| |
| |||||||
Alles rund um Windows: Hijacker und Adware im Browser kehren zurückWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
17.06.2020, 02:32
| #1 |
| |  Problem: Hijacker und Adware im Browser kehren zurück Hallo Leute, habe folgendes Problem, trotz sicherem Verhalten im Internet, fange ich immer wieder meines erachtens Hijacker und Adware ein. Zum Surfen im Internet verwende ich eine VM mit Linux Ubuntu, mein Browser ist ein Mozilla Firefox mit Addons uBlock Origin, NoScript und AdBlockplus. Nur zum Download von diversen Programmen verwende ich keine VM sondern auch den Mozilla Firefox Browser inkl. Addons. Beim Surfen achte ich auch immer darauf, dass ich nur seriöse Internetseiten mit https und Sicherheitszertifikat (Schloss) besuche, dennoch infiziere ich mich immer wieder mit Adware. Das komplette System wurde schon mal Platt gemacht (Festplatten formatiert) und dennoch finde ich immer wieder Adware mit dem Adwcleaner und Spybot Search and Destroy. Nach dem der Adwarecleaner gelaufen ist, läuft das System wieder viel besser, doch leider kehrt diese Adware immer wieder schnell zurück und ich muss die Suche von neu beginnen. Im Anhang ist die FRST- und AdwCleaner Logdatei vielleicht findet ihr ja etwas Auffälliges, ich bin Laie und hoffe auf euer Verständnis. MFG Robin Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-17-2020
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 6
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete IFEO
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset BITS
[+] Reset Hosts File
[+] Reset IPSec
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset TCP/IP
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1405 octets] - [04/06/2020 00:28:12]
AdwCleaner[C00].txt - [1633 octets] - [04/06/2020 00:31:39]
AdwCleaner[S01].txt - [1527 octets] - [04/06/2020 21:38:40]
AdwCleaner[S02].txt - [1588 octets] - [05/06/2020 23:17:41]
AdwCleaner[S03].txt - [1649 octets] - [07/06/2020 14:21:58]
AdwCleaner[S04].txt - [1710 octets] - [09/06/2020 12:29:29]
AdwCleaner[S05].txt - [1771 octets] - [12/06/2020 23:17:36]
AdwCleaner[S06].txt - [1832 octets] - [16/06/2020 03:32:16]
AdwCleaner[S07].txt - [1893 octets] - [16/06/2020 16:40:44]
AdwCleaner[C07].txt - [2144 octets] - [16/06/2020 17:08:52]
AdwCleaner[S08].txt - [2771 octets] - [17/06/2020 00:40:34]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C08].txt ##########
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by friiii (administrator) on REVISION-PC (Micro-Star International Co., Ltd. MS-7B98) (17-06-2020 00:56:27)
Running from C:\Users\friiii\Downloads
Loaded Profiles: friiii
Platform: Windows 10 Pro Version 1809 17763.1131 (X64) Language: Englisch (Vereinigte Staaten)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(CYBERGHOST S.A. -> CyberGhost S.A.) C:\Program Files\CyberGhost 7\CyberGhost.Service.exe
(Discord Inc. -> Discord Inc.) C:\Users\friiii\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Malwarebytes Inc -> Malwarebytes) C:\Users\friiii\Downloads\adwcleaner_8.0.5.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> Nvidia Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d5216eae94436d77\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
(Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
(Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe <3>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe <5>
(ZOTAC Co.Ltd) [File not signed] C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1093352 2020-03-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [16500224 2020-02-17] (ZOTAC Co.Ltd) [File not signed]
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:easeofaccess-highcontrast;windowsdefender;windowsinsider
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\...\Policies\Explorer: [AllowOnlineTips] 0
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [AccentColorMenu] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "AccentColorMenu" /t REG_DWORD /f /d 1184274 <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [StartColorMenu] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "StartColorMenu" /t REG_DWORD /f /d 1184274 <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [AppsUseLightTheme] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 0 <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [SystemUsesLightTheme] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0 <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [GlobalUserDisabled] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1 <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [HttpAcceptLanguageOptOut] => REG ADD "HKCU\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t REG_DWORD /f /d 1 <==== ATTENTION
HKU\S-1-5-19\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-19\Software\Policies\...\system: [PublishUserActivities] 0
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\...\RunOnce: [AccentColorMenu] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "AccentColorMenu" /t REG_DWORD /f /d 1184274 <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [StartColorMenu] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "StartColorMenu" /t REG_DWORD /f /d 1184274 <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [AppsUseLightTheme] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 0 <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [SystemUsesLightTheme] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0 <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [GlobalUserDisabled] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1 <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [HttpAcceptLanguageOptOut] => REG ADD "HKCU\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t REG_DWORD /f /d 1 <==== ATTENTION
HKU\S-1-5-20\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-20\Software\Policies\...\system: [PublishUserActivities] 0
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 7\CyberGhost.exe [1025232 2020-05-13] (CYBERGHOST S.A. -> CyberGhost S.A.)
