| |
| |||||||
Log-Analyse und Auswertung: Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.02.2022, 00:01
| #1 |
| |  Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner. Hi Leute, folgendes Problem. Wenn ich in Opera auf meiner Bankseite auf LogIn Butten klicke, so komme ich nicht zu dem Bereich wo ich einloggen kann sondern hierher: https://www.smartredirect.de/redir/clickGate.php?u=SlzvTCGB&m=4&p=DjmACiYHKw&t=3&splash=&s=ssq1sxgd49nk00000000&url=https%3A%2F%2Fwww.1822direkt-banking.de%2F%3F&q=&r= mailwarebytes hat nichts gefunden. Was ich mehr machen kann, weiss ich nicht. Kann wer die Logs gucken und weiterhelfen? Vielen Dank. FRST.TXT Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022
durchgeführt von Chef (Administrator) auf CHEF-PC (01-02-2022 23:30:51)
Gestartet von J:\temp
Geladene Profile: Chef & HA
Plattform: Microsoft Windows 10 Pro Version 2004 19041.1415 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] D:\ProgrammeSSD\No-IP\ducservice.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Brio) [Datei ist nicht signiert] C:\Program Files\FolderSize\FolderSizeSvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\140.4.1951\QtWebEngineProcess.exe <2>
(Easybits AS -> Easybits) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <3>
(Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Foxit Software Incorporated -> Foxit Corporation) C:\Users\HA\AppData\Roaming\Foxit Software\Addon\Foxit Reader\FoxitReaderUpdater.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\HA\AppData\Local\Programs\Opera\83.0.4254.27\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\HA\AppData\Local\Programs\Opera\opera.exe <81>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Protected Antivirus Limited -> ScanGuard) C:\Program Files (x86)\ScanGuard\SecurityService.exe <2>
(Razer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) D:\ProgrammeSSD\Razer Cortex\RzKLService.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(TomTom) [Datei ist nicht signiert] D:\ProgrammeSSD\TomTom HOME\TTHOMEService.exe
0 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
0 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
0 C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.232.137.0_x64__8wekyb3d8bbwe\Desktop\WDADesktopService.exe
0 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
0 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
0 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21121.250.0_x64__8wekyb3d8bbwe\YourPhone.exe
0 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21121.250.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [KeePass 2 PreLoad] => D:\ProgrammeSSD\KeePass Password Safe 2\KeePass.exe [3159744 2021-05-07] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [Malwarebytes Windows Firewall Control] => C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe [635576 2021-08-27] (Malwarebytes Inc -> Malwarebytes)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596664 2017-08-30] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\RunOnce: [auup697] => C:\Program Files\AVAST Software\Avast\setup\auup697.exe [161560 2021-10-13] (Avast Software s.r.o. -> )
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Run: [EADM] => D:\SpieleSSD\Origin\Origin.exe [3131664 2019-10-22] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Run: [Steam] => D:\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Run: [CCleaner Smart Cleaning] => D:\ProgrammeSSD\ccleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Run: [TomTomHOME.exe] => D:\ProgrammeSSD\TomTom HOME\TTHOMERunner.exe [332288 2019-12-17] (TomTom) [Datei ist nicht signiert]
HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1414027369-238287121-3710414321-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [Folder Size] => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-12] (Brio) [Datei ist nicht signiert]
HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [CCleaner Smart Cleaning] => D:\ProgrammeSSD\ccleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [EpicGamesLauncher] => D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33637856 2022-01-31] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [GogGalaxy] => D:\SpieleSSD\GOG Galaxy\GalaxyClient.exe [13728096 2021-08-20] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [MyDriveConnect.exe] => D:\ProgrammeSSD\MyDrive Connect\TomTom MyDrive Connect.exe [2224096 2020-11-10] (TomTom International B.V. -> TomTom)
HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Run: [Opera Browser Assistant] => C:\Users\HA\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1414027369-238287121-3710414321-1006\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Windows x64\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9Z.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: c:\windows\system32\CNMLM9Z.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: c:\windows\system32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: c:\windows\system32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\97.1.34.81\Installer\chrmstp.exe [2022-01-21] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] ->
Startup: C:\Users\HA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2013-09-12] () <==== ACHTUNG [Null Byte Datei/Ordner]
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1414027369-238287121-3710414321-1000\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {014AF2AD-3350-4045-BB6F-F38B16C6C89C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {065BFCF0-6FC3-432A-8A00-EDB04948F13E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Keine Datei)
Task: {069C5C9D-7D32-449F-A6DF-E7ADE8627BA6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Keine Datei)
Task: {0733DF00-7ED6-43B1-A8D8-DCB6B9EAED1E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AMD Updater" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineCore" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineUA" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineUA" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6b1f1c610760a" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\npcapwatchdog" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1414027369-238287121-3710414321-1000" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1582736624" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1575362177" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{5693B850-617B-4181-9789-E92B53386C3D}" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{C8ED4D84-A9E0-4A69-A697-BBAC8F3838A5}" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\VivaldiUpdateCheck-958b61f85d25c11f" /ENABLE
Task: {17056324-92DE-4565-AFEB-BBDA03AD3A97} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {2793592A-FC9B-4F84-907A-A5D334625AB2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Keine Datei)
Task: {27AF5CA3-D3B9-4CD4-AD11-F496A5790681} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Keine Datei)
Task: {2C9578B8-5EB1-4CF6-A4A1-507EA92881AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {32C3403A-B496-4959-B2BC-52089E1B3CA8} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {37EB71D6-B8AB-41CF-BD22-8D376B13A616} - System32\Tasks\CreateExplorerShellUnelevatedTask => c:\windows\explorer.exe /NoUACCheck
Task: {3D72CD85-AFC1-4E25-B1C1-C1477168726D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {42D123E3-B60C-40EB-B4B7-0589BB86E157} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Keine Datei)
Task: {431FA6E6-40B4-42BB-9E8E-87586A7F9A46} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4B58AD51-DBE7-44FB-A32B-8FB0B6AE7C5C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {4BAAF3C4-E473-4EB2-A5E3-A061DBC18A46} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
Task: {4C499EBE-8B6D-44CA-81A9-DD9FE825A09B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {4FD27115-9107-49F0-B5DF-F7E08314CC7D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Keine Datei)
Task: {5091BAEA-7A4F-4396-8744-8339ADA384B1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Keine Datei)
Task: {564259EF-7FAC-498D-AFBC-63EFE9D41857} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Keine Datei)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5EC9A78C-0EE6-498C-A02B-8667CBDC1908} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Keine Datei)
Task: {5F4EBEB7-3A11-418F-831E-43A1CACF0B16} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {61337DDE-5EF8-4D72-8BDA-C8C2CB281F90} - System32\Tasks\VivaldiUpdateCheck-958b61f85d25c11f => C:\Users\HA\AppData\Local\Vivaldi\Application\update_notifier.exe [3058064 2022-01-21] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {6409C90D-4EDE-4482-91C8-533BA3544E3B} - System32\Tasks\CCleaner Update => D:\ProgrammeSSD\ccleaner\CCUpdate.exe [619416 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6BFA90E6-14B8-4B7B-8C84-49A679432E62} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Keine Datei)
Task: {6DC8EC30-C5CB-44F2-BA57-CC2D5919A806} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {705C3396-C6AA-4254-82B5-0A427421BAA6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7630E6BE-0BED-4036-BA15-DE74A20C437F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Keine Datei)
Task: {7636A6E6-10FD-456D-84D6-BFD3ADEE0825} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {79C4BACB-F4C4-4FCE-921B-28FED91B6FAF} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Keine Datei)
Task: {7E80BDB2-D551-490A-AB12-C54713AD205D} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-04-21] () [Datei ist nicht signiert]
