| |
| |||||||
Mülltonne: Hijack.StartpageWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
25.01.2024, 07:19
| #1 |
 |  Hijack.Startpage Habe mir nach Jahren wieder was nerviges eingefangen. Ich hoffe mache die ersten Schritte gleich richtig. Habe Scans mit Malwarebytes und OTL gemacht. Hier die Log-Dateien von Malwarebytes: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 25.01.24
Scan-Zeit: 06:41
Protokolldatei: 6f11d302-bb44-11ee-ab06-28dfeb5c0f7a.json
-Softwaredaten-
Version: 4.6.7.301
Komponentenversion: 1.0.2222
Version des Aktualisierungspakets: 1.0.80060
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 11 (Build 22621.3007)
CPU: x64
Dateisystem: NTFS
Benutzer: ATICKERT\Andre
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 261228
Erkannte Bedrohungen: 2
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 1 Min., 20 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 2
Hijack.StartPage, C:\USERS\ANDRE\APPDATA\LOCAL\MICROSOFT\EDGE\USER DATA\Default\Secure Preferences, Keine Aktion durch Benutzer, 4891, 1205031, 1.0.80060, , ame, , B29FF2AF0493B0F5970D229C14C1080A, A6500D94527906724DFA2FED0FBD91CB5763CC164C5BE763DF1FC96432DFBFA2
Hijack.StartPage, C:\USERS\ANDRE\APPDATA\LOCAL\MICROSOFT\EDGE\USER DATA\Default\Web Data, Keine Aktion durch Benutzer, 4891, 1205031, 1.0.80060, , ame, , B38071520C3858A2EBD4CBAAEB16EDEC, 5BEFC83D176C8661525CD8AB08A128BA24CDD8DF349F684CD7781D07495CB291
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Hier der OTL-Scan: Code:
ATTFilter OTL logfile created on: 25.01.2024 06:56:50 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andre\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.22621.0) Locale: 00000407 | Country: | Language: DEU | Date Format: dd.MM.yyyy 27,90 Gb Total Physical Memory | 17,81 Gb Available Physical Memory | 63,83% Memory free 29,65 Gb Paging File | 16,46 Gb Available in Paging File | 55,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 930,74 Gb Total Space | 9,78 Gb Free Space | 1,05% Space Free | Partition Type: NTFS Computer Name: ATICKERT | User Name: Andre | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\Andre\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\Common Files\Steam\steamservice.exe (Valve Corporation) PRC - C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\Discord.exe (Discord Inc.) PRC - C:\Programme\Avast Software\Avast\aswToolsSvc.exe (AVAST Software) PRC - C:\Programme\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe (Microsoft Corporation) PRC - C:\Programme\AtlasVPN\Bin\AtlasVPN.Worker.exe (AtlasVPN.Worker) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc.) PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation) PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) PRC - C:\Programme\AMD\Performance Profile Client\AUEPDU.exe (AMD) PRC - C:\Programme\KDService\bin\KDService.exe (KYOCERA Document Solutions Inc.) PRC - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_voice-3\discord_voice\discord_voice.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_voice-3\discord_voice\mediapipe.dll () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_voice-3\discord_voice\OPENH264-2.2.0-WIN32.DLL () MOD - C:\Program Files (x86)\Steam\video.dll () MOD - C:\Program Files (x86)\Steam\SDL3.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_krisp-1\discord_krisp\discord_krisp.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_dispatch-1\discord_dispatch\discord_dispatch.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_cloudsync-1\discord_cloudsync\discord_cloudsync.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_game_utils-1\discord_game_utils\discord_game_utils.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_utils-1\discord_utils\discord_utils.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_overlay2-1\discord_overlay2\discord_overlay2.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_media-1\discord_media\discord_media.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_erlpack-1\discord_erlpack\discord_erlpack.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_modules-1\discord_modules\discord_modules.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_utils-1\discord_utils\node_modules\windows-notification-state\build\Release\notificationstate.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_utils-1\discord_utils\node_modules\macos-notification-state\build\Release\notificationstate.node () MOD - C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\libglesv2.dll () MOD - C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\vk_swiftshader.dll () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\updater.node () MOD - C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\ffmpeg.dll () MOD - C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\libegl.dll () MOD - C:\Program Files (x86)\Steam\libswscale-5.dll () MOD - C:\Program Files (x86)\Steam\libavutil-56.dll () MOD - C:\Program Files (x86)\Steam\libavresample-4.dll () MOD - C:\Program Files (x86)\Steam\libavformat-58.dll () MOD - C:\Program Files (x86)\Steam\libavcodec-58.dll () MOD - C:\Windows\SysWOW64\GameManager32.dll () MOD - C:\Program Files (x86)\Steam\openvr_api.dll () ========== Services (SafeList) ========== SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation) SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation) SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation) SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) SRV:64bit: - (UdkUserSvc) -- C:\Windows\SysNative\windowsudkservices.shellcommon.dll (Microsoft Corporation) SRV:64bit: - (GameInputSvc) -- C:\Windows\SysNative\GameInputSvc.exe (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (avast! Tools) -- C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (AVAST Software) SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Avast Software\Avast\AvastSvc.exe (AVAST Software) SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation) SRV:64bit: - (FrameServerMonitor) -- C:\Windows\SysNative\FrameServerMonitor.