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32268176 2020-06-16] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29072568 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Run: [Discord] => C:\Users\friiii\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\Software\Policies\...\system: [PublishUserActivities] 0
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\RunOnce: [AccentColorMenu] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "AccentColorMenu" /t REG_DWORD /f /d 1184274 <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [StartColorMenu] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent" /v "StartColorMenu" /t REG_DWORD /f /d 1184274 <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [AppsUseLightTheme] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 0 <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [SystemUsesLightTheme] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0 <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [GlobalUserDisabled] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1 <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [HttpAcceptLanguageOptOut] => REG ADD "HKCU\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t REG_DWORD /f /d 1 <==== ATTENTION
HKU\S-1-5-18\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\Software\Policies\...\system: [PublishUserActivities] 0
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\Windows\system32\HPDiscoPMB011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-3074304126-621362620-1679941483-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A30B0A1-3FB8-4A9D-A20D-EB49B618C2A0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1E59DF96-3A1F-4B39-A806-BEA2439027B7} - System32\Tasks\Empty Standby Memory => C:\Empty Standby Memory\EmptyStandbyList.exe [139424 2020-05-28] (Wen Jia Liu -> )
Task: {257B4D01-49E5-4F1D-89D3-C87988FAEAC8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {322D9171-0D47-4AFF-AE29-123691AEFD3F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [7177168 2020-04-27] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {4635AD17-2FC0-4315-8778-E74FDBEDE351} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [1185176 2020-06-01] (Bitsum LLC -> Bitsum LLC)
Task: {4C7599F7-FDB3-4AAB-B9CD-9A5B89511A2D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4DCCD26D-A057-43C9-A713-8373B91F65BA} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1655192 2020-06-01] (Bitsum LLC -> Bitsum LLC)
Task: {575AD202-7B0C-4270-B6A3-578420ED6847} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5E765B0F-113F-425C-8851-EE5D0D3D96D9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {66327FCC-2281-4419-A409-BDF0B20DB9EE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DB3D152-920A-4EAC-BC4D-2A29B2F86204} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {91872AA9-F17D-4679-929D-D7C578BFF11F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6189624 2020-04-27] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {92D80DA3-3F92-44C5-80C1-5A97B791812A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A25D39CD-0605-48F8-ACAE-5AF77EBE0C64} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AB260384-9C83-4AB0-9301-AE5D6408CB42} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Auffrischen der Anti-Beacon-Immunisierung => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe [8790696 2019-12-18] (Safer-Networking Ltd. -> )
Task: {BB57FA78-DA8B-429C-A623-D7DD5C73072F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE6C8713-926B-4F68-BDB8-A30DF18F1810} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C147C77C-5243-45E4-8FFC-5F45131F6F03} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C86010CE-D907-4215-9FF6-D4C45930AE19} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {D6028920-780F-473D-BD38-B4D52C1826F5} - System32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe [5133296 2020-04-08] (NVIDIA Corporation -> Nvidia Corporation)
Task: {EAB89A59-85B6-43B9-8557-BB7E1AD275F8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F9D793DC-44A2-4F74-862B-A8215853D813} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2571704 2020-02-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{22a32e2d-39ee-4f7f-af69-71b61e638d8e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7238f712-55e7-4673-a42a-fb3fb4035195}: [DhcpNameServer] 10.101.0.243
Internet Explorer:
==================
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://duckduckgo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://duckduckgo.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://duckduckgo.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://duckduckgo.com/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://duckduckgo.com/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://duckduckgo.com/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://duckduckgo.com/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://duckduckgo.com/
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://duckduckgo.com/
HKU\S-1-5-21-3074304126-621362620-1679941483-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://duckduckgo.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://duckduckgo.com/?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://duckduckgo.com/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3074304126-621362620-1679941483-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FireFox:
========
FF DefaultProfile: hneuk5c4.default
FF DefaultProfile: fbchyyf1.default
FF ProfilePath: C:\Users\friiii\AppData\Roaming\Waterfox\Profiles\hneuk5c4.default [2020-06-01]
FF ProfilePath: C:\Users\friiii\AppData\Roaming\Waterfox\Profiles\lturqwr3.68-edition-default [2020-06-17]
FF ProfilePath: C:\Users\friiii\AppData\Roaming\Mozilla\Firefox\Profiles\fbchyyf1.default [2020-05-13]
FF ProfilePath: C:\Users\friiii\AppData\Roaming\Mozilla\Firefox\Profiles\dgrkhkab.default-release [2020-06-17]
FF Extension: (HTTPS Everywhere) - C:\Users\friiii\AppData\Roaming\Mozilla\Firefox\Profiles\dgrkhkab.default-release\Extensions\https-everywhere@eff.org.xpi [2020-06-13]