Task: {7FA9F1E7-0A5C-4134-A018-6A2FD1A2FEB9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {8030B787-D1E1-4B98-B619-6E32C02108C7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Keine Datei)
Task: {8202A2B5-A43F-411C-A035-66225C297566} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {89CD267E-FE02-415F-9A22-12BFB515DC93} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Keine Datei)
Task: {8DC0784E-B626-4B72-B2D5-4E388B17CDE6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Keine Datei)
Task: {96A21D60-31E0-43BC-AAE5-B864464B1C42} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Keine Datei)
Task: {9E5A17CE-395C-40B3-9E53-8B57EF68448F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {9EE431EF-3868-48FE-B64D-55F16D120E5C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Keine Datei)
Task: {A2A15D6A-0142-4881-9B70-B106F4451D98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Keine Datei)
Task: {A5BF9DAC-2DFC-4171-9CFC-D37886A27B54} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Keine Datei)
Task: {A6499E7D-5B57-4B53-AB18-C01B5485F768} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Keine Datei)
Task: {AFE1B316-C858-4D6C-9E44-9AF08384D85D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B23191E5-2375-4F7F-BA1C-824338FF4E2C} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-24] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {B25B00A3-6AA5-48D4-ADD1-D0912A9181CE} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe (Keine Datei)
Task: {B4FBDD03-C569-403D-8387-422CE1777809} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B53563C4-8599-49F8-8192-A62F3615D2CF} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10385288 2016-07-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B8247FD0-4823-4188-A23C-EC933BF13008} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {BEDB9F3C-A964-4143-946B-3C4964B01CCD} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {CC83B719-C866-4789-A94B-951CFFA6F137} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {CDCC809E-EA1C-463E-AD37-0F7E3E8DA299} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-24] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CEAEE351-CAD4-4120-8B38-BEA1DA86D360} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {CFF94FA8-3DBE-4C5A-8034-F1DAD168E5EB} - System32\Tasks\Opera scheduled assistant Autoupdate 1582736624 => C:\Users\HA\AppData\Local\Programs\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HA\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D0081A87-B9C1-4C1F-80DB-EC3A3F3EBC71} - System32\Tasks\CCleanerSkipUAC => D:\ProgrammeSSD\ccleaner\CCleaner.exe [16467424 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DDFC376C-2D96-4392-B968-72F12613F31D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Keine Datei)
Task: {E5E95960-B716-4B4F-A00C-272834026069} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {E6686E67-0C7E-40A5-BA97-710A442317ED} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {E7CAFEA4-7FE5-4825-A45D-6D374570691D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {EE5C90E0-C9FD-4B29-AFEF-D6AD96D71229} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1414027369-238287121-3710414321-1000 => C:\Users\Chef\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei)
Task: {EE83F3C8-0DA4-4677-87F1-95C10ADD8944} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Keine Datei)
Task: {EEF38EE7-71BF-4BE3-B589-5A0652DC4C56} - System32\Tasks\Opera scheduled Autoupdate 1575362177 => C:\Users\HA\AppData\Local\Programs\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software)
Task: {F2822B75-873A-44E9-B998-CC5044C4DDC3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {F4B943A4-93BD-484D-AD85-709CC3E7C345} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Keine Datei)
Task: {F7596E3C-BCF4-4AF9-9151-218877E1D710} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Keine Datei)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{32168289-76e1-4690-9a23-9c19833bb19b}: [DhcpNameServer] 192.168.72.93
Tcpip\..\Interfaces\{33738dec-ed7c-4fcd-8456-6a09caeb2f21}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{33738dec-ed7c-4fcd-8456-6a09caeb2f21}: [DhcpNameServer] 192.168.188.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Profile: C:\Users\Chef\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-16]
FireFox:
========
FF ProfilePath: C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default [2022-02-01]
FF DownloadDir: D:
FF Homepage: Mozilla\Firefox\Profiles\mi5yrlev.default -> hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl
FF NewTab: Mozilla\Firefox\Profiles\mi5yrlev.default -> about:newtab
FF Extension: (Search and New Tab by Yahoo) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2017-05-05] []
FF Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\sp@avast.com.xpi [2019-02-20]
FF Extension: (Test Pilot for Thunderbird) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\tbtestpilot@labs.mozilla.com.xpi [2012-07-07] [] [ist nicht signiert]
FF Extension: (Avast Online Security) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\wrc@avast.com.xpi [2018-07-22]
FF Extension: (Password Exporter) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2012-07-13] [] [ist nicht signiert]
FF Extension: (Torbutton) - C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2012-07-13] [] [ist nicht signiert]
FF SearchPlugin: C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\searchplugins\google-images.xml [2015-10-22]
FF SearchPlugin: C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\searchplugins\google-maps.xml [2015-10-22]
FF SearchPlugin: C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\mi5yrlev.default\searchplugins\yahoo-avast.xml [2014-09-06]
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-07-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-07-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\ProgrammeSSD\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1414027369-238287121-3710414321-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1414027369-238287121-3710414321-1006: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default [2022-02-01]
CHR HomePage: Default -> hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultSearchKeyword: Default -> de.search.yahoo.com
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Yahoo Partner) - C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2020-07-02]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-12-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Chef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR HKU\S-1-5-21-1414027369-238287121-3710414321-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\HA\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-01-02]
CHR HKU\S-1-5-21-1414027369-238287121-3710414321-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKU\S-1-5-21-1414027369-238287121-3710414321-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Brave:
=======
BRA Profile: C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2020-09-07]
BRA DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
BRA DefaultSearchKeyword: Default -> Yahoo
BRA DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
BRA Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-05-05]
BRA Extension: (Yahoo Partner) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2020-05-05]
BRA Extension: (Avast Online Security) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-05-05]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-06-09]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2020-06-09]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-05-05]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2020-05-05]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Chef\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-05-05]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-09] (Adobe Systems) [Datei ist nicht signiert]
S2 appdrvrem01; C:\WINDOWS\System32\appdrvrem01.exe [551896 2019-02-22] (Protection Technology, Ltd. -> Protection Technology)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1720088 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2022-01-20] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-24] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-24] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2021-06-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-12] (Brio) [Datei ist nicht signiert]
S3 GalaxyClientService; D:\SpieleSSD\GOG Galaxy\GalaxyClientService.exe [1955680 2021-08-20] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-08-20] (GOG Sp. z o.o. -> GOG.com)
R2 NoIPDUCService4; D:\ProgrammeSSD\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert]
S4 Origin Client Service; D:\SpieleSSD\Origin\OriginClientService.exe [2403120 2019-10-22] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; D:\SpieleSSD\Origin\OriginWebHelperService.exe [3282736 2019-10-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [431616 2017-11-07] (Razer Inc.) [Datei ist nicht signiert]
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [919200 2017-11-29] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] (Razer USA Ltd. -> )
S3 Rockstar Service; D:\SpieleSSD\Launcher\Rockstar Games\RockstarService.exe [1629312 2020-10-19] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzKLService; D:\ProgrammeSSD\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer USA Ltd. -> Razer Inc.)