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (DispBrokerDesktopSvc) -- C:\Windows\SysNative\DispBroker.Desktop.dll (Microsoft Corporation) SRV:64bit: - (PenService) -- C:\Windows\SysNative\PenService.dll (Microsoft Corporation) SRV:64bit: - (dcsvc) -- C:\Windows\SysNative\dcsvc.dll (Microsoft Corporation) SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation) SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation) SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation) SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation) SRV:64bit: - (InstallService) -- C:\Windows\SysNative\InstallService.dll (Microsoft Corporation) SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation) SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation) SRV:64bit: - (CloudBackupRestoreSvc) -- C:\Windows\SysNative\CloudRestoreLauncher.dll (Microsoft Corporation) SRV:64bit: - (WManSvc) -- C:\Windows\SysNative\Windows.Management.Service.dll (Microsoft Corporation) SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation) SRV:64bit: - (P9RdrService) -- C:\Windows\SysNative\p9rdrservice.dll (Microsoft Corporation) SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcvss.dll (Microsoft Corporation) SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation) SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (McpManagementService) -- C:\Windows\SysNative\McpManagementService.dll (Microsoft Corporation) SRV:64bit: - (ConsentUxUserSvc) -- C:\Windows\SysNative\ConsentUxClient.dll (Microsoft Corporation) SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation) SRV:64bit: - (cbdhsvc) -- C:\Windows\SysNative\CBDHSvc.dll (Microsoft Corporation) SRV:64bit: - (webthreatdefusersvc) -- C:\Windows\SysNative\webthreatdefusersvc.dll (Microsoft Corporation) SRV:64bit: - (perceptionsimulation) -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe (Microsoft Corporation) SRV:64bit: - (webthreatdefsvc) -- C:\Windows\SysNative\webthreatdefsvc.dll (Microsoft Corporation) SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation) SRV:64bit: - (SgrmBroker) -- C:\Windows\SysNative\Sgrm\SgrmBroker.exe (Microsoft Corporation) SRV:64bit: - (BcastDVRUserService) -- C:\Windows\SysNative\bcastdvruserservice.dll (Microsoft Corporation) SRV:64bit: - (DisplayEnhancementService) -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll (Microsoft Corporation) SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation) SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation) SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation) SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation) SRV:64bit: - (PrintWorkflowUserSvc) -- C:\Windows\SysNative\PrintWorkflowService.dll (Microsoft Corporation) SRV:64bit: - (NlaSvc) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation) SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (CaptureService) -- C:\Windows\SysNative\CaptureService.dll (Microsoft Corporation) SRV:64bit: - (InventorySvc) -- C:\Windows\SysNative\InventorySvc.dll (Microsoft Corporation) SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation) SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation) SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usosvc.dll (Microsoft Corporation) SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation) SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (NPSMSvc) -- C:\Windows\SysNative\NPSM.dll (Microsoft Corporation) SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation) SRV:64bit: - (GraphicsPerfSvc) -- C:\Windows\SysNative\GraphicsPerfSvc.dll (Microsoft Corporation) SRV:64bit: - (WarpJITSvc) -- C:\Windows\SysNative\Windows.WARP.JITService.dll (Microsoft Corporation) SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation) SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation) SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation) SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation) SRV:64bit: - (camsvc) -- C:\Windows\SysNative\CapabilityAccessManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationBrokerSvc) -- C:\Windows\SysNative\deviceaccess.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\psmsrv.dll (Microsoft Corporation) SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation) SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation) SRV:64bit: - (WaaSMedicSvc) -- C:\Windows\SysNative\WaaSMedicSvc.dll (Microsoft Corporation) SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation) SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation) SRV:64bit: - (PushToInstall) -- C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation) SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation) SRV:64bit: - (CredentialEnrollmentManagerUserSvc_1acc8ec2) -- C:\Windows\SysNative\CredentialEnrollmentManager.exe (Microsoft Corporation) SRV:64bit: - (CredentialEnrollmentManagerUserSvc) -- C:\Windows\SysNative\CredentialEnrollmentManager.exe (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation) SRV:64bit: - (WpcMonSvc) -- C:\Windows\SysNative\WpcDesktopMonSvc.dll (Microsoft Corporation) SRV:64bit: - (LxpSvc) -- C:\Windows\SysNative\LanguageOverlayServer.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (VacSvc) -- C:\Windows\SysNative\vac.dll (Microsoft Corporation) SRV:64bit: - (AarSvc) -- C:\Windows\SysNative\AarSvc.dll (Microsoft Corporation) SRV:64bit: - (TroubleshootingSvc) -- C:\Windows\SysNative\MitigationClient.dll (Microsoft Corporation) SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation) SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation) SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation) SRV:64bit: - (BTAGService) -- C:\Windows\SysNative\BTAGService.dll (Microsoft Corporation) SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation) SRV:64bit: - (BluetoothUserService) -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll (Microsoft Corporation) SRV:64bit: - (BthAvctpSvc) -- C:\Windows\SysNative\BthAvctpSvc.dll (Microsoft Corporation) SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation) SRV:64bit: - (AvastWscReporter) -- C:\Program Files\Avast Software\Avast\wsc_proxy.exe (AVAST Software) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\atiesrxx.exe (AMD) SRV:64bit: - (AMD Crash Defender Service) -- C:\Windows\SysNative\amdfendrsr.exe (Advanced Micro Devices, Inc.) SRV:64bit: - (MixedRealityOpenXRSvc) -- C:\Windows\SysNative\MixedRealityRuntime.dll (Microsoft Corporation) SRV:64bit: - (SharedRealitySvc) -- C:\Windows\SysNative\SharedRealitySvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (diagsvc) -- C:\Windows\SysNative\DiagSvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation) SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation) SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation) SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation) SRV:64bit: - (autotimesvc) -- C:\Windows\SysNative\autotimesvc.