users\ugur1\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmihkeafcknlomclapaddfljaeegfbdl [2020-11-03]
Edge Extension: (Google Docs Offline) - C:\Users\ugur1\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-24]
Edge Extension: (Edge relevant text changes) - C:\Users\ugur1\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM-x32\...\Edge\Extension: [cmihkeafcknlomclapaddfljaeegfbdl]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2022-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2022-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-10-11] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-10-29] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-10-11] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default [2024-01-25]
CHR Notifications: Default -> hxxps://continue-site.website; hxxps://de.mail.yahoo.com; hxxps://meet.google.com; hxxps://pomofocus.io; hxxps://www.paraphraser.io; hxxps://www.showtv.com.tr
CHR Extension: (BetterTTV) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-01-25]
CHR Extension: (7TV) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-06-03]
CHR Extension: (AdGuard Werbeblocker) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2023-12-25]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-25]
CHR Extension: (uBlock Origin) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-17]
CHR Extension: (Volume Booster) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkiikneibegknkgimmihdpcbcedgmpo [2023-12-19]
CHR Extension: (Twitch VOD Downloader) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaabmdjigfcnkgeommfpnoinpdmpfhaj [2024-01-13]
CHR Extension: (Return YouTube Dislike) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-13]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-25]
CHR Extension: (Unlimited Email Tracker by Snov.io) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojogohjgpelafgaeejgelmplndppifh [2023-12-22]
CHR Extension: (Twitch Channel Points Auto Clicker) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdpblpklojajpopllbckephjndibljbc [2022-06-18]
CHR Extension: (Coupert - Coupon Assistent & Cashback) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-01-25]
CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-01-08]
CHR Extension: (MetaMask) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-01-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Citavi Picker) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2023-10-18]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2024-01-19]
CHR Profile: C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-12-07]
CHR Profile: C:\Users\ugur1\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-07]
CHR HKU\S-1-5-21-1958577779-657850760-3606704500-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [jlhmfgmfgeifomenelglieieghnjghma]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
Opera:
=======
StartMenuInternet: (HKLM) Opera GXStable - C:\Program Files\Opera GX\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-10-11] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8926168 2021-12-30] (BattlEye Innovations e.K. -> )
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2012-07-13] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-01-23] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2022-02-14] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-25] (Malwarebytes Inc. -> Malwarebytes)
S3 Origin Client Service; E:\Programme\Origin\OriginClientService.exe [2522424 2020-11-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\Programme\Origin\OriginWebHelperService.exe [3476288 2020-11-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF24; E:\PDF24\pdf24.exe [587000 2022-01-05] (geek software GmbH -> geek software GmbH)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2165168 2023-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [305072 2023-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; E:\Programme\Razer\Synapse3\Service\Razer Synapse Service.exe [297736 2024-01-09] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; E:\Programme\Epic\GTA V\Launcher\RockstarService.exe [2332976 2021-10-30] (Rockstar Games, Inc. -> Rockstar Games) [Datei ist nicht signiert]
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-11-09] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 StreamingCore; C:\Program Files\Numecent\Application Jukebox Player\StreamingCore.exe [7960288 2023-12-04] (Numecent, Inc. -> Numecent, Inc.)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7374576 2021-10-30] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [41928 2023-09-13] (Microsoft Corporation -> Microsoft)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146240 2020-10-29] (Cisco WebEx LLC -> Cisco WebEx LLC)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8118984 2021-10-30] (PUBG CORPORATION -> PUBG Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [297888 2022-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2022-10-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2022-04-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ElgatoVirtualCamera; C:\WINDOWS\System32\drivers\ElgatoVirtualCamera.sys [14380560 2022-08-16] (WDKTestCert Elgato,132863164269755022 -> Windows (R) Win 7 DDK provider)