S4 SamsungAllShareV2.0; D:\ProgrammeSSD\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-03-02] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 SecurityService; C:\Program Files (x86)\ScanGuard\SecurityService.exe [265064 2021-11-09] (Protected Antivirus Limited -> ScanGuard)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SimpleSlideShowServer; D:\ProgrammeSSD\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TTHOMEService; D:\ProgrammeSSD\TomTom HOME\TTHOMEService.exe [97792 2019-04-17] (TomTom) [Datei ist nicht signiert]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 wfcs; C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe [118456 2021-08-27] (Malwarebytes Inc -> Malwarebytes)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [X]
S3 FvSvc; "C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe" -service [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 appdrv01; C:\WINDOWS\System32\Drivers\appdrv01.sys [3852976 2019-02-22] (Protection Technology, Ltd. -> Protection Technology)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-29] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-09-08] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-09-08] (Avast Software s.r.o. -> WireGuard LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-07-21] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-07-21] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2019-10-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49304 2014-12-15] (ManyCam LLC -> Visicom Media Inc.)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35992 2014-12-15] (ManyCam LLC -> Visicom Media Inc.)
S3 mv91xx; C:\WINDOWS\System32\drivers\mv91xx.sys [302632 2010-03-17] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
R0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [345320 2015-10-21] (Marvell Semiconductor, Inc. -> Marvell Semiconductor, Inc.)
S3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216 2016-05-16] (SoftEther Corporation -> SoftEther Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74744 2021-04-21] (Insecure.Com LLC -> Insecure.Com LLC.)
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] (Wolfram Podien -> )
S0 ProtectedELAM; C:\WINDOWS\System32\drivers\protected_elam.sys [17864 2021-11-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> TODO: <Company name>)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-06-18] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-06-18] (MiniTool Solution Ltd -> )
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer USA Ltd. -> Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer USA Ltd. -> Razer, Inc.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [51024 2016-05-16] (SoftEther Corporation -> SoftEther Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2018-06-08] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2018-06-08] (Valve Corp. -> )
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-18] (Microsoft Windows -> Microsoft Corporation)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264 2021-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ACHTUNG
S3 wod0205; C:\WINDOWS\System32\drivers\wod0205.sys [33160 2011-04-23] (Secure Plus d.o.o. -> WeOnlyDo Software)
U3 idsvc; kein ImagePath
U4 npcap_wifi; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-02-01 23:04 - 2022-02-01 23:05 - 000000000 ___DC C:\Users\HA\Desktop\HiJackThis
2022-02-01 22:48 - 2022-02-01 23:29 - 000003544 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1575362177
2022-02-01 22:48 - 2022-02-01 22:48 - 000001441 _____ C:\Users\HA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2022-02-01 22:44 - 2022-02-01 22:44 - 000001193 _____ C:\Users\HA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScanGuard.lnk
2022-02-01 22:44 - 2022-02-01 22:44 - 000000000 ___DC C:\Users\HA\Documents\ScanGuard
2022-02-01 22:44 - 2022-02-01 22:44 - 000000000 ____D C:\Users\HA\AppData\Local\GUI
2022-02-01 08:47 - 2022-02-01 08:47 - 000000000 ____D C:\Users\Chef\Documents\ScanGuard
2022-02-01 08:47 - 2021-11-09 17:51 - 000096264 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\webshieldfilter.sys
2022-02-01 08:45 - 2022-02-01 22:44 - 000000000 ____D C:\Program Files (x86)\ScanGuard
2022-02-01 08:45 - 2022-02-01 08:45 - 000001181 _____ C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScanGuard.lnk
2022-02-01 08:45 - 2022-02-01 08:45 - 000001095 _____ C:\Users\Public\Desktop\ScanGuard.lnk
2022-02-01 08:45 - 2022-02-01 08:45 - 000000000 ____D C:\Users\Chef\AppData\Local\GUI
2022-02-01 08:45 - 2022-02-01 08:45 - 000000000 ____D C:\ProgramData\SecuritySuite
2022-02-01 08:45 - 2022-02-01 08:45 - 000000000 ____D C:\ProgramData\ScanGuard
2022-02-01 08:45 - 2021-11-09 17:51 - 000017864 _____ (TODO: <Company name>) C:\WINDOWS\system32\Drivers\protected_elam.sys
2022-01-21 10:59 - 2022-01-21 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-01-20 11:21 - 2022-01-20 11:21 - 000000000 ___DC C:\Users\HA\AppData\LocalLow\SZSS INTERACTIVE
2022-01-19 22:08 - 2022-01-19 22:08 - 000000203 ____C C:\Users\HA\Desktop\Settlement Survival.url
2022-01-19 01:17 - 2022-01-19 01:17 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-01-19 01:17 - 2022-01-19 01:17 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-01-19 01:17 - 2022-01-19 01:17 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-01-19 01:17 - 2022-01-19 01:17 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-01-15 10:09 - 2022-01-15 10:09 - 000000000 ____D C:\Users\HA\AppData\Local\Stardock
2022-01-15 10:06 - 2022-01-15 10:09 - 000000000 ____D C:\ProgramData\Stardock
2022-01-15 09:41 - 2022-01-15 09:41 - 000000346 ____C C:\Users\HA\Desktop\Galactic Civilizations III (Test branch).url
2022-01-15 09:36 - 2022-01-15 09:36 - 000061681 ____C C:\Users\HA\Desktop\freitext_20220113164324-129302558.pdf
2022-01-13 23:28 - 2022-01-13 23:29 - 004608203 ____C C:\Users\HA\Desktop\Bara May (Kosol Ouch) und Peppi La Montagna.pdf
2022-01-05 20:04 - 2022-01-05 20:04 - 000002368 ____C C:\Users\HA\Desktop\minecraftWorlds - Verknüpfung.lnk
2022-01-05 17:34 - 2022-01-05 17:34 - 000000000 ____D C:\Users\HA\AppData\Roaming\internalStorage
2022-01-05 17:34 - 2022-01-05 17:34 - 000000000 ____D C:\Users\HA\AppData\Roaming\games
2022-01-02 10:35 - 2022-01-02 18:53 - 000000000 ___DC C:\Users\HA\Documents\Algodoo
2022-01-02 10:35 - 2022-01-02 10:35 - 000001067 _____ C:\Users\Public\Desktop\Algodoo.lnk
2022-01-02 10:35 - 2022-01-02 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Algodoo
2022-01-02 10:35 - 2022-01-02 10:35 - 000000000 ____D C:\Program Files (x86)\Algodoo
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-02-01 23:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-01 23:31 - 2016-08-25 00:11 - 000000000 ___DC C:\FRST
2022-02-01 23:29 - 2021-10-14 13:49 - 000003770 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582736624
2022-02-01 23:29 - 2021-08-30 17:34 - 000003026 _____ C:\WINDOWS\system32\Tasks\VivaldiUpdateCheck-958b61f85d25c11f