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (WpnUserService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (webthreatdefusersvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UserDataSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UnistoreSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UdkUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (PrintWorkflowUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (PimIndexMaintenanceSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (PenService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (P9RdrService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (OneSyncSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (NPSMSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (MessagingService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (DevicesFlowUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (DevicePickerUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (DeviceAssociationBrokerSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (ConsentUxUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (CloudBackupRestoreSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (CDPUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (cbdhsvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (CaptureService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (BluetoothUserService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (BcastDVRUserService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (AarSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation) SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation) SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation) SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation) SRV:64bit: - (DevicePickerUserSvc) -- C:\Windows\SysNative\Windows.Devices.Picker.dll (Microsoft Corporation) SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation) SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation) SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation) SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation) SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation) SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation) SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation) SRV:64bit: - (ssh-agent) -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe () SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (MicrosoftEdgeElevationService) -- C:\Program Files (x86)\Microsoft\Edge\Application\120.0.2210.144\elevation_service.exe (Microsoft Corporation) SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation) SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\steamservice.exe (Valve Corporation) SRV - (aswbIDSAgent) -- C:\Programme\Avast Software\Avast\aswidsagent.exe (AVAST Software) SRV - (MBAMService) -- C:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation) SRV - (tzautoupdate) -- C:\Windows\SysWOW64\tzautoupdate.dll (Microsoft Corporation) SRV - (InstallService) -- C:\Windows\SysWOW64\InstallService.dll (Microsoft Corporation) SRV - (wisvc) -- C:\Windows\SysWOW64\FlightSettings.dll (Microsoft Corporation) SRV - (OneDrive Updater Service) -- C:\Programme\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe (Microsoft Corporation) SRV - (FileSyncHelper) -- C:\Programme\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe (Microsoft Corporation) SRV - (AtlasVPN.Worker) -- C:\Programme\AtlasVPN\Bin\AtlasVPN.Worker.exe (AtlasVPN.Worker) SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation) SRV - (PrintWorkflowUserSvc) -- C:\Windows\SysWOW64\PrintWorkflowService.dll (Microsoft Corporation) SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation) SRV - (DeviceAssociationBrokerSvc) -- C:\Windows\SysWOW64\deviceaccess.dll (Microsoft Corporation) SRV - (NPSMSvc) -- C:\Windows\SysWOW64\NPSM.dll (Microsoft Corporation) SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation) SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) SRV - (BTAGService) -- C:\Windows\SysWOW64\BTAGService.dll (Microsoft Corporation) SRV - (AarSvc) -- C:\Windows\SysWOW64\AarSvc.dll (Microsoft Corporation) SRV - (WdNisSvc) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe (Microsoft Corporation) SRV - (uhssvc) -- C:\Programme\Microsoft Update Health Tools\uhssvc.exe (Microsoft Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc.) SRV - (AMD External Events Utility) -- C:\WINDOWS\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\atiesrxx.exe (AMD) SRV - (MixedRealityOpenXRSvc) -- C:\Windows\SysWOW64\MixedRealityRuntime.dll (Microsoft Corporation) SRV - (DevicePickerUserSvc) -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll (Microsoft Corporation) SRV - (AUEPLauncher) -- C:\Programme\AMD\Performance Profile Client\AUEPDU.exe (AMD) SRV - (KDService) -- C:\Programme\KDService\bin\KDService.exe (KYOCERA Document Solutions Inc.) SRV - (edgeupdatem) -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation) SRV - (edgeupdate) -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMChameleon) -- C:\Windows\SysNative\drivers\MbamChameleon.sys (Malwarebytes) DRV:64bit: - (P9Rdr) -- C:\Windows\SysNative\drivers\p9rdr.sys (Microsoft Corporation) DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (BthMini) -- C:\Windows\SysNative\drivers\BthMini.SYS (Microsoft Corporation) DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation) DRV:64bit: - (IPT) -- C:\Windows\SysNative\drivers\ipt.sys (Microsoft Corporation) DRV:64bit: - (aswArPot) -- C:\Windows\SysNative\drivers\aswArPot.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswNetHub) -- C:\Windows\SysNative\drivers\aswNetHub.sys (AVAST Software) DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsh.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniv.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software) DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswArDisk) -- C:\Windows\SysNative\drivers\aswArDisk.sys (AVAST Software) DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdriver.sys (AVAST Software) DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys (Malwarebytes) DRV:64bit: - (MbamElam) -- C:\Windows\SysNative\drivers\MbamElam.sys (Malwarebytes) DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation) DRV:64bit: - (Usb4DeviceRouter) -- C:\Windows\SysNative\DriverStore\FileRepository\usb4devicerouter.inf_amd64_b82adceab7e2e0cd\Usb4DeviceRouter.