FF Extension: (uBlock Origin) - C:\Users\friiii\AppData\Roaming\Mozilla\Firefox\Profiles\dgrkhkab.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-05-29]
FF Extension: (NoScript) - C:\Users\friiii\AppData\Roaming\Mozilla\Firefox\Profiles\dgrkhkab.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2020-06-03]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\friiii\AppData\Roaming\Mozilla\Firefox\Profiles\dgrkhkab.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-05-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8628736 2020-06-16] (BattlEye Innovations e.K. -> )
R2 CG7Service; C:\Program Files\CyberGhost 7\CyberGhost.Service.exe [87248 2020-05-13] (CYBERGHOST S.A. -> CyberGhost S.A.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2020-06-16] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [574496 2019-12-13] (ND_Apps -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2747312 2020-04-27] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4583240 2020-04-27] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-05] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-04-10] (Oracle Corporation -> Oracle Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d5216eae94436d77\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d5216eae94436d77\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-02-16] (PassMark Software Pty Ltd -> )
R3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_d7c985d5dd35c00d\e1d68x64.sys [601968 2020-02-06] (Intel(R) INTELND1820 -> Intel Corporation)
R3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [58304 2019-05-22] (ND_QV -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d5216eae94436d77\nvlddmkm.sys [23454440 2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvrtxvad_WaveExtensible; C:\Windows\system32\drivers\nvrtxvad64v.sys [54504 2020-03-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2020-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S0 Spybot3ELAM; C:\Windows\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 UcmCxUcsiNvppc; C:\Windows\system32\DRIVERS\UcmCxUcsiNvppc.sys [715224 2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237824 2020-04-09] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [247224 2020-04-09] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [174016 2020-04-09] (Oracle Corporation -> Oracle Corporation)
S3 cpuz149; \??\C:\Windows\temp\cpuz149\cpuz149_x64.sys [X]
S3 cthda; \SystemRoot\system32\drivers\cthda.sys [X]
S3 cthdb; \SystemRoot\system32\DRIVERS\cthdb.sys [X]
U4 dcpsvc; no ImagePath
U4 DiagTrack; no ImagePath
U4 dmwappushsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-17 00:56 - 2020-06-17 00:56 - 000025076 _____ C:\Users\friiii\Downloads\FRST.txt
2020-06-17 00:55 - 2020-06-17 00:56 - 000000000 ___DC C:\FRST
2020-06-17 00:55 - 2020-06-17 00:55 - 002289152 ____C (Farbar) C:\Users\friiii\Downloads\FRST64.exe
2020-06-17 00:55 - 2020-06-17 00:55 - 000000000 ____D C:\Users\friiii\Downloads\FRST-OlderVersion
2020-06-17 00:45 - 2020-06-17 00:45 - 000018018 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-06-17 00:45 - 2020-06-17 00:45 - 000011796 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-06-17 00:45 - 2020-06-17 00:45 - 000008675 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-06-17 00:45 - 2020-06-17 00:45 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-06-17 00:32 - 2020-06-16 17:20 - 000004985 _____ C:\Windows\system32\Drivers\etc\hosts.20200617-003224.backup
2020-06-16 21:20 - 2020-06-16 21:20 - 000000000 ____D C:\Users\friiii\AppData\Local\TslGame
2020-06-16 21:20 - 2020-06-16 21:20 - 000000000 ____D C:\Users\friiii\AppData\Local\BattlEye
2020-06-16 13:37 - 2020-06-16 13:37 - 000000222 _____ C:\Users\friiii\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2020-06-16 10:17 - 2020-06-17 00:47 - 000001543 _____ C:\Users\friiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Delphi Toasts App.lnk
2020-06-16 03:30 - 2020-06-16 03:30 - 000000826 __RSH C:\Users\friiii\ntuser.pol
2020-06-16 01:15 - 2020-06-16 13:37 - 000000000 ____D C:\Users\friiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-06-16 01:15 - 2020-06-16 01:15 - 000000219 _____ C:\Users\friiii\Desktop\Counter-Strike Global Offensive.url
2020-06-16 00:37 - 2020-06-16 22:52 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-16 00:37 - 2020-06-16 00:37 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2020-06-16 00:37 - 2020-06-16 00:37 - 000001032 _____ C:\ProgramData\Desktop\Steam.lnk
2020-06-16 00:37 - 2020-06-16 00:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-06-15 20:54 - 2020-06-15 20:54 - 000000711 _____ C:\Users\Public\Desktop\Call of Duty Modern Warfare.lnk
2020-06-15 20:54 - 2020-06-15 20:54 - 000000711 _____ C:\ProgramData\Desktop\Call of Duty Modern Warfare.lnk
2020-06-15 20:54 - 2020-06-15 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2020-06-15 18:01 - 2020-06-15 18:01 - 000000000 ___DC C:\inetpub
2020-06-15 11:51 - 2020-06-15 11:51 - 000000000 ____D C:\Users\friiii\AppData\Roaming\FiraxisLive
2020-06-15 11:45 - 2020-06-15 11:50 - 000000404 _____ C:\Users\friiii\Desktop\Neues Textdokument (2).txt
2020-06-12 23:21 - 2020-06-12 23:21 - 000003650 _____ C:\Windows\system32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-12 23:21 - 2020-06-12 23:21 - 000002297 _____ C:\Users\Public\Desktop\NVIDIA RTX Voice.lnk
2020-06-12 23:21 - 2020-06-12 23:21 - 000002297 _____ C:\ProgramData\Desktop\NVIDIA RTX Voice.lnk
2020-06-12 23:21 - 2020-03-12 14:58 - 000177896 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtxaudcap64v.dll
2020-06-12 23:21 - 2020-03-12 14:58 - 000155024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvrtxaudcap32v.dll
2020-06-12 23:21 - 2020-03-12 14:58 - 000054504 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvrtxvad64v.sys
2020-06-12 22:57 - 2020-06-12 22:57 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2020-06-12 01:12 - 2020-06-12 01:12 - 000000000 ____D C:\Users\friiii\AppData\Roaming\CapFrameX
2020-06-12 01:11 - 2020-06-12 14:40 - 000000000 ____D C:\Users\friiii\Documents\CapFrameX