2022-02-01 23:29 - 2021-07-12 21:55 - 000002648 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-02-01 23:29 - 2020-11-30 16:16 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b1f1c610760a
2022-02-01 23:29 - 2020-11-03 16:19 - 000003824 _____ C:\WINDOWS\system32\Tasks\AMD Updater
2022-02-01 23:29 - 2020-11-03 16:19 - 000003698 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-02-01 23:29 - 2020-11-03 16:19 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-01 23:29 - 2020-11-03 16:19 - 000003642 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2022-02-01 23:29 - 2020-11-03 16:19 - 000003620 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-01 23:29 - 2020-11-03 16:19 - 000003474 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-02-01 23:29 - 2020-11-03 16:19 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-01 23:29 - 2020-11-03 16:19 - 000003418 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2022-02-01 23:29 - 2020-11-03 16:19 - 000003396 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-01 23:29 - 2020-11-03 16:19 - 000003354 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C8ED4D84-A9E0-4A69-A697-BBAC8F3838A5}
2022-02-01 23:29 - 2020-11-03 16:19 - 000003350 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5693B850-617B-4181-9789-E92B53386C3D}
2022-02-01 23:29 - 2020-11-03 16:19 - 000003252 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-01 23:29 - 2020-11-03 16:19 - 000002918 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1414027369-238287121-3710414321-1000
2022-02-01 23:29 - 2020-11-03 16:19 - 000002218 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2022-02-01 23:29 - 2020-11-03 16:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-02-01 23:29 - 2019-11-11 13:25 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-02-01 23:29 - 2019-11-11 13:25 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-02-01 23:28 - 2020-11-03 16:19 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-02-01 23:28 - 2020-01-17 18:00 - 000000000 ___DC C:\Users\HA\AppData\Roaming\vlc
2022-02-01 23:06 - 2012-07-13 09:21 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-01 22:52 - 2016-11-19 05:57 - 000000000 ____D C:\Users\HA\AppData\LocalLow\Mozilla
2022-02-01 22:52 - 2012-07-13 09:28 - 000000000 ___DC C:\ProgramData\Mozilla
2022-02-01 22:48 - 2020-11-03 16:03 - 002870892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-01 22:48 - 2020-11-03 14:15 - 000790528 _____ C:\WINDOWS\system32\perfh019.dat
2022-02-01 22:48 - 2020-11-03 14:15 - 000162228 _____ C:\WINDOWS\system32\perfc019.dat
2022-02-01 22:48 - 2019-12-07 15:51 - 000820884 _____ C:\WINDOWS\system32\perfh007.dat
2022-02-01 22:48 - 2019-12-07 15:51 - 000177416 _____ C:\WINDOWS\system32\perfc007.dat
2022-02-01 22:48 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-01 22:44 - 2015-06-16 11:17 - 000000000 ___DC C:\Users\HA\AppData\Local\Dropbox
2022-02-01 22:43 - 2021-06-18 18:41 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-01 22:43 - 2020-11-03 16:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-01 22:43 - 2012-07-13 09:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-01 22:43 - 2012-07-13 09:21 - 000000000 ___DC C:\ProgramData\AVAST Software
2022-02-01 22:43 - 2012-07-13 09:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-02-01 12:44 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-02-01 11:52 - 2020-11-03 15:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-01 08:59 - 2017-09-19 11:41 - 000000000 ____D C:\Users\HA\AppData\Roaming\KeePass
2022-02-01 08:45 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-02-01 08:40 - 2016-08-22 19:25 - 000000000 ___DC C:\Users\HA\AppData\Local\CrashDumps
2022-02-01 08:36 - 2018-07-22 13:01 - 000000000 ___DC C:\Users\HA\AppData\Local\AVAST Software
2022-02-01 08:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-31 11:04 - 2021-11-27 14:36 - 000000000 ___DC C:\Users\HA\Documents\TrailMakers
2022-01-31 09:01 - 2018-10-22 20:35 - 000000000 ____D C:\Users\HA\AppData\LocalLow\IObit
2022-01-31 09:01 - 2017-03-06 18:18 - 000000000 ___DC C:\ProgramData\IObit
2022-01-31 09:01 - 2017-03-06 18:18 - 000000000 ____D C:\Users\HA\AppData\Roaming\IObit
2022-01-31 09:01 - 2017-03-06 18:18 - 000000000 ____D C:\Users\Chef\AppData\LocalLow\IObit
2022-01-31 09:01 - 2017-03-06 18:17 - 000000000 ____D C:\Users\Chef\AppData\Roaming\IObit
2022-01-31 09:01 - 2017-03-06 18:17 - 000000000 ____D C:\Program Files (x86)\IObit
2022-01-31 09:01 - 2013-04-01 20:09 - 000000000 ____D C:\Users\Chef\AppData\Roaming\Samsung
2022-01-31 09:01 - 2012-07-27 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2022-01-31 09:01 - 2012-07-27 08:06 - 000000000 ____D C:\Users\HA\AppData\Roaming\Samsung
2022-01-31 08:58 - 2016-08-25 00:30 - 000000000 ___DC C:\AdwCleaner
2022-01-31 07:56 - 2021-12-22 22:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-29 17:49 - 2020-06-19 20:26 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-29 17:49 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-28 21:46 - 2018-11-01 09:43 - 000000000 ___DC C:\Users\HA\AppData\Local\Battle.net
2022-01-28 20:47 - 2018-11-01 09:42 - 000000000 ___DC C:\Program Files (x86)\Battle.net
2022-01-25 12:47 - 2012-07-13 09:33 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-23 07:32 - 2021-08-30 17:34 - 000002409 _____ C:\Users\HA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2022-01-23 07:32 - 2021-08-30 17:34 - 000002372 ____C C:\Users\HA\Desktop\Vivaldi.lnk
2022-01-23 07:32 - 2021-08-30 17:33 - 000000000 ____D C:\Users\HA\AppData\Local\Vivaldi
2022-01-22 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-22 16:48 - 2019-08-20 18:42 - 000000000 ___DC C:\Users\HA\AppData\Roaming\EasyAntiCheat
2022-01-21 20:03 - 2019-03-24 17:54 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-01-21 10:59 - 2019-11-11 13:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-01-19 23:29 - 2021-03-23 08:13 - 000004284 ____C C:\Users\HA\Desktop\SL.txt
2022-01-19 22:08 - 2012-08-18 17:04 - 000000000 ____D C:\Users\HA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-01-19 16:15 - 2021-03-14 20:09 - 000000000 ___DC C:\Users\HA\Desktop\!binance
2022-01-15 10:06 - 2020-10-19 18:17 - 000000000 ___DC C:\Users\HA\Documents\My Games
2022-01-12 16:33 - 2021-11-28 20:56 - 000000000 ___DC C:\Users\HA\Desktop\!bilder
2022-01-09 22:10 - 2021-12-18 20:58 - 000034938 ____C C:\Users\HA\Desktop\Plan Gegen Corona!.odt
2022-01-04 12:08 - 2019-10-20 16:17 - 000000000 ___DC C:\Users\HA\AppData\Roaming\TegraRcmGUI
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2016-01-25 16:30 - 2016-01-25 19:32 - 000000096 _____ () C:\Users\Chef\AppData\Roaming\Camdata.ini
2016-01-25 16:30 - 2016-01-25 19:32 - 000000408 _____ () C:\Users\Chef\AppData\Roaming\CamLayout.ini
2016-01-25 16:30 - 2016-01-25 19:32 - 000000408 _____ () C:\Users\Chef\AppData\Roaming\CamShapes.ini