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (Usb4HostRouter) -- C:\Windows\SysNative\DriverStore\FileRepository\usb4hostrouter.inf_amd64_09c189c71f4a601b\Usb4HostRouter.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation) DRV:64bit: - (BthA2dp) -- C:\Windows\SysNative\drivers\BthA2dp.sys (Microsoft Corporation) DRV:64bit: - (MbbCx) -- C:\Windows\SysNative\drivers\MbbCx.sys (Microsoft Corporation) DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation) DRV:64bit: - (UCPD) -- C:\Windows\SysNative\drivers\UCPD.sys (Microsoft Corporation) DRV:64bit: - (aswElam) -- C:\Windows\SysNative\drivers\aswElam.sys (AVAST Software) DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (PktMon) -- C:\Windows\SysNative\drivers\PktMon.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (wtd) -- C:\Windows\SysNative\drivers\wtd.sys (Microsoft Corporation) DRV:64bit: - (SgrmAgent) -- C:\Windows\SysNative\drivers\SgrmAgent.sys (Microsoft Corporation) DRV:64bit: - (RoutePolicy) -- C:\Windows\SysNative\drivers\RoutePolicy.sys () DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation) DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation) DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation) DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation) DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation) DRV:64bit: - (ExecutionContext) -- C:\Windows\SysNative\drivers\ExecutionContext.sys (Microsoft Corporation) DRV:64bit: - (MsQuic) -- C:\Windows\SysNative\drivers\msquic.sys (Microsoft Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (Microsoft Corporation) DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_a479fc09885aecbd\UfxChipidea.sys (Microsoft Corporation) DRV:64bit: - (hidspi) -- C:\Windows\SysNative\drivers\hidspi.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (UcmUcsiAcpiClient) -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys (Microsoft Corporation) DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_1dcac3970ff32f7b\urschipidea.sys (Microsoft Corporation) DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_d123de445c8c5235\urssynopsys.sys (Microsoft Corporation) DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation) DRV:64bit: - (UcmUcsiCx0101) -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys (Microsoft Corporation) DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation) DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation) DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation) DRV:64bit: - (bfs) -- C:\Windows\SysNative\drivers\bfs.sys (Microsoft Corporation) DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation) DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation) DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation) DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation) DRV:64bit: - (bindflt) -- C:\Windows\SysNative\drivers\bindflt.sys (Microsoft Corporation) DRV:64bit: - (HidSpiCx) -- C:\Windows\SysNative\drivers\HidSpiCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (WifiCx) -- C:\Windows\SysNative\drivers\WifiCx.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_402645b3f1a80dd7\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation) DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation) DRV:64bit: - (umbus) -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_3702527f0d5a77cf\umbus.sys (Microsoft Corporation) DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation) DRV:64bit: - (Acx01000) -- C:\Windows\SysNative\drivers\Acx01000.sys (Microsoft Corporation) DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation) DRV:64bit: - (IntelPMT) -- C:\Windows\SysNative\drivers\IntelPMT.sys (Microsoft Corporation) DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\BthHfEnum.sys (Microsoft Corporation) DRV:64bit: - (BthHFAud) -- C:\Windows\SysNative\drivers\BthHfAud.sys (Microsoft Corporation) DRV:64bit: - (Microsoft_Bluetooth_AvrcpTransport) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys (Microsoft Corporation) DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation) DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation) DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\wd\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\wd\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (amdwddmg) -- C:\Windows\SysNative\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\amdkmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (CH341SER_A64) -- C:\Windows\SysNative\drivers\CH341S64.SYS (wch.cn) DRV:64bit: - (Netwtw12) -- C:\Windows\SysNative\DriverStore\FileRepository\netwtw6e.inf_amd64_4d2bf8e0a2f591ce\Netwtw12.sys (Intel Corporation) DRV:64bit: - (ibtusb) -- C:\Windows\SysNative\DriverStore\FileRepository\ibtusb.inf_amd64_45a68fe32dafa531\ibtusb.sys (Intel Corporation) DRV:64bit: - (amdfendrmgr) -- C:\Windows\SysNative\drivers\amdfendrmgr.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdfendr) -- C:\Windows\SysNative\drivers\amdfendr.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus2.sys (Samsung Electronics Co., Ltd.) DRV:64bit: - (ss_conn_usb_driver2) -- C:\Windows\SysNative\drivers\ss_conn_usb_driver2.sys (Samsung Electronics Co., Ltd.) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (Samsung Electronics Co., Ltd.) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (hvcrash) -- C:\Windows\SysNative\drivers\hvcrash.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (VirtualRender) -- C:\Windows\SysNative\DriverStore\FileRepository\vrd.inf_amd64_df3fa89d8f6bbc88\vrd.sys (Microsoft Corporation) DRV:64bit: - (NDKPing) -- C:\Windows\SysNative\drivers\NDKPing.sys (Microsoft Corporation) DRV:64bit: - (NDKPerf) -- C:\Windows\SysNative\drivers\NDKPerf.sys () DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (spaceparser) -- C:\Windows\SysNative\drivers\spaceparser.sys (Microsoft Corporation) DRV:64bit: - (afunix) -- C:\Windows\SysNative\drivers\afunix.sys (Microsoft Corporation) DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (bam) -- C:\Windows\SysNative\drivers\bam.sys (Microsoft Corporation) DRV:64bit: - (WdmCompanionFilter) -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation) DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation) DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_cea150c98a1ca844\genericusbfn.sys (Microsoft Corporation) DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation) DRV:64bit: - (CimFS) -- C:\WINDOWS\SysNative\drivers\cimfs.