2020-06-12 01:11 - 2020-06-12 01:11 - 000000000 ____D C:\Users\friiii\AppData\Local\CapFrameX
2020-06-12 00:59 - 2020-06-16 23:26 - 000000000 ____D C:\Program Files (x86)\CapFrameX
2020-06-12 00:59 - 2020-06-12 00:59 - 000001758 _____ C:\Users\Public\Desktop\CapFrameX.lnk
2020-06-12 00:59 - 2020-06-12 00:59 - 000001758 _____ C:\ProgramData\Desktop\CapFrameX.lnk
2020-06-12 00:59 - 2020-06-12 00:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapFrameX
2020-06-12 00:58 - 2020-06-08 23:28 - 067994026 _____ (DevTechProfile) C:\Users\friiii\Downloads\CapFrameX_v1.5.2_Setup.exe
2020-06-12 00:57 - 2020-06-12 00:59 - 095836570 _____ (UNIGINE ) C:\Users\friiii\Downloads\Unigine_Superposition-1.1.exe.part
2020-06-12 00:57 - 2020-06-12 00:57 - 000000000 _____ C:\Users\friiii\Downloads\Unigine_Superposition-1.1.exe
2020-06-12 00:56 - 2020-06-12 00:58 - 067693597 _____ C:\Users\friiii\Downloads\CapFrameX_v1.5.2_Setup.zip
2020-06-12 00:53 - 2020-06-12 00:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2020-06-12 00:53 - 2020-06-12 00:53 - 000000000 ____D C:\Program Files (x86)\Geeks3D
2020-06-12 00:52 - 2020-06-12 00:52 - 012192665 _____ (Geeks3D ) C:\Users\friiii\Downloads\FurMark_1.21.2.0_Setup.exe
2020-06-12 00:46 - 2020-06-12 00:46 - 000000000 ___DC C:\Program Files\MonitorTest
2020-06-12 00:46 - 2020-06-12 00:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonitorTest
2020-06-12 00:32 - 2020-06-12 00:46 - 000000000 ____D C:\Users\friiii\AppData\Local\PassMark
2020-06-12 00:32 - 2020-06-12 00:46 - 000000000 ____D C:\ProgramData\Passmark
2020-06-12 00:32 - 2020-06-12 00:39 - 000000000 ___DC C:\Program Files\PerformanceTest
2020-06-12 00:32 - 2020-06-12 00:32 - 000000993 _____ C:\Users\friiii\Desktop\PerformanceTest.lnk
2020-06-12 00:32 - 2020-06-12 00:32 - 000000000 ____D C:\Users\friiii\Documents\PassMark
2020-06-12 00:32 - 2020-06-12 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2020-06-12 00:20 - 2020-06-12 00:20 - 068797320 _____ (Passmark Software ) C:\Users\friiii\Downloads\petst.exe
2020-06-12 00:20 - 2020-06-12 00:20 - 008177704 _____ (PassMark Software ) C:\Users\friiii\Downloads\montest.exe
2020-06-12 00:20 - 2020-06-12 00:20 - 002354456 _____ (PassMark Software ) C:\Users\friiii\Downloads\keytest.exe
2020-06-12 00:19 - 2020-06-12 00:19 - 005836041 _____ (UserBenchmark.com) C:\Users\friiii\Downloads\UserBenchMark.exe
2020-06-11 07:14 - 2020-06-16 01:38 - 000000000 ____D C:\Users\friiii\AppData\Roaming\vlc
2020-06-11 07:14 - 2020-06-11 07:14 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-06-11 07:14 - 2020-06-11 07:14 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-06-11 07:14 - 2020-06-11 07:14 - 000000000 ___DC C:\Program Files\VideoLAN
2020-06-11 07:14 - 2020-06-11 07:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-06-11 07:13 - 2020-06-11 07:13 - 042544720 _____ C:\Users\friiii\Downloads\vlc-3.0.10-win64.exe
2020-06-11 06:04 - 2020-06-11 06:04 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-11 06:04 - 2020-06-11 06:04 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-11 06:04 - 2020-06-11 06:04 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-11 06:04 - 2020-06-11 06:04 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-11 06:04 - 2020-06-11 06:04 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-11 06:04 - 2020-06-11 06:04 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-11 06:04 - 2020-06-11 06:04 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-11 06:04 - 2020-06-11 06:04 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-11 06:04 - 2020-06-11 06:04 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-11 06:04 - 2020-06-11 06:04 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-11 06:04 - 2020-06-11 06:04 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-06-11 06:04 - 2020-06-11 06:04 - 000001485 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-06-11 06:04 - 2020-04-07 18:58 - 002799416 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2020-06-11 06:04 - 2020-04-07 18:58 - 002159592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2020-06-11 06:04 - 2020-04-07 18:58 - 001314792 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2020-06-11 06:04 - 2020-03-27 06:55 - 000170472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2020-06-11 06:04 - 2020-03-27 06:55 - 000146408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2020-06-11 06:04 - 2020-03-18 17:59 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2020-06-11 06:04 - 2020-03-06 11:03 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2020-06-11 06:02 - 2020-06-11 06:03 - 122717456 _____ (NVIDIA Corporation New) C:\Users\friiii\Downloads\GeForce_Experience_v3.20.3.63.exe
2020-06-09 23:33 - 2020-06-09 10:10 - 000004985 _____ C:\Windows\system32\Drivers\etc\hosts.20200610-003308.backup
2020-06-09 23:15 - 2020-06-09 23:15 - 000001129 _____ C:\Users\friiii\Desktop\FireStorm.lnk
2020-06-09 23:15 - 2020-06-09 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZotacFireStorm
2020-06-09 11:39 - 2020-06-09 11:39 - 010087800 _____ C:\Windows\system32\Drivers\FACEIT2.sys
2020-06-08 23:54 - 2020-06-08 23:58 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-06-08 23:54 - 2020-06-08 23:54 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-06-08 23:53 - 2020-06-08 23:53 - 050718256 _____ C:\Users\friiii\Downloads\MSIAfterburnerSetup462.exe
2020-06-08 23:10 - 2015-07-13 10:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys
2020-06-08 23:09 - 2020-06-08 23:09 - 002323432 _____ (Resplendence Software Projects Sp. ) C:\Users\friiii\Downloads\LatencyMon.exe
2020-06-08 23:03 - 2020-06-08 23:03 - 000021232 _____ (Thesycon GmbH) C:\Windows\system32\Drivers\dpclat_driver.sys
2020-06-08 22:36 - 2020-06-09 16:03 - 000000079 _____ C:\Users\friiii\Desktop\Neues Textdokument.txt
2020-06-07 21:08 - 2020-06-07 21:09 - 000000000 ____D C:\Users\friiii\AppData\Local\log
2020-06-07 19:39 - 2020-06-07 19:39 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk
2020-06-07 19:39 - 2020-06-07 19:39 - 000001032 _____ C:\Users\Public\Desktop\TechPowerUp GPU-Z.lnk
2020-06-07 19:39 - 2020-06-07 19:39 - 000001032 _____ C:\ProgramData\Desktop\TechPowerUp GPU-Z.lnk
2020-06-07 19:39 - 2020-06-07 19:39 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2020-06-07 17:03 - 2020-06-07 17:03 - 000000273 _____ C:\Users\friiii\Desktop\Overcooked.url
2020-06-07 17:03 - 2020-06-07 17:03 - 000000000 ____D C:\Users\friiii\AppData\LocalLow\Ghost Town Games
2020-06-07 15:56 - 2020-06-07 15:56 - 000000000 ____D C:\Users\friiii\Documents\Benchmark
2020-06-07 15:47 - 2020-06-07 15:47 - 008052184 _____ (techPowerUp (www.techpowerup.com)) C:\Users\friiii\Downloads\GPU-Z.2.32.0.exe
2020-06-07 15:43 - 2020-06-07 15:43 - 007691872 _____ (Martin Malik - REALiX ) C:\Users\friiii\Downloads\hwi_626.exe
2020-06-07 15:43 - 2020-06-07 15:43 - 000001254 _____ C:\Users\friiii\Desktop\AIDA64 Extreme.lnk
2020-06-07 15:43 - 2020-06-07 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2020-06-07 15:43 - 2020-06-07 15:43 - 000000000 ____D C:\Program Files (x86)\FinalWire
2020-06-07 13:45 - 2020-06-12 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-06-07 13:33 - 2020-06-07 13:33 - 028245064 _____ (Audacity Team ) C:\Users\friiii\Downloads\audacity-win-2.4.1.exe
2020-06-06 23:47 - 2020-06-16 02:20 - 000000722 _____ C:\Users\friiii\Desktop\autoexec.cfg
2020-06-06 23:20 - 2020-06-06 23:20 - 000003168 _____ C:\Windows\system32\Tasks\Process Lasso Management Console (GUI)
2020-06-06 23:20 - 2020-06-06 23:20 - 000003158 _____ C:\Windows\system32\Tasks\Process Lasso Core Engine Only
2020-06-06 23:20 - 2020-06-06 23:20 - 000002010 _____ C:\Users\Public\Desktop\Process Lasso.lnk
2020-06-06 23:20 - 2020-06-06 23:20 - 000002010 _____ C:\ProgramData\Desktop\Process Lasso.lnk
2020-06-06 23:20 - 2020-06-06 23:20 - 000000000 ___DC C:\Program Files\Process Lasso
2020-06-06 23:20 - 2020-06-06 23:20 - 000000000 ____D C:\Users\friiii\AppData\Roaming\ProcessLasso
2020-06-06 23:20 - 2020-06-06 23:20 - 000000000 ____D C:\ProgramData\ProcessLasso
2020-06-06 23:20 - 2020-06-06 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso
2020-06-06 23:19 - 2020-06-06 23:20 - 002464912 _____ (Bitsum LLC) C:\Users\friiii\Downloads\processlassosetup64.exe
2020-06-06 21:50 - 2020-06-06 21:50 - 000002238 _____ C:\Users\friiii\Desktop\Discord.lnk
2020-06-06 21:50 - 2020-06-06 21:50 - 000000000 ____D C:\Users\friiii\AppData\Local\Discord
2020-06-06 19:26 - 2020-06-06 19:27 - 000000000 ____D C:\Users\friiii\AppData\Local\WhatsApp
2020-06-06 00:00 - 2020-06-06 00:00 - 000000000 ____D C:\Users\friiii\Documents\ProcAlyzer Dumps
2020-06-05 23:23 - 2020-06-05 23:23 - 000000000 ____D C:\Users\friiii\Pavark
2020-06-05 23:17 - 2020-06-05 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot Anti-Beacon
2020-06-05 23:17 - 2020-06-05 23:17 - 000000000 ____D C:\Program Files (x86)\Safer-Networking Ltd
2020-06-05 23:16 - 2020-06-05 23:16 - 001573568 _____ C:\Users\friiii\Downloads\SteamSetup.exe
2020-06-04 21:34 - 2020-06-17 00:56 - 000000000 ____D C:\Users\friiii\AppData\Roaming\discord
2020-06-04 21:34 - 2020-06-07 21:24 - 000000000 ____D C:\Users\friiii\AppData\Local\SquirrelTemp
2020-06-04 21:34 - 2020-06-06 21:50 - 000000000 ____D C:\Users\friiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-06-04 21:13 - 2020-06-16 14:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-04 03:22 - 2019-10-18 22:12 - 000897728 _____ (CoderBag) C:\Users\friiii\Desktop\UnparkCpu.exe
2020-06-04 03:07 - 2019-10-18 22:12 - 000897728 _____ (CoderBag) C:\Users\friiii\Downloads\UnparkCpu.exe
2020-06-04 00:49 - 2020-06-04 00:49 - 010430261 _____ C:\Users\friiii\Downloads\Ping Reduction Pack By Trimors.rar
2020-06-04 00:49 - 2020-06-04 00:49 - 000000000 ____D C:\Users\friiii\AppData\Roaming\WinRAR
2020-06-04 00:49 - 2020-05-07 21:12 - 000000000 ____D C:\Users\friiii\Downloads\Ping Reduction Pack By Trimors
2020-06-04 00:29 - 2020-06-04 00:29 - 000000277 _____ C:\Users\friiii\Downloads\Ping Reduction .reg
2020-06-04 00:29 - 2020-06-04 00:29 - 000000018 _____ C:\Users\friiii\Downloads\Clear DNS.cmd
2020-06-04 00:28 - 2020-06-17 00:45 - 000000000 ___DC C:\AdwCleaner
2020-06-04 00:20 - 2020-06-04 00:20 - 008402608 _____ (Malwarebytes) C:\Users\friiii\Downloads\adwcleaner_8.0.5.exe
2020-06-04 00:14 - 2020-06-16 23:56 - 000001466 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2020-06-04 00:14 - 2020-06-16 23:56 - 000001466 _____ C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2020-06-04 00:14 - 2020-06-04 00:14 - 000001478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2020-06-04 00:14 - 2020-06-04 00:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2020-06-04 00:14 - 2019-06-21 16:34 - 000019904 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Spybot3ELAM.sys
2020-06-04 00:14 - 2018-02-07 03:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2020-06-03 22:13 - 2020-06-03 22:13 - 000162033 _____ C:\Users\friiii\Documents\Scan0002.pdf
2020-06-03 22:10 - 2020-06-03 22:10 - 000000000 ____D C:\Users\friiii\AppData\LocalLow\Temp
2020-06-03 19:45 - 2020-06-03 19:45 - 000002317 _____ C:\Users\Public\Desktop\HP Deskjet 3520 series.lnk
2020-06-03 19:45 - 2020-06-03 19:45 - 000002317 _____ C:\ProgramData\Desktop\HP Deskjet 3520 series.lnk
2020-06-03 19:45 - 2020-06-03 19:45 - 000001250 _____ C:\Users\Public\Desktop\Shop für Zubehör - HP Deskjet 3520 series.lnk
2020-06-03 19:45 - 2020-06-03 19:45 - 000001250 _____ C:\ProgramData\Desktop\Shop für Zubehör - HP Deskjet 3520 series.lnk
2020-06-03 19:45 - 2020-06-03 19:45 - 000000057 _____ C:\ProgramData\Ament.ini
2020-06-03 19:45 - 2020-06-03 19:45 - 000000000 ___DC C:\Program Files\HP
2020-06-03 19:45 - 2020-06-03 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-06-03 19:45 - 2020-06-03 19:45 - 000000000 ____D C:\ProgramData\HP
2020-06-03 19:45 - 2020-06-03 19:45 - 000000000 ____D C:\Program Files (x86)\HP
2020-06-03 19:45 - 2020-03-23 16:38 - 002865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-06-03 19:45 - 2012-10-17 12:31 - 000741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMB011.dll