2016-01-25 16:30 - 2016-01-25 19:32 - 000004547 _____ () C:\Users\Chef\AppData\Roaming\CamStudio.cfg
2012-11-12 17:50 - 2012-11-12 17:50 - 000000053 _____ () C:\Users\Chef\AppData\Roaming\PLGComp.ini
2013-12-06 00:47 - 2013-12-06 00:47 - 001838080 _____ (CPUID) C:\Users\Chef\AppData\Roaming\siw_sdk.dll
2015-06-04 06:52 - 2015-06-04 06:54 - 000000026 _____ () C:\Users\Chef\AppData\Local\isoworkshop.ini
2018-06-06 19:28 - 2018-06-06 19:28 - 000000600 _____ () C:\Users\Chef\AppData\Local\PUTTY.RND
2017-05-22 10:56 - 2017-05-22 10:56 - 000000218 _____ () C:\Users\Chef\AppData\Local\recently-used.xbel
2017-05-24 20:05 - 2020-01-18 15:03 - 000007596 _____ () C:\Users\Chef\AppData\Local\Resmon.ResmonCfg
==================== FLock ==============================
2016-05-16 04:03 C:\ProgramData\Info
2017-11-20 19:04 C:\Users\HA\Google Drive
==================== SigCheckExt =========================
2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2013-02-27 20:22 - 2013-01-13 21:35 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 21:32 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 20:22 - 2013-01-13 21:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 21:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 21:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 21:35 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 21:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 20:22 - 2013-01-13 21:31 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 21:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-version-l1-1-0.dll
2021-05-14 12:36 - 2020-06-19 21:05 - 005956608 _____ (The Public) C:\WINDOWS\system32\AviSynth.dll
2013-04-20 16:57 - 2006-02-23 11:16 - 000047616 _____ (TODO: <Company name>) C:\WINDOWS\system32\AvmColorFax.dll
2013-04-20 16:57 - 2006-02-22 09:53 - 000043520 _____ (TODO: <Company name>) C:\WINDOWS\system32\AvmFax.dll
2016-01-14 18:32 - 2012-12-12 11:37 - 000318464 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRun64.dll
2016-01-14 18:32 - 2012-07-14 09:53 - 000087040 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrNetSti.dll
2016-01-14 18:32 - 2012-10-29 06:14 - 000058880 _____ (Brother Industries,Ltd) C:\WINDOWS\system32\Brnsplg.dll
2016-01-14 18:32 - 2005-04-22 05:36 - 000143360 _____ C:\WINDOWS\system32\BrSNMP64.dll
2018-01-09 17:01 - 2012-06-14 13:55 - 000058880 _____ (Brother Industries,Ltd.) C:\WINDOWS\system32\BrWiaNCp.dll
2016-08-02 08:17 - 2016-07-01 04:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-09-29 14:42 - 2017-09-29 14:42 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcComImplementations.dll
2017-04-12 09:56 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2021-05-14 12:36 - 2020-06-19 21:05 - 002300928 _____ (Abysmal Software) C:\WINDOWS\system32\DevIL.dll
2019-06-23 17:34 - 2019-06-23 17:34 - 000016384 _____ C:\WINDOWS\system32\dfsc.dll
2019-06-23 17:34 - 2019-06-23 17:34 - 000014848 _____ C:\WINDOWS\system32\dfscacm.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 001210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dml.dll
2018-07-22 12:44 - 2018-06-15 18:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2013-02-26 07:31 - 2013-02-26 07:31 - 000071680 _____ (Beepa P/L) C:\WINDOWS\system32\frapsv64.dll
2013-04-20 16:57 - 2006-02-22 09:51 - 000027136 _____ (AVM Berlin GmbH) C:\WINDOWS\system32\FriDru64.dll
2013-04-20 16:57 - 2006-02-23 10:35 - 000020480 _____ C:\WINDOWS\system32\FritzColorPort64.dll
2013-04-20 16:57 - 2006-02-22 09:39 - 000020480 _____ C:\WINDOWS\system32\FritzPort64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemonitor.dll
2021-11-30 17:30 - 2021-12-16 18:13 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2019-07-10 18:57 - 2019-06-13 08:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2017-05-11 11:32 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 12:43 - 2016-07-16 23:56 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPPMon.dll
2018-07-22 12:44 - 2018-07-06 08:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Core.dll
2018-04-11 06:30 - 2018-03-30 04:28 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2016-03-09 07:26 - 2016-02-08 18:33 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2018-01-09 17:01 - 2012-11-02 10:15 - 000319488 _____ (brother) C:\WINDOWS\system32\NSSRH64.dll
2012-09-26 07:39 - 2012-08-21 22:01 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\OxpsConverter.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000049664 _____ C:\WINDOWS\system32\PerceptionSimulationInput.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneDataSync.dll
2015-03-03 21:44 - 2015-01-09 04:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\powertracker.dll
2012-07-14 09:20 - 2010-11-20 14:25 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushPrinterConnections.exe
2012-07-13 09:28 - 2012-04-26 06:34 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrmemptylst.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvcPAL.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmClientApi.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-07-16 12:43 - 2016-07-16 23:56 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeSubscription.exe
2015-09-09 11:15 - 2015-07-22 17:48 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\VrdUmed.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedic.exe
2012-11-14 12:53 - 2012-07-26 03:36 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wdfres.dll
2020-06-17 18:12 - 2017-11-10 11:51 - 000002560 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\wdfsconnectevtmsg.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Sets.dll
2016-03-09 07:26 - 2016-02-12 19:18 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2013-04-20 16:54 - 1998-11-17 11:44 - 000328704 _____ (InstallShield Software Corporation ) C:\WINDOWS\IsUn0407.exe
2020-09-24 16:16 - 1998-07-30 11:51 - 000305152 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2012-12-18 05:08 - 2012-12-18 05:08 - 000286720 _____ (Indigo Rose Corporation) C:\WINDOWS\iun506.exe
2018-05-24 20:05 - 2018-05-24 20:04 - 000737280 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2013-09-06 12:41 - 2013-09-06 12:41 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2013-09-06 12:41 - 2013-09-06 12:41 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE
2013-04-04 16:03 - 2013-04-04 16:03 - 000717322 _____ C:\WINDOWS\unins000.exe
2009-08-11 21:21 - 2009-08-11 21:21 - 000087552 _____ C:\WINDOWS\SysWOW64\ac3config.exe
2013-02-27 20:22 - 2013-01-13 22:16 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 22:12 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 20:22 - 2013-01-13 22:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 22:11 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 22:11 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 22:17 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 22:11 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 20:22 - 2013-01-13 22:11 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 20:22 - 2013-01-13 22:11 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2009-01-10 23:16 - 2009-01-10 23:16 - 000108032 _____ C:\WINDOWS\SysWOW64\avi.dll