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation) DRV:64bit: - (portcfg) -- C:\Windows\SysNative\drivers\portcfg.sys (Microsoft Corporation) DRV:64bit: - (HwNClx0101) -- C:\Windows\SysNative\drivers\mshwnclx.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (Hsp) -- C:\Windows\SysNative\drivers\Hsp.sys (Microsoft Corporation) DRV:64bit: - (nvdimm) -- C:\Windows\SysNative\drivers\nvdimm.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_02da009b3d736cc1\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation) DRV:64bit: - (bttflt) -- C:\Windows\SysNative\drivers\bttflt.sys (Microsoft Corporation) DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications) DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox) DRV:64bit: - (iaStorAVC) -- C:\Windows\SysNative\drivers\iaStorAVC.sys (Intel Corporation) DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation) DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox) DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (SmartSAMD) -- C:\Windows\SysNative\drivers\SmartSAMD.sys (Microsemi Corportation) DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox) DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation) DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox) DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies) DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (pvscsi) -- C:\Windows\SysNative\drivers\pvscsii.sys (VMware, Inc.) DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (ItSas35i) -- C:\Windows\SysNative\drivers\ItSas35i.sys (Avago Technologies) DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies) DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation) DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI) DRV:64bit: - (megasas35i) -- C:\Windows\SysNative\drivers\megasas35i.sys (Broadcom Inc) DRV:64bit: - (nvmedisk) -- C:\Windows\SysNative\drivers\nvmedisk.sys (Microsoft Corporation) DRV:64bit: - (mpi3drvi) -- C:\Windows\SysNative\drivers\mpi3drvi.sys (Broadcom Limited) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies) DRV:64bit: - (UEFI) -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_3abb917fc03c6fa8\uefi.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (PRM) -- C:\Windows\SysNative\DriverStore\FileRepository\prm.inf_amd64_de435dc5c75d64a5\prm.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Marvell Semiconductor Inc.) DRV:64bit: - (ebdrv0) -- C:\Windows\SysNative\drivers\evbd0a.sys (QLogic Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation) DRV:64bit: - (Ramdisk) -- C:\Windows\SysNative\drivers\ramdisk.sys (Microsoft Corporation) DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation) DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_d84a235075a8ff73\swenum.sys (Microsoft Corporation) DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation) DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation) DRV:64bit: - (usbaudio2) -- C:\Windows\SysNative\drivers\usbaudio2.sys (Microsoft Corporation) DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation) DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation) DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_2e50c98177d80a40\CompositeBus.sys (Microsoft Corporation) DRV:64bit: - (iaLPSS2i_I2C_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_I2C_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation) DRV:64bit: - (AppleSSD) -- C:\Windows\SysNative\drivers\AppleSSD.sys (Apple Inc.) DRV:64bit: - (iaLPSS2i_GPIO2_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_GPIO2_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation) DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation) DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation) DRV:64bit: - (intelpmax) -- C:\Windows\SysNative\drivers\intelpmax.sys (Microsoft Corporation) DRV:64bit: - (GenPass) -- C:\Windows\SysNative\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys (Microsoft Corporation) DRV:64bit: - (amdi2c) -- C:\Windows\SysNative\drivers\amdi2c.sys (Advanced Micro Devices, Inc) DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation) DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation) DRV:64bit: - (AMDRyzenMasterDriverV19) -- C:\Windows\SysNative\AMDRyzenMasterDriver.sys (Advanced Micro Devices) DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek ) DRV:64bit: - (Netwtw10) -- C:\Windows\SysNative\DriverStore\FileRepository\netwtw6e.inf_amd64_ed6cba5ffa9fc767\Netwtw10.sys (Intel Corporation) DRV:64bit: - (AMDSAFD) -- C:\Windows\SysNative\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys (Advanced Micro Devices) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdWT6.sys (Advanced Micro Devices) DRV:64bit: - (AMDXE) -- C:\Windows\SysNative\drivers\amdxe.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdpsp) -- C:\Windows\SysNative\drivers\amdpsp.sys (Advanced Micro Devices, Inc. ) DRV:64bit: - (amdgpio3) -- C:\Windows\SysNative\drivers\amdgpio3.sys (Advanced Micro Devices, Inc) DRV:64bit: - (amdgpio2) -- C:\Windows\SysNative\drivers\amdgpio2.sys (Advanced Micro Devices, Inc) DRV - (Usb4DeviceRouter) -- C:\WINDOWS\System32\DriverStore\FileRepository\usb4devicerouter.inf_amd64_b82adceab7e2e0cd\Usb4DeviceRouter.sys (Microsoft Corporation) DRV - (Usb4HostRouter) -- C:\WINDOWS\System32\DriverStore\FileRepository\usb4hostrouter.inf_amd64_09c189c71f4a601b\Usb4HostRouter.sys (Microsoft Corporation) DRV - (UfxChipidea) -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_a479fc09885aecbd\UfxChipidea.sys (Microsoft Corporation) DRV - (UrsChipidea) -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_1dcac3970ff32f7b\urschipidea.sys (Microsoft Corporation) DRV - (UrsSynopsys) -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_d123de445c8c5235\urssynopsys.sys (Microsoft Corporation) DRV - (BasicRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_402645b3f1a80dd7\BasicRender.sys (Microsoft Corporation) DRV - (umbus) -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_3702527f0d5a77cf\umbus.sys (Microsoft Corporation) DRV - (amdwddmg) -- C:\WINDOWS\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\amdkmdag.sys (Advanced Micro Devices, Inc.) DRV - (Netwtw12) -- C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_4d2bf8e0a2f591ce\Netwtw12.sys (Intel Corporation) DRV - (ibtusb) -- C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_45a68fe32dafa531\ibtusb.sys (Intel Corporation) DRV - (VirtualRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_df3fa89d8f6bbc88\vrd.sys (Microsoft Corporation) DRV - (afunix) -- C:\Windows\SysWOW64\drivers\afunix.sys (Microsoft Corporation) DRV - (genericusbfn) -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_cea150c98a1ca844\genericusbfn.sys (Microsoft Corporation) DRV - (BasicDisplay) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_02da009b3d736cc1\BasicDisplay.sys (Microsoft Corporation) DRV - (UEFI) -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_3abb917fc03c6fa8\UEFI.sys (Microsoft Corporation) DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_d84a235075a8ff73\swenum.