2020-06-03 19:43 - 2020-06-03 19:51 - 000000000 ____D C:\Users\friiii\AppData\Local\HP
2020-06-03 19:29 - 2020-06-03 19:29 - 070332736 _____ C:\Users\friiii\Downloads\DJ3520_1315-1.exe
2020-06-03 00:34 - 2020-06-03 19:52 - 000000132 _____ C:\Windows\wininit.ini
2020-06-02 13:22 - 2020-06-02 13:22 - 000010439 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-06-01 23:58 - 2020-06-15 11:41 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-01 23:58 - 2020-06-01 23:58 - 000002882 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-06-01 23:58 - 2020-06-01 23:58 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-06-01 23:58 - 2020-06-01 23:58 - 000000865 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-06-01 23:58 - 2020-06-01 23:58 - 000000000 ___DC C:\Program Files\CCleaner
2020-06-01 23:58 - 2020-06-01 23:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-06-01 23:57 - 2020-06-01 23:57 - 025859024 _____ (Piriform Software Ltd) C:\Users\friiii\Downloads\ccsetup567.exe
2020-06-01 21:12 - 2020-06-01 21:35 - 000000000 ____D C:\Users\friiii\AppData\Local\Safer-Networking Ltd
2020-06-01 21:12 - 2020-06-01 21:12 - 011784760 _____ (Safer-Networking Ltd. ) C:\Users\friiii\Downloads\SpybotAntiBeacon-3.5-setup.exe
2020-06-01 21:12 - 2020-06-01 21:12 - 000000000 ____D C:\Windows\system32\Tasks\WPD
2020-06-01 21:07 - 2020-06-17 00:47 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-06-01 21:07 - 2020-06-04 00:14 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-06-01 21:07 - 2020-06-01 21:12 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2020-06-01 21:07 - 2020-06-01 21:07 - 000000000 ____D C:\Users\friiii\AppData\Roaming\Waterfox
2020-06-01 21:07 - 2020-06-01 21:07 - 000000000 ____D C:\Users\friiii\AppData\Local\Waterfox
2020-06-01 21:07 - 2020-06-01 21:07 - 000000000 ____D C:\ProgramData\Waterfox
2020-06-01 21:06 - 2020-06-01 21:06 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\friiii\Downloads\spybotsd-2.8.68.0.exe
2020-06-01 20:35 - 2020-06-01 20:35 - 000000058 _____ C:\Users\friiii\Desktop\scan.txt
2020-06-01 20:32 - 2015-08-24 15:37 - 000081920 _____ (Tebjan Halm) C:\Users\friiii\Desktop\TimerTool.exe
2020-06-01 20:24 - 2020-06-09 23:15 - 000000000 ____D C:\Program Files (x86)\ZotacFireStorm
2020-06-01 20:09 - 2020-06-01 20:09 - 000000000 ____D C:\Windows\pss
2020-06-01 19:53 - 2020-06-01 19:53 - 000000000 ____D C:\Users\friiii\AppData\Local\www.coderbag.com
2020-05-29 23:21 - 2020-03-12 12:08 - 007308368 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-05-29 23:21 - 2020-03-12 12:08 - 005831392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPOU64.dll
2020-05-29 23:21 - 2020-03-12 12:08 - 001145464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCOM64.dll
2020-05-29 23:21 - 2020-03-12 12:08 - 001093352 _____ (Realtek Semiconductor) C:\Windows\system32\RtkAudUService64.exe
2020-05-29 23:21 - 2020-03-12 12:08 - 000844888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64U.dll
2020-05-29 23:21 - 2020-03-12 12:08 - 000495288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2020-05-29 23:21 - 2020-03-12 12:08 - 000224272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2020-05-29 23:21 - 2020-03-12 08:58 - 038837969 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2020-05-29 23:14 - 2020-05-29 23:14 - 000000000 ____D C:\Program Files (x86)\Realtek
2020-05-29 23:14 - 2019-12-19 23:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2020-05-29 21:55 - 2020-05-29 21:55 - 000000078 ___RH C:\Windows\ctfile.rfc
2020-05-29 21:22 - 2020-05-29 21:30 - 000000000 ____D C:\ProgramData\Creative
2020-05-29 21:22 - 2012-11-27 00:52 - 000005783 ____N C:\Windows\system32\CTOPT352.cat
2020-05-29 21:22 - 2012-08-13 22:51 - 000183808 ____N (Creative Technology Ltd) C:\Windows\system32\CTOPT352.dll
2020-05-29 21:22 - 2010-10-04 23:20 - 000088576 ____N (Creative Technology Ltd) C:\Windows\system32\CTOPT399.dll
2020-05-29 21:22 - 2010-10-03 22:54 - 000005594 ____N C:\Windows\system32\CTOPT399.cat
2020-05-29 21:22 - 2008-12-23 04:13 - 000049664 ____N (Creative Technology Ltd) C:\Windows\system32\CTChkAud.dll
2020-05-29 21:22 - 2006-12-05 21:53 - 000042496 ____N (Creative Technology Ltd.) C:\Windows\system32\AddCat.exe
2020-05-29 21:22 - 2006-10-06 21:17 - 000053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2020-05-29 21:22 - 2003-06-13 07:25 - 000007062 _____ C:\Windows\SysWOW64\audiopid.vxd
2020-05-29 21:22 - 2000-05-22 23:58 - 000647872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Mscomct2.ocx
2020-05-29 21:21 - 2020-05-29 21:55 - 000000000 ____D C:\Program Files (x86)\Creative
2020-05-29 21:21 - 2020-05-29 21:21 - 000000000 ____D C:\Users\Public\Creative
2020-05-29 21:21 - 2012-08-17 02:42 - 000004888 _____ C:\Windows\cthdaGER.reg
2020-05-29 08:47 - 2020-06-15 11:50 - 000000000 ____D C:\Users\friiii\AppData\Roaming\2K
2020-05-29 04:01 - 2020-05-29 04:01 - 000000000 ____D C:\Users\friiii\AppData\Roaming\NVIDIA
2020-05-29 02:23 - 2020-05-29 02:23 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2020-05-29 02:22 - 2020-05-18 21:44 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-29 02:22 - 2020-05-18 21:44 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2020-05-29 02:22 - 2020-05-18 21:44 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-29 02:22 - 2020-05-18 21:44 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-05-29 02:22 - 2020-05-18 21:44 - 001079000 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-05-29 02:22 - 2020-05-18 21:44 - 001079000 _____ C:\Windows\system32\vulkan-1.dll
2020-05-29 02:22 - 2020-05-18 21:44 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-05-29 02:22 - 2020-05-18 21:44 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-05-29 02:22 - 2020-05-18 21:44 - 000451480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-05-29 02:22 - 2020-05-18 21:44 - 000348048 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-05-29 02:22 - 2020-05-18 21:41 - 011944864 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-05-29 02:22 - 2020-05-18 21:41 - 010286480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-05-29 02:22 - 2020-05-18 21:40 - 001005968 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2020-05-29 02:22 - 2020-05-18 21:40 - 000816872 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-05-29 02:22 - 2020-05-18 21:40 - 000676240 _____ C:\Windows\system32\nvofapi64.dll