S3 gdrv; C:\WINDOWS\gdrv.sys [26192 2021-05-14] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-01-04] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_005c; C:\WINDOWS\System32\drivers\RzDev_005c.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0221; C:\WINDOWS\System32\drivers\RzDev_0221.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [205552 2021-02-12] (RH Software Ltd -> Ray Hinchliffe)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 StreamingFSD; C:\WINDOWS\System32\DRIVERS\StreamingFSD.sys [982264 2023-12-04] (Numecent, Inc. -> Numecent, Inc.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2022-03-01] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2022-02-27] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-10-21] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2729456 2021-10-30] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 ysusb_w10_64; C:\WINDOWS\system32\drivers\ysusb_w10_64.sys [172544 2020-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Yamaha Corporation)
S3 ALSysIO; \??\C:\Users\ugur1\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X] <==== ACHTUNG
S3 DRHARD; \??\C:\WINDOWS\system32\DRIVERS\DRHARD.SYS [X]
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
S3 wtbt; \??\e:\programme\steam\steamapps\common\super people playtest\engine\binaries\thirdparty\wondertrust\wtdrv64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-25 17:07 - 2024-01-25 17:08 - 000000000 ____D C:\FRST
2024-01-25 16:54 - 2024-01-25 17:05 - 000000000 ____D C:\Users\ugur1\AppData\Local\Malwarebytes
2024-01-25 16:54 - 2024-01-25 16:58 - 000000000 ____D C:\Users\ugur1\AppData\LocalLow\IGDump
2024-01-25 16:53 - 2024-01-25 16:53 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-25 16:53 - 2024-01-25 16:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-25 16:53 - 2024-01-25 16:53 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-25 16:44 - 2021-02-12 18:24 - 000205552 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX64.sys
2024-01-25 13:04 - 2024-01-25 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-01-23 03:51 - 2024-01-23 03:51 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-01-20 16:29 - 2024-01-20 16:31 - 000000000 ____D C:\ProgramData\TEMP
2024-01-20 16:29 - 2024-01-20 16:29 - 000000000 ____D C:\Users\ugur1\AppData\Roaming\OneNoteGem
2024-01-20 14:27 - 2024-01-20 14:27 - 000000000 ___HD C:\$WinREAgent
2024-01-13 16:50 - 2024-01-13 16:50 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2024-01-13 16:50 - 2024-01-13 16:50 - 000000000 ____D C:\Program Files\paint.net
2024-01-13 16:49 - 2024-01-13 16:49 - 000000000 ____D C:\Users\ugur1\AppData\Local\paint.net
2024-01-12 23:18 - 2024-01-12 23:18 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-12 06:14 - 2024-01-24 15:39 - 000000000 ____D C:\ProgramData\mwboost_interprocess
2024-01-12 06:14 - 2024-01-12 06:15 - 000000000 ____D C:\Users\ugur1\AppData\Roaming\MathWorks
2024-01-12 06:14 - 2024-01-12 06:14 - 000003844 _____ C:\WINDOWS\system32\Tasks\MATLAB R2023b Startup Accelerator
2024-01-12 06:14 - 2024-01-12 06:14 - 000000574 _____ C:\WINDOWS\Tasks\MATLAB R2023b Startup Accelerator.job
2024-01-12 06:14 - 2024-01-12 06:14 - 000000000 ____D C:\Users\ugur1\AppData\Local\MathWorks
2024-01-12 06:14 - 2024-01-12 06:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2023b
2024-01-12 06:14 - 2024-01-12 06:14 - 000000000 ____D C:\ProgramData\MathWorks
2024-01-12 06:10 - 2024-01-12 06:10 - 000000000 ____D C:\Program Files\MATLAB
2024-01-12 05:43 - 2024-01-12 05:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cloudpaging Player
2024-01-12 05:43 - 2024-01-12 05:43 - 000000000 ____D C:\ProgramData\Endeavors Technologies
2024-01-12 05:43 - 2024-01-12 05:43 - 000000000 ____D C:\Program Files\Numecent
2024-01-12 05:43 - 2023-12-04 13:38 - 000982264 _____ (Numecent, Inc.) C:\WINDOWS\system32\Drivers\StreamingFSD.sys
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-25 17:07 - 2021-12-18 03:36 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-25 17:07 - 2020-10-08 23:38 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-25 17:06 - 2021-06-16 15:56 - 000000000 ____D C:\Users\ugur1\AppData\Roaming\Dropbox
2024-01-25 17:06 - 2021-06-16 15:56 - 000000000 ____D C:\Users\ugur1\AppData\Local\Dropbox
2024-01-25 17:06 - 2020-10-09 03:04 - 000000000 ____D C:\Users\ugur1\AppData\Local\CrashDumps
2024-01-25 17:05 - 2022-10-04 15:25 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-01-25 17:05 - 2022-10-04 15:25 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-01-25 17:05 - 2021-06-16 15:56 - 000001242 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2024-01-25 17:05 - 2021-06-16 15:56 - 000001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2024-01-25 17:05 - 2020-10-14 00:37 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-01-25 17:05 - 2020-10-14 00:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-25 17:05 - 2020-10-14 00:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-25 17:05 - 2020-10-14 00:32 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-25 17:05 - 2020-10-09 01:02 - 000000000 ____D C:\Program Files\CCleaner
2024-01-25 17:05 - 2020-10-08 23:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-01-25 17:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-25 16:54 - 2020-10-08 23:32 - 000000000 ____D C:\Users\ugur1\AppData\Local\D3DSCache
2024-01-25 16:53 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-25 16:52 - 2020-11-12 21:41 - 000000000 ____D C:\Users\ugur1\AppData\Roaming\Microsoft\Excel