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_2e50c98177d80a40\CompositeBus.sys (Microsoft Corporation) DRV - (Netwtw10) -- C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_ed6cba5ffa9fc767\Netwtw10.sys (Intel Corporation) DRV - (AMDSAFD) -- C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys (Advanced Micro Devices) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.region: "DE" FF - prefs.js..browser.search.separatePrivateDefault.urlbarResult.enabled: false FF - prefs.js..browser.startup.homepage: "https://www.spiegel.de/" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.361.2: C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.361.2: C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@vlc.de/vlc,version=3.0.16: C:\Program Files\VLC Plus Player\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 122.0\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 122.0\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\com.microsoft.defender.browser_extension.native_message_host\\: C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.23090.2008-0\COM.MICROSOFT.DEFENDER.BE.FIREFOX.JSON [2023.10.05 05:51:39 | 000,000,310 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 122.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 122.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2022.02.09 21:23:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andre\AppData\Roaming\mozilla\Extensions [2023.11.05 18:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andre\AppData\Roaming\mozilla\Firefox\Profiles\zvcv4vmd.default-release\extension-store [2022.02.09 21:23:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andre\AppData\Roaming\mozilla\Firefox\Profiles\zvcv4vmd.default-release\storage\default\moz-extension+++09469495-5399-4b00-a3aa-7047153267b6^userContextId=4294967295 [2023.09.28 18:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andre\AppData\Roaming\mozilla\Firefox\Profiles\zvcv4vmd.default-release\storage\default\moz-extension+++09469495-5399-4b00-a3aa-7047153267b6^userContextId=4294967295\idb O1 HOSTS File: ([2021.06.05 13:08:54 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\120.0.2210.144\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.8.0_361\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre1.8.0_361\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\120.0.2210.144\BHO\ie_to_edge_bho.dll (Microsoft Corporation) O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\Avast Software\Avast\AvLaunch.exe (AVAST Software) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [VDownloader] C:\Programme\VDownloader\VDownloader5.exe (Vitzo Inc.) O4 - HKCU..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted File not found O4 - HKCU..\Run: [Discord] "C:\Users\Andre\AppData\Local\Discord\Update.exe" --processStart Discord.exe File not found O4 - HKCU..\Run: [MicrosoftEdgeAutoLaunch_0A9DA7EA2F0097BA878B1731B123F49D] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) O4 - HKCU..\Run: [OneDrive] C:\Program Files\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation) O4 - HKCU..\Run: [Opera Stable] C:\Users\Andre\AppData\Local\Programs\Opera\launcher.exe (Opera Software) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [VLC Plus Player Updater] C:\Users\Andre\AppData\Local\VLC Plus Player Updater\Updater.exe () O4 - Startup: C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitCleaner Tasker.lnk = C:\Users\Andre\AppData\Roaming\BitCleaner\BitCleaner Tasker.exe (Binarylabs LTD ) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1 O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105 File not found O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\nlansp_c.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\nlansp_c.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75169d28-bd20-42d6-a903-816568201c94}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ba11a7eb-abc4-4ddf-96b7-1b2a9423a06e}: DhcpNameServer = 192.168.20.1 O18:64bit: - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2024.01.13 23:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2024.01.13 19:18:03 | 000,222,784 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys [2024.01.13 17:08:07 | 011,208,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntkrla57.exe [2024.01.13 17:08:05 | 003,815,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2024.01.13 17:08:05 | 002,703,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll [2024.01.13 17:08:05 | 001,179,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll [2024.01.13 17:08:05 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSHExtensions.dll [2024.01.13 17:08:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll [2024.01.13 17:08:04 | 007,758,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2024.01.13 17:08:04 | 006,084,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2024.01.13 17:08:04 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sqlsrv32.dll [2024.01.13 17:08:04 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll [2024.01.13 17:08:02 | 020,370,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2024.01.13 17:08:02 | 001,188,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\archiveint.dll [2024.01.13 17:08:02 | 000,148,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\p9rdr.sys [2024.01.13 17:08:02 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll [2024.01.13 17:08:01 | 009,228,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2024.01.13 17:08:01 | 000,794,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sqlsrv32.dll [2024.01.13 17:08:01 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll [2024.01.13 17:08:01 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl [2024.01.13 