2021-05-14 12:36 - 2020-06-19 20:48 - 005376000 _____ (The Public) C:\WINDOWS\SysWOW64\AviSynth.dll
2009-01-10 23:15 - 2009-01-10 23:15 - 000097280 _____ C:\WINDOWS\SysWOW64\avs.dll
2009-01-10 23:15 - 2009-01-10 23:15 - 000102400 _____ C:\WINDOWS\SysWOW64\avss.dll
2004-04-13 07:35 - 2004-04-13 07:35 - 000797536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AXDIST.EXE
2007-02-02 00:19 - 2007-02-02 00:19 - 000150520 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_aac.dll
2007-02-02 00:19 - 2007-02-02 00:19 - 000012784 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_alac.dll
2007-02-02 00:19 - 2007-02-02 00:19 - 000033240 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_ape.dll
2007-02-02 00:19 - 2007-02-02 00:19 - 000023616 _____ (Un4seen Developments) C:\WINDOWS\SysWOW64\bass_flac.dll
2007-02-02 00:19 - 2007-02-02 00:19 - 000018888 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_mpc.dll
2007-02-02 00:19 - 2007-02-02 00:19 - 000008664 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_tta.dll
2007-02-02 00:19 - 2007-02-02 00:19 - 000028088 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_wv.dll
2018-01-09 17:01 - 2010-03-15 19:45 - 000073728 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2016-01-14 18:32 - 2007-12-13 22:16 - 000005632 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2018-01-09 17:01 - 2012-12-03 13:39 - 000002560 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cflapi.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000974848 _____ C:\WINDOWS\SysWOW64\cis-2.4.dll
1998-07-06 00:00 - 1998-07-06 00:00 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGDE.DLL
2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2004-04-13 08:35 - 2004-04-13 08:35 - 000206848 _____ (Frank Franzoni) C:\WINDOWS\SysWOW64\CopyP32.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2017-09-29 14:42 - 2017-09-29 14:42 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreShellExtFramework.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2021-05-14 12:36 - 2020-06-19 20:48 - 002047488 _____ (Abysmal Software) C:\WINDOWS\SysWOW64\DevIL.dll
2014-06-12 22:01 - 2014-06-12 22:01 - 000009216 _____ C:\WINDOWS\SysWOW64\dfsc.dll
2019-06-23 17:34 - 2019-06-23 17:34 - 000013312 _____ C:\WINDOWS\SysWOW64\dfsc32.dll
2014-06-12 22:08 - 2014-06-12 22:08 - 000010752 _____ C:\WINDOWS\SysWOW64\dfscacm.dll
2019-06-23 17:34 - 2019-06-23 17:34 - 000012288 _____ C:\WINDOWS\SysWOW64\dfscacm32.dll
2014-09-17 17:54 - 2011-05-13 11:16 - 000493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2009-05-01 22:02 - 2009-05-01 22:02 - 000685056 _____ (DivX, Inc.) C:\WINDOWS\SysWOW64\DivX.dll
2009-05-01 22:03 - 2009-05-01 22:03 - 000528384 _____ (DivX Inc.) C:\WINDOWS\SysWOW64\DivXsm.exe
2007-04-27 09:43 - 2007-04-27 09:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 001161216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dml.dll
2009-05-01 22:02 - 2009-05-01 22:02 - 000090112 _____ (DivX, Inc.) C:\WINDOWS\SysWOW64\dpl100.dll
2008-08-05 22:59 - 2008-08-05 22:59 - 000294912 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpu11.dll
2008-08-05 22:59 - 2008-08-05 22:59 - 000593920 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpuGUI11.dll
2008-08-05 22:59 - 2008-08-05 22:59 - 000344064 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpus11.dll
2008-08-05 22:59 - 2008-08-05 22:59 - 000057344 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpv11.dll
2009-01-10 23:15 - 2009-01-10 23:15 - 000103424 _____ C:\WINDOWS\SysWOW64\dsmux.exe
2008-08-05 22:59 - 2008-08-05 22:59 - 000196608 _____ (DivX, Inc.) C:\WINDOWS\SysWOW64\dtu100.dll
2009-01-10 23:15 - 2009-01-10 23:15 - 000246784 _____ C:\WINDOWS\SysWOW64\dxr.dll
1998-07-06 00:00 - 1998-07-06 00:00 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL
2012-11-12 17:50 - 2004-03-05 12:52 - 008876032 _____ (Acclaim Software Ltd) C:\WINDOWS\SysWOW64\FocusMag.dll
2013-02-26 07:31 - 2013-02-26 07:31 - 000065536 _____ (Beepa P/L) C:\WINDOWS\SysWOW64\frapsvid.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamemonitor.dll
2013-08-26 18:53 - 2013-08-16 13:56 - 000216064 _____ C:\WINDOWS\SysWOW64\gcapi_dll.dll
2009-01-10 23:16 - 2009-01-10 23:16 - 000335872 _____ C:\WINDOWS\SysWOW64\gdsmux.exe
2007-07-05 02:33 - 2007-07-05 02:33 - 000892928 _____ (Free Software Foundation) C:\WINDOWS\SysWOW64\iconv.dll
2017-03-17 09:57 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
1997-02-26 00:00 - 1997-02-26 00:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETDE.DLL
2016-07-16 12:44 - 2016-07-16 23:56 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000081920 _____ C:\WINDOWS\SysWOW64\issacapi_bs-2.3.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000065536 _____ C:\WINDOWS\SysWOW64\issacapi_pe-2.3.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000057344 _____ C:\WINDOWS\SysWOW64\issacapi_se-2.3.dll
2013-12-10 21:48 - 2013-12-10 21:48 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsIntl.dll
2009-05-01 22:02 - 2009-05-01 22:02 - 001044480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libdivx.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MACXMLProto.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000118784 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MaDRM.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000049152 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaJGUILib.dll
2011-12-23 19:58 - 2012-06-26 08:02 - 000045320 _____ (MARKANY) C:\WINDOWS\SysWOW64\MAMACExtract.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsTelemetry.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000024576 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MASetupCleaner.exe
2011-12-23 19:58 - 2011-12-23 19:58 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaXMLProto.dll
2012-07-19 16:21 - 1998-06-17 19:07 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42DEU.DLL
2012-07-19 16:21 - 1998-06-17 02:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42LOC.DLL
2002-01-05 03:48 - 2002-01-05 03:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2002-01-05 03:36 - 2002-01-05 03:36 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2003-10-17 05:44 - 2003-10-17 05:44 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2009-01-10 23:14 - 2009-01-10 23:14 - 000023552 _____ C:\WINDOWS\SysWOW64\mkunicode.dll
2009-01-10 23:15 - 2009-01-10 23:15 - 000135168 _____ C:\WINDOWS\SysWOW64\mkv2vfr.exe
2009-01-10 23:16 - 2009-01-10 23:16 - 000148480 _____ C:\WINDOWS\SysWOW64\mkx.dll
2009-01-10 23:14 - 2009-01-10 23:14 - 000079360 _____ C:\WINDOWS\SysWOW64\mkzlib.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000057344 _____ (Marktek) C:\WINDOWS\SysWOW64\MK_Lyric.dll