2024-01-25 15:38 - 2020-12-11 20:30 - 000000000 ____D C:\Users\ugur1\AppData\Local\AMD_Common
2024-01-25 15:26 - 2020-10-09 01:13 - 000000000 ____D C:\Users\ugur1\AppData\Roaming\Spotify
2024-01-25 13:04 - 2021-06-16 15:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-01-25 13:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-25 13:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-25 12:57 - 2021-06-16 15:56 - 000004302 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2024-01-25 12:57 - 2021-06-16 15:56 - 000004070 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2024-01-24 20:39 - 2020-10-14 15:37 - 000000000 ____D C:\Users\ugur1\AppData\Roaming\Microsoft\Office
2024-01-24 17:35 - 2020-10-14 00:34 - 000000000 ____D C:\Users\ugur1
2024-01-24 15:07 - 2020-11-09 19:32 - 000000000 ____D C:\Users\ugur1\AppData\Roaming\Microsoft\PowerPoint
2024-01-24 09:37 - 2020-10-14 15:37 - 000000000 ____D C:\Users\ugur1\AppData\Roaming\Microsoft\Word
2024-01-24 09:32 - 2020-10-08 23:32 - 000000000 ____D C:\Users\ugur1\AppData\Local\Packages
2024-01-20 07:52 - 2020-10-14 00:41 - 001724608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-20 07:52 - 2019-12-07 15:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2024-01-20 07:52 - 2019-12-07 15:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2024-01-20 07:52 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-20 07:45 - 2020-10-08 23:30 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-01-20 07:45 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-01-20 07:40 - 2023-12-15 01:15 - 000000000 ____D C:\WINDOWS\Minidump
2024-01-20 07:16 - 2020-10-10 02:28 - 000000000 ____D C:\Users\ugur1\AppData\Roaming\discord
2024-01-20 06:47 - 2020-10-10 02:28 - 000000000 ____D C:\Users\ugur1\AppData\Local\Discord
2024-01-19 10:36 - 2020-10-22 00:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-19 10:35 - 2020-10-08 23:38 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-19 02:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-01-16 20:38 - 2023-12-16 17:24 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-01-16 20:38 - 2023-11-29 15:23 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-01-16 20:38 - 2023-11-29 15:23 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-13 23:51 - 2020-10-10 03:12 - 000000000 ____D C:\ProgramData\Riot Games
2024-01-13 16:27 - 2020-10-10 03:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2024-01-13 16:26 - 2020-10-10 03:28 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2024-01-13 06:26 - 2021-10-21 10:54 - 000000000 ____D C:\Program Files\Opera GX
2024-01-13 06:26 - 2020-10-14 00:33 - 000551112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-13 06:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-13 06:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-13 06:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-13 06:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-13 06:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-13 06:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-13 04:25 - 2020-10-09 01:13 - 000000000 ____D C:\Users\ugur1\AppData\Local\Spotify
2024-01-13 01:20 - 2022-06-29 14:28 - 000000000 ____D C:\Users\ugur1\AppData\Roaming\Code
2024-01-12 23:17 - 2020-10-14 15:34 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-12 16:21 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-12 11:43 - 2020-10-08 23:44 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-12 06:15 - 2020-10-08 23:30 - 000000000 ___SD C:\Users\ugur1\AppData\Roaming\Microsoft\Credentials
2024-01-12 05:43 - 2020-11-19 15:49 - 000000000 ____D C:\Users\ugur1\AppData\Local\Software2
2024-01-12 05:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-01-10 18:53 - 2020-10-08 23:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-10 18:49 - 2020-10-09 00:52 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-10 18:49 - 2020-10-09 00:03 - 000000000 ____D C:\ProgramData\Package Cache
2024-01-10 18:48 - 2023-01-12 17:43 - 000000000 ____D C:\Users\Default\.dotnet
2024-01-10 18:48 - 2023-01-09 21:20 - 000000000 ____D C:\Program Files\dotnet
2024-01-08 13:32 - 2021-10-21 10:54 - 000003992 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1634810090
2024-01-08 13:32 - 2021-10-21 10:54 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-10-11 19:54 - 2023-10-07 20:35 - 000000016 _____ () C:\Users\ugur1\AppData\Roaming\msregsvv.dll
2021-02-22 16:04 - 2021-02-22 17:24 - 000000016 _____ () C:\Users\ugur1\AppData\Roaming\obs-virtualcam.txt
2023-10-07 20:21 - 2023-10-08 19:51 - 000018281 _____ () C:\Users\ugur1\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2023-10-07 20:21 - 2023-10-08 19:51 - 000254020 _____ () C:\Users\ugur1\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2023-10-07 20:22 - 2023-10-08 19:51 - 000031352 _____ () C:\Users\ugur1\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2023-10-07 20:43 - 2023-10-08 19:51 - 000375886 _____ () C:\Users\ugur1\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2023-08-12 00:42 - 2023-08-13 23:10 - 000000128 _____ () C:\Users\ugur1\AppData\Roaming\winscp.rnd
2020-10-22 18:48 - 2020-10-22 19:02 - 000016112 _____ () C:\Users\ugur1\AppData\Local\PlariumPlay.log
2023-03-03 09:41 - 2023-03-03 09:41 - 000003174 _____ () C:\Users\ugur1\AppData\Local\recently-used.xbel
2020-10-27 09:17 - 2023-09-13 23:30 - 000007635 _____ () C:\Users\ugur1\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== --- --- --- |