17:07:59 | 027,086,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2024.01.13 17:07:59 | 001,421,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\archiveint.dll [2024.01.13 17:07:45 | 001,967,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe [2024.01.13 17:07:45 | 001,779,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe [2024.01.13 17:07:45 | 001,416,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi [2024.01.13 17:07:45 | 000,872,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe [2024.01.13 17:07:45 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll [2024.01.13 17:07:45 | 000,263,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll [2024.01.13 17:07:45 | 000,198,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll [2024.01.13 17:07:45 | 000,062,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll [2024.01.13 17:07:44 | 000,838,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll [2024.01.13 17:07:44 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll [2024.01.13 17:07:44 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll [2024.01.13 17:07:44 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockScreenData.dll [2024.01.13 17:07:44 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll [2024.01.13 17:07:44 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BitLockerCsp.dll [2024.01.13 17:07:44 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincredui.dll [2024.01.13 17:07:43 | 004,340,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe [2024.01.13 17:07:43 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scesrv.dll [2024.01.13 17:07:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll [2024.01.13 17:07:42 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAJApi.dll [2024.01.13 17:07:42 | 000,525,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Internal.FrameworkUdk.System.dll [2024.01.13 17:07:41 | 014,986,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2024.01.13 17:07:41 | 004,435,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2024.01.13 17:07:41 | 004,338,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll [2024.01.13 17:07:41 | 003,757,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windowsudk.shellcommon.dll [2024.01.13 17:07:40 | 001,974,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll [2024.01.13 17:07:40 | 001,094,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll [2024.01.13 17:07:40 | 001,094,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.WASDK.dll [2024.01.13 17:07:40 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SmartcardCredentialProvider.dll [2024.01.13 17:07:40 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppcext.dll [2024.01.13 17:07:40 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themeui.dll [2024.01.13 17:07:39 | 004,722,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe [2024.01.13 17:07:39 | 002,291,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ServicingUAPI.dll [2024.01.13 17:07:39 | 000,422,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemSettings.DataModel.dll [2024.01.13 17:07:39 | 000,283,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreCommonProxyStub.dll [2024.01.13 17:07:38 | 001,736,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2024.01.13 17:07:38 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmartcardCredentialProvider.dll [2024.01.13 17:07:37 | 003,592,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll [2024.01.13 17:07:37 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogonext.dll [2024.01.13 17:07:36 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2024.01.13 17:07:36 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll [2024.01.13 17:07:36 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll [2024.01.13 17:07:36 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll [2024.01.13 17:07:36 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenData.dll [2024.01.13 17:07:36 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll [2024.01.13 17:07:36 | 000,162,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll [2024.01.13 17:07:35 | 001,278,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll [2024.01.13 17:07:35 | 001,250,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll [2024.01.13 17:07:35 | 000,569,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys [2024.01.13 17:07:35 | 000,456,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys [2024.01.13 17:07:35 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerCsp.dll [2024.01.13 17:07:35 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincredui.dll [2024.01.13 17:07:35 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceMetadataRetrievalClient.dll [2024.01.13 17:07:34 | 001,638,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2024.01.13 17:07:34 | 001,526,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi [2024.01.13 17:07:34 | 001,274,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe [2024.01.13 17:07:34 | 000,546,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2024.01.13 17:07:34 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll [2024.01.13 17:07:34 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsaadt.dll [2024.01.13 17:07:34 | 000,153,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll [2024.01.13 17:07:33 | 001,662,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll [2024.01.13 17:07:33 | 001,185,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll [2024.01.13 17:07:33 | 000,699,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll [2024.01.13 17:07:33 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll [2024.01.13 17:07:33 | 000,282,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll [2024.01.13 17:07:33 | 000,199,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncrypt.dll [2024.01.13 17:07:32 | 012,076,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2024.01.13 17:07:32 | 001,997,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi [2024.01.13 17:07:32 | 001,670,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe [2024.01.13 17:07:32 | 001,332,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellAppRuntime.exe [2024.01.13 17:07:32 | 001,026,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll [2024.01.13 17:07:32 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scesrv.dll [2024.01.13 17:07:31 | 010,313,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll [2024.01.13 