2020-05-29 02:22 - 2020-05-18 21:40 - 000543136 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-05-29 02:22 - 2020-05-18 21:39 - 002073008 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-05-29 02:22 - 2020-05-18 21:39 - 001566104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-05-29 02:22 - 2020-05-18 21:39 - 001482144 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-05-29 02:22 - 2020-05-18 21:39 - 001350576 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-05-29 02:22 - 2020-05-18 21:39 - 001142008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-05-29 02:22 - 2020-05-18 21:39 - 001048488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-05-29 02:22 - 2020-05-18 21:39 - 000680864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-05-29 02:22 - 2020-05-18 21:39 - 000561400 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2020-05-29 02:22 - 2020-05-18 21:39 - 000546728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-05-29 02:22 - 2020-05-18 21:38 - 005856664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-05-29 02:22 - 2020-05-18 21:38 - 000811256 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-05-29 02:22 - 2020-05-18 21:38 - 000655080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-05-29 02:22 - 2020-05-18 21:38 - 000444816 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2020-05-29 02:22 - 2020-05-18 21:37 - 017600240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-05-29 02:22 - 2020-05-18 21:37 - 015157992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-05-29 02:22 - 2020-05-18 21:37 - 005590248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2020-05-29 02:22 - 2020-05-18 21:37 - 005159312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-05-29 02:22 - 2020-05-18 21:37 - 000849824 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2020-05-29 02:22 - 2020-05-18 21:36 - 004928256 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-05-29 02:22 - 2020-05-18 21:36 - 004195672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-05-29 02:22 - 2020-05-16 08:07 - 000106838 _____ C:\Windows\system32\nvidia-smi.1.pdf
2020-05-29 02:22 - 2020-05-16 08:07 - 000077294 _____ C:\Windows\system32\nvinfo.pb
2020-05-28 05:36 - 2020-05-28 05:36 - 068120744 _____ (Riot Games, Inc.) C:\Users\friiii\Downloads\Install VALORANT.exe
2020-05-28 02:55 - 2020-06-12 23:03 - 000000000 ____D C:\Users\friiii\AppData\Local\somemorebytes
2020-05-28 01:49 - 2020-05-28 01:49 - 000306928 _____ (Thesycon GmbH) C:\Users\friiii\Downloads\dpclat.exe
2020-05-28 01:03 - 2020-06-12 15:52 - 000003226 _____ C:\Windows\system32\Tasks\Empty Standby Memory
2020-05-28 00:58 - 2020-05-28 00:58 - 000000000 ___DC C:\Empty Standby Memory
2020-05-27 22:03 - 2020-05-27 22:05 - 560938496 _____ (NVIDIA Corporation) C:\Users\friiii\Downloads\446.14-desktop-win10-64bit-international-dch-whql.exe
2020-05-25 01:41 - 2020-06-11 16:58 - 000000000 ___SH C:\Users\Public\Shared Files
2020-05-25 01:34 - 2020-05-25 01:34 - 000000000 ____D C:\Users\friiii\AppData\Local\FortniteGame
2020-05-24 20:59 - 2020-06-11 07:02 - 000000000 ____D C:\Users\friiii\AppData\Local\2K
2020-05-24 20:59 - 2020-05-24 20:59 - 000000000 ____D C:\Users\friiii\Documents\My Games
2020-05-24 20:42 - 2020-05-24 20:42 - 000000298 _____ C:\Users\friiii\Desktop\Sid Meier's Civilization VI.url
2020-05-24 20:13 - 2020-05-24 20:13 - 000000309 _____ C:\Users\friiii\Desktop\Fortnite.url
2020-05-22 23:52 - 2020-05-22 23:52 - 000001299 _____ C:\Users\friiii\Desktop\TeamSpeak 3 Client.lnk
2020-05-22 23:52 - 2020-05-22 23:52 - 000001257 _____ C:\Users\friiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2020-05-22 19:06 - 2020-05-22 19:06 - 1358495744 _____ C:\Users\friiii\Downloads\AmendOS_3.0_Ready_x64.iso
2020-05-21 07:59 - 2020-05-21 07:59 - 000000000 ____D C:\Users\friiii\Downloads\ZOTACGAMING-FireStorm
2020-05-20 06:53 - 2020-05-25 01:34 - 000000000 ____D C:\Users\friiii\AppData\Roaming\EasyAntiCheat
2020-05-20 06:53 - 2020-05-20 06:53 - 000000000 ____D C:\Users\friiii\AppData\Local\SquadGame
2020-05-18 16:42 - 2020-05-18 17:03 - 000000000 ____D C:\Users\friiii\Documents\Rockstar Games
2020-05-18 16:42 - 2020-05-18 17:03 - 000000000 ____D C:\Users\friiii\AppData\Local\Rockstar Games
2020-05-18 16:27 - 2020-06-07 16:17 - 000000000 ____D C:\Program Files\Rockstar Games
2020-05-18 16:27 - 2020-06-07 16:17 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-05-18 16:27 - 2020-05-18 16:27 - 000000000 ____D C:\ProgramData\Rockstar Games
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-17 00:54 - 2020-05-13 02:23 - 000000000 ____D C:\Users\friiii\AppData\LocalLow\Mozilla
2020-06-17 00:52 - 2020-05-13 05:33 - 000698668 _____ C:\Windows\system32\perfh007.dat
2020-06-17 00:52 - 2020-05-13 05:33 - 000145686 _____ C:\Windows\system32\perfc007.dat
2020-06-17 00:52 - 2020-05-13 01:43 - 001626856 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-17 00:52 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2020-06-17 00:48 - 2020-05-13 03:14 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-17 00:48 - 2020-05-13 02:29 - 000000000 ____D C:\Users\friiii\.VirtualBox
2020-06-17 00:48 - 2020-05-13 02:29 - 000000000 ____D C:\ProgramData\VirtualBox
2020-06-17 00:46 - 2020-05-13 01:37 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-17 00:45 - 2018-09-15 07:09 - 000131072 _____ C:\Windows\system32\config\BBI
2020-06-16 21:20 - 2020-05-13 05:25 - 000000000 ____D C:\Users\friiii\AppData\Local\UnrealEngine
2020-06-16 21:20 - 2020-05-13 03:14 - 000000000 ____D C:\ProgramData\Package Cache
2020-06-16 17:07 - 2020-05-17 20:54 - 000000000 ____D C:\Users\friiii\AppData\Local\Battle.net
2020-06-16 11:16 - 2020-05-13 03:25 - 000000000 ____D C:\Users\friiii\AppData\Local\D3DSCache