2009-01-10 23:15 - 2009-01-10 23:15 - 000159744 _____ C:\WINDOWS\SysWOW64\mmfinfo.dll
2009-01-10 23:16 - 2009-01-10 23:16 - 000141312 _____ C:\WINDOWS\SysWOW64\mp4.dll
2017-07-16 19:53 - 2012-09-02 18:27 - 000161350 _____ C:\WINDOWS\SysWOW64\mpld.exe
1998-07-06 00:00 - 1998-07-06 00:00 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2011-12-23 19:58 - 2011-12-23 19:58 - 000245760 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSCLib.dll
1998-07-06 00:00 - 1998-07-06 00:00 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2012-07-19 16:21 - 1998-06-30 13:13 - 000250128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl35.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000155648 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSFLib.dll
2016-03-09 07:26 - 2016-02-08 21:01 - 001155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2012-07-19 16:21 - 1998-06-30 13:13 - 001045776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet35.dll
2012-07-19 16:21 - 1998-06-30 13:12 - 000123664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Msjint35.dll
2012-07-19 16:21 - 1999-04-13 02:00 - 001234704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJT4JLT.DLL
2012-07-19 16:21 - 1998-06-30 13:12 - 000024848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter35.dll
2012-07-19 16:21 - 1998-06-30 13:13 - 000166160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus35.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000352256 _____ (Sample Corporation) C:\WINDOWS\SysWOW64\MSLUR71.dll
2012-07-19 16:21 - 1998-06-30 13:13 - 000250128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspdox35.dll
2012-07-19 16:21 - 1998-06-30 13:13 - 000252176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x35.dll
2012-07-19 16:21 - 1998-06-30 13:18 - 000376592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRDO20.DLL
2012-07-19 16:21 - 1998-06-30 13:13 - 000407312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl35.dll
2004-02-23 00:00 - 2004-02-23 00:00 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2012-07-19 16:21 - 1998-06-30 13:13 - 000165648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext35.dll
2012-07-19 16:21 - 1998-07-30 05:23 - 001347344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVBVM50.DLL
2002-01-05 02:38 - 2002-01-05 02:38 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2002-01-05 02:40 - 2002-01-05 02:40 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll
2011-01-24 14:21 - 2011-01-24 14:21 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2011-01-24 14:21 - 2011-01-24 14:21 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2011-01-24 14:21 - 2011-01-24 14:21 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2012-07-19 16:21 - 1998-06-30 13:13 - 000287504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbse35.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000040960 _____ (Telechips Inc.,) C:\WINDOWS\SysWOW64\MTTELECHIP.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000057344 _____ (Marktek Inc.) C:\WINDOWS\SysWOW64\MTXSYNCICON.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000135168 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzaf1.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000491520 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.dll
2011-12-23 19:58 - 2011-12-23 19:58 - 000172032 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.exe
2011-12-23 19:58 - 2011-12-23 19:58 - 000200704 _____ ( (c) MusicCity) C:\WINDOWS\SysWOW64\muzwmts.dll
2012-08-19 12:13 - 2004-11-04 12:31 - 000835584 _____ (NCT) C:\WINDOWS\SysWOW64\NCTAudioCDGrabber2.dll
2012-08-19 12:13 - 2005-04-15 11:08 - 000880640 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioEditor2.dll
2012-08-19 12:13 - 2005-05-17 11:37 - 001986560 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\NCTAudioFile2.dll
2012-08-19 12:13 - 2005-05-18 10:52 - 001212416 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioInformation2.dll
2012-08-19 12:13 - 2005-04-25 12:01 - 000458752 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioPlayer2.dll
2012-08-19 12:13 - 2005-04-25 12:01 - 000458752 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioRecord2.dll
2012-08-19 12:13 - 2005-04-04 16:21 - 000602112 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioTransform2.dll
2012-08-19 12:13 - 2005-03-28 14:54 - 000479232 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTAudioVisualization2.dll
2012-08-19 12:13 - 2005-03-28 14:52 - 000417792 _____ (Online Media Technologies Ltd.) C:\WINDOWS\SysWOW64\NCTTextToAudio2.dll
2012-08-19 12:13 - 2005-02-24 10:51 - 000348160 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\NCTWMAFile2.dll
2018-01-09 17:01 - 2013-07-12 14:03 - 000214016 _____ (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2012-07-19 16:21 - 1998-10-03 11:00 - 000036864 _____ C:\WINDOWS\SysWOW64\ODBCSTF.DLL
2012-07-19 16:21 - 1998-06-30 13:16 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Odbctl32.dll
2009-01-10 23:15 - 2009-01-10 23:15 - 000120832 _____ C:\WINDOWS\SysWOW64\ogm.dll
2017-02-20 10:22 - 2017-02-20 10:22 - 000619008 _____ (Cisco Systems Inc.) C:\WINDOWS\SysWOW64\openh264-1.5.0-win32msvc.dll
2004-04-20 23:00 - 2004-04-20 23:00 - 000172032 _____ (Florin Ghido, FlorinGhido@yahoo.com) C:\WINDOWS\SysWOW64\OptimFROG.dll
2010-09-30 18:55 - 2010-09-30 18:55 - 000282624 _____ (Sub Systems, Inc. ) C:\WINDOWS\SysWOW64\PDC32.DLL
2010-08-10 14:49 - 2010-08-10 14:49 - 000149776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\phl.dll
2012-07-14 09:20 - 2009-07-14 02:16 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pmcsnap.dll
2012-07-14 09:20 - 2009-07-14 02:16 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ppcsnap.dll
2008-06-08 23:58 - 2008-06-08 23:58 - 000060273 _____ (Open Source Software community project) C:\WINDOWS\SysWOW64\pthreadGC2.dll
2012-07-14 09:20 - 2010-11-20 13:17 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PushPrinterConnections.exe
2008-11-06 17:37 - 2008-11-06 17:37 - 003596288 _____ C:\WINDOWS\SysWOW64\qt-dx331.dll
1998-07-06 00:00 - 1998-07-06 00:00 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXDE.DLL
2012-07-19 16:21 - 1998-06-30 13:18 - 000097552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdocurs.dll
2012-07-27 08:04 - 2013-02-05 17:53 - 004659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2010-10-08 14:44 - 2010-10-08 14:44 - 000122880 _____ (Sub Systems, Inc. ) C:\WINDOWS\SysWOW64\RPS32.DLL
2010-06-21 16:19 - 2010-06-21 16:19 - 000036864 _____ (TOSHIBA/MEI) C:\WINDOWS\SysWOW64\SDDEVMGR.dll
2006-05-31 15:35 - 2006-05-31 15:35 - 000190464 _____ (Tools & Components) C:\WINDOWS\SysWOW64\sevImLib.dll
2014-11-22 15:36 - 2006-09-26 06:44 - 000062464 _____ (Tools & Components) C:\WINDOWS\SysWOW64\sevLock.dll
2011-04-17 22:53 - 2011-04-17 22:53 - 000266240 _____ (Dieter Otter, Tools & Components) C:\WINDOWS\SysWOW64\sevZip40.dll