17:07:31 | 003,732,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskbar.dll [2024.01.13 17:07:31 | 000,488,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_DesktopTaskbar.dll [2024.01.13 17:07:31 | 000,234,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe [2024.01.13 17:07:30 | 003,817,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2024.01.13 17:07:30 | 003,261,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll [2024.01.13 17:07:30 | 001,339,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll [2024.01.13 17:07:30 | 000,166,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll [2024.01.13 17:07:30 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS [2024.01.13 17:07:29 | 004,435,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll [2024.01.13 17:07:29 | 003,194,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2024.01.13 17:07:29 | 002,764,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAJApi.dll [2024.01.13 17:07:29 | 000,724,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Internal.FrameworkUdk.System.dll [2024.01.13 17:07:29 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.Common.dll [2024.01.13 17:07:28 | 019,017,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2024.01.13 17:07:27 | 005,599,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll [2024.01.13 17:07:27 | 001,974,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll [2024.01.13 17:07:27 | 000,447,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll [2024.01.13 17:07:27 | 000,407,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInputInbox.dll [2024.01.13 17:07:27 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudkservices.shellcommon.dll [2024.01.13 17:07:27 | 000,071,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInputSvc.exe [2024.01.13 17:07:26 | 005,718,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2024.01.13 17:07:26 | 005,173,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll [2024.01.13 17:07:26 | 000,692,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll [2024.01.13 17:07:26 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll [2024.01.13 17:07:25 | 005,319,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2024.01.13 17:07:25 | 001,073,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys [2024.01.13 17:07:25 | 000,741,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll [2024.01.13 17:07:25 | 000,615,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.DataModel.dll [2024.01.13 17:07:25 | 000,220,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsBroker.exe [2024.01.13 17:07:25 | 000,169,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hspfw.dll [2024.01.13 17:07:25 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Win32_DeviceGuard.dll [2024.01.13 17:07:22 | 001,803,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll [2024.01.13 17:07:22 | 000,716,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreCommonProxyStub.dll [2024.01.13 17:07:22 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ManageCI.dll [2024.01.13 17:07:22 | 000,099,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ipt.sys [2024.01.13 17:03:18 | 000,000,000 | -H-D | C] -- C:\$WinREAgent [2024.01.11 07:44:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2024.01.05 10:19:30 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Roaming\JAM Software [2024.01.05 10:19:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free [2024.01.05 10:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software [2022.03.08 08:37:58 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Program Files (x86)\Common Files\keyhelp.ocx [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2024.01.25 06:46:42 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2024.01.25 06:40:50 | 3391,340,542 | -HS- | M] () -- C:\hiberfil.sys [2024.01.19 21:05:57 | 000,000,638 | ---- | M] () -- C:\WINDOWS\tasks\TrackerAutoUpdate.job [2024.01.19 19:28:42 | 000,002,276 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Edge.lnk [2024.01.13 19:26:21 | 001,662,892 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2024.01.13 19:26:21 | 000,720,948 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2024.01.13 19:26:21 | 000,672,594 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2024.01.13 19:26:21 | 000,149,040 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2024.01.13 19:26:21 | 000,128,006 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2024.01.13 19:18:03 | 000,222,784 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys [2024.01.13 19:17:58 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys [2024.01.13 17:21:46 | 000,615,936 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2024.01.13 17:08:07 | 011,208,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntkrla57.exe [2024.01.13 17:08:05 | 007,758,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2024.01.13 17:08:05 | 003,815,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2024.01.13 17:08:05 | 002,703,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll [2024.01.13 17:08:05 | 001,179,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll [2024.01.13 17:08:05 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSHExtensions.dll [2024.01.13 17:08:05 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll [2024.01.13 17:08:04 | 020,370,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2024.01.13 17:08:04 | 006,084,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2024.01.13 17:08:04 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sqlsrv32.dll [2024.01.13 17:08:04 | 000,444,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll [2024.01.13 17:08:02 | 001,188,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\archiveint.dll [2024.01.13 17:08:02 | 000,148,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\p9rdr.sys [2024.01.13 17:08:02 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll [2024.01.13 17:08:01 | 009,228,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2024.01.13 17:08:01 | 000,794,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sqlsrv32.dll [2024.01.13 17:08:01 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll [2024.01.13 17:08:01 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl [2024.01.13 17:08:00 | 027,086,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2024.01.13 17:07:59 | 001,421,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\archiveint.dll [2024.