2020-06-16 03:30 - 2020-05-13 01:39 - 000000000 ____D C:\Users\friiii
2020-06-16 00:37 - 2020-05-13 01:37 - 000223072 _____ C:\Windows\system32\FNTCACHE.DAT
2020-06-16 00:34 - 2018-09-15 08:33 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2020-06-16 00:25 - 2020-05-13 01:37 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-06-15 23:48 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SysWOW64\inetsrv
2020-06-15 23:48 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\inetsrv
2020-06-15 20:43 - 2020-05-17 20:50 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-06-15 18:06 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2020-06-13 02:36 - 2020-05-13 02:27 - 000000000 ____D C:\Users\friiii\AppData\Local\CyberGhost
2020-06-12 23:21 - 2020-05-16 19:13 - 000000000 ____D C:\temp
2020-06-12 23:21 - 2020-05-13 03:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-06-12 23:20 - 2020-05-13 03:14 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-06-11 11:25 - 2020-05-13 03:15 - 000000000 ____D C:\Users\friiii\AppData\Local\NVIDIA Corporation
2020-06-11 06:04 - 2020-05-13 03:15 - 000000000 ____D C:\Users\friiii\AppData\Local\NVIDIA
2020-06-11 06:04 - 2020-05-13 03:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-06-10 12:22 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-10 12:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2020-06-09 23:52 - 2020-05-13 01:39 - 000000000 ____D C:\Users\friiii\AppData\Local\Packages
2020-06-09 21:34 - 2020-05-13 05:23 - 000000000 ____D C:\Users\friiii\AppData\Local\PlaceholderTileLogoFolder
2020-06-09 21:30 - 2020-05-13 02:33 - 000000000 ____D C:\ProgramData\Packages
2020-06-08 02:31 - 2020-05-13 05:42 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2020-06-08 02:31 - 2020-05-13 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-06-07 15:44 - 2020-05-13 21:25 - 000000000 ____D C:\Program Files\HWiNFO64
2020-06-07 15:43 - 2020-05-13 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2020-06-07 13:42 - 2020-03-26 16:33 - 000000000 ____D C:\Windows\Panther
2020-06-06 23:39 - 2020-05-13 21:31 - 000000000 ____D C:\Users\friiii\AppData\Roaming\MAXON
2020-06-06 23:21 - 2020-05-14 08:19 - 000000000 ____D C:\Users\friiii\Downloads\Benchmark
2020-06-05 23:17 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-06-04 22:47 - 2020-05-13 02:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-04 21:34 - 2020-05-13 02:23 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-02 12:35 - 2020-05-13 02:16 - 000000000 ____D C:\Users\friiii\AppData\Local\ElevatedDiagnostics
2020-05-29 23:22 - 2020-05-13 05:45 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-05-29 23:21 - 2020-05-13 05:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-05-25 01:41 - 2018-09-15 08:33 - 000000000 __SHD C:\Users\Public\Libraries
2020-05-22 23:52 - 2020-05-16 19:26 - 000000000 ____D C:\Users\friiii\AppData\Local\TeamSpeak 3 Client
2020-05-22 20:35 - 2020-05-17 03:28 - 000000000 ____D C:\Program Files\Epic Games
2020-05-22 19:04 - 2020-05-13 02:31 - 000000000 ____D C:\Users\friiii\VirtualBox VMs
2020-05-21 08:35 - 2020-05-14 08:18 - 000000000 ____D C:\Users\friiii\Documents\Ubuntu
2020-05-20 06:53 - 2020-05-17 03:35 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
--- --- --- --- --- --- Code:
ATTFilter // info: Rootkit removal help file
// copyright: (c) 2008-2020 Safer-Networking Ltd. All rights reserved.
:: RootAlyzer Results
File:"Unknown ADS","C:\Users\Public\Shared Files:VersionCache:$DATA"
File:"Unknown ADS","C:\Users\friiii\Application Data:00e481b5e22dbe1f649fcddd505d3eb7:$DATA"
File:"Unknown ADS","C:\Users\friiii\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7:$DATA"
File:"Unknown ADS","C:\Users\friiii\AppData\Local\Microsoft\Feeds:KnownSources:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64:{4A705BBE-C39C-4059-9658-2F0F8F0A4F12}:$DATA"
File:"Unknown ADS","C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64:{B6B3D3B5-E6DA-4ac3-B20B-7AD145E0AF58}:$DATA"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\","Epic Games"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\","com.epicgames.launcher"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\WOW6432Node\","com.epicgames.launcher"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\WOW6432Node\com.epicgames.launcher\","DefaultIcon"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\WOW6432Node\com.epicgames.launcher\","shell"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\WOW6432Node\com.epicgames.launcher\shell\","open"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\WOW6432Node\com.epicgames.launcher\shell\open\","command"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\com.epicgames.launcher\","DefaultIcon"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\com.epicgames.launcher\","shell"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\com.epicgames.launcher\shell\","open"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\com.epicgames.launcher\shell\open\","command"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\","Provider"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Provider\","CBP"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Provider\","DPA"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Provider\","SecurityApp"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\","WebProtection"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs\","DuState"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\EpicGames\Unreal Engine\","4.0"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Epic Games\","EpicGamesLauncher"
Geändert von Ambisonte (17.06.2020 um 03:12 Uhr) Grund: Logdatei anfügen |
| Themen zu Hijacker und Adware im Browser kehren zurück |
| adware, browser, diverse, download, festplatte, festplatten, firefox, folge, hijacker, hijacker und adware im browser kehren zurück, internet, internetseite, leute, linux, logdatei, mozilla, neu, node.js, nvcontainer, nvcontainer.exe, problem, programme, schnell, seite, seiten, sigcheck, spybot, surfen, system, ubuntu, virtualbox, windowsapps |
Baum-Darstellung