2014-09-17 17:54 - 2011-03-25 19:42 - 000338432 _____ C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2009-05-01 22:02 - 2009-05-01 22:02 - 000200704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssldivx.dll
1998-07-06 00:00 - 1998-07-06 00:00 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\STDFTDE.DLL
1998-07-06 00:00 - 1998-07-06 00:00 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTDE.DLL
2017-09-29 14:42 - 2017-09-29 14:42 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2010-10-07 20:44 - 2010-10-07 20:44 - 001597440 _____ (Sub Systems, Inc. ) C:\WINDOWS\SysWOW64\TER18.DLL
2017-09-29 14:42 - 2017-09-29 14:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tier2punctuations.dll
2009-01-10 23:17 - 2009-01-10 23:17 - 000163840 _____ C:\WINDOWS\SysWOW64\ts.dll
2012-07-19 16:21 - 1998-06-30 13:13 - 000078608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2000-10-02 00:00 - 2000-10-02 00:00 - 000125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2000-07-15 00:00 - 2000-07-15 00:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2012-07-19 16:21 - 1998-06-30 13:13 - 000368912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbar332.dll
2018-04-12 00:35 - 2018-04-12 17:19 - 000034304 _____ C:\WINDOWS\SysWOW64\vmstaging.dll
2004-12-10 10:03 - 2004-12-10 10:03 - 000438272 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2008-08-26 23:11 - 2008-08-26 23:11 - 000987136 _____ (Gabest) C:\WINDOWS\SysWOW64\VSFilter.dll
1998-07-06 00:00 - 1998-07-06 00:00 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKDE.DLL
2008-12-03 23:11 - 2008-12-03 23:11 - 000180224 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2010-04-09 21:08 - 2010-04-09 21:08 - 000094208 _____ C:\WINDOWS\SysWOW64\zmbv.dll
2013-04-04 16:03 - 2006-11-02 00:05 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devcon.exe
2013-12-06 00:47 - 2013-12-06 00:47 - 001838080 _____ (CPUID) C:\Users\Chef\AppData\Roaming\siw_sdk.dll
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=C:
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
default {current}
resumeobject {b167dd89-1dda-11eb-993e-a3d0754ed663}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Windows-Startladeprogramm
-------------------------
Bezeichner {6c8fceef-1de3-11eb-9e24-979fcc409b5f}
device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{6c8fcef0-1de3-11eb-9e24-979fcc409b5f}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale de-DE
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{6c8fcef0-1de3-11eb-9e24-979fcc409b5f}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {75521f88-ccfa-11e1-a07d-b82a7da9ff07}
device ramdisk=[C:]\Recovery\75521f88-ccfa-11e1-a07d-b82a7da9ff07\Winre.wim,{75521f89-ccfa-11e1-a07d-b82a7da9ff07}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\75521f88-ccfa-11e1-a07d-b82a7da9ff07\Winre.wim,{75521f89-ccfa-11e1-a07d-b82a7da9ff07}
systemroot \windows
nx OptIn
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale de-DE
inherit {bootloadersettings}
recoverysequence {6c8fceef-1de3-11eb-9e24-979fcc409b5f}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {b167dd89-1dda-11eb-993e-a3d0754ed663}
nx OptIn
bootmenupolicy Standard
Windows-Startladeprogramm
-------------------------
Bezeichner {e460204f-07e8-11ea-9dc2-bc5ff43b3d5c}
device partition=C:
path \YXgrppqbUFwr2V3K\YXgrppqbUFwr2V3K\system32\winload.exe
description SpyHunter 5: Advanced Malware Removal
osdevice partition=C:
systemroot \YXgrppqbUFwr2V3K\YXgrppqbUFwr2V3K
resumeobject {36232d53-07e9-11ea-9dc3-806e6f6e6963}
Windows-Startladeprogramm
-------------------------
Bezeichner {e4602050-07e8-11ea-9dc2-bc5ff43b3d5c}
device partition=C:
path \YXgrppqbUFwr2V3K\UYMhKrJBMrAtS2TC\system32\winload.exe
description SpyHunter 5: Advanced Malware Removal
osdevice partition=C:
systemroot \YXgrppqbUFwr2V3K\UYMhKrJBMrAtS2TC
resumeobject {53331e05-0838-11ea-9dc4-806e6f6e6963}
Windows-Startladeprogramm
-------------------------
Bezeichner {e4602051-07e8-11ea-9dc2-bc5ff43b3d5c}
device partition=C:
path \YXgrppqbUFwr2V3K\xB4KQZTnsLnpmt6F\system32\winload.exe
description SpyHunter 5: Advanced Malware Removal
osdevice partition=C:
systemroot \YXgrppqbUFwr2V3K\xB4KQZTnsLnpmt6F
resumeobject {b98e4828-120b-11ea-9dc7-806e6f6e6963}
Windows-Startladeprogramm
-------------------------
Bezeichner {e4602052-07e8-11ea-9dc2-bc5ff43b3d5c}
device partition=C:
path \YXgrppqbUFwr2V3K\gb49xgjtlsZxHe7d\system32\winload.exe
description SpyHunter 5: Advanced Malware Removal
osdevice partition=C:
systemroot \YXgrppqbUFwr2V3K\gb49xgjtlsZxHe7d
resumeobject {596e4fd7-184a-11ea-9dca-806e6f6e6963}
Windows-Startladeprogramm
-------------------------
Bezeichner {e9fb185a-5b23-11e6-85fb-e936f563aefe}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{e9fb185b-5b23-11e6-85fb-e936f563aefe}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale de-DE
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{e9fb185b-5b23-11e6-85fb-e936f563aefe}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {36232d53-07e9-11ea-9dc3-806e6f6e6963}
device partition=C:
path \YXgrppqbUFwr2V3K\YXgrppqbUFwr2V3K\system32\winresume.exe
description SpyHunter 5: Advanced Malware Removal
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {53331e05-0838-11ea-9dc4-806e6f6e6963}
device partition=C:
path \YXgrppqbUFwr2V3K\UYMhKrJBMrAtS2TC\system32\winresume.exe
description SpyHunter 5: Advanced Malware Removal
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {596e4fd7-184a-11ea-9dca-806e6f6e6963}
device partition=C:
path \YXgrppqbUFwr2V3K\gb49xgjtlsZxHe7d\system32\winresume.exe
description SpyHunter 5: Advanced Malware Removal
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {b167dd89-1dda-11eb-993e-a3d0754ed663}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
recoverysequence {6c8fceef-1de3-11eb-9e24-979fcc409b5f}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {b98e4828-120b-11ea-9dc7-806e6f6e6963}
device partition=C:
path \YXgrppqbUFwr2V3K\xB4KQZTnsLnpmt6F\system32\winresume.exe
description SpyHunter 5: Advanced Malware Removal
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows-Speicherdiagnose
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems No
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-----------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {6c8fcef0-1de3-11eb-9e24-979fcc409b5f}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume7
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Ger„teoptionen
--------------
Bezeichner {75521f89-ccfa-11e1-a07d-b82a7da9ff07}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\75521f88-ccfa-11e1-a07d-b82a7da9ff07\boot.sdi
==================== Ende von FRST.txt ========================
|
| Themen zu Bankseite wird auf andere Seite umgeleitet auf meinem Windows 10 Rechner. |
| administrator, adobe, antivirus, avast, coupons, defender, desktop, explorer, firefox, firewall, google, hijack, home, homepage, mozilla, no-ip, nvidia, opera, prozesse, registry, rundll, scan, software, system, usb, windows |
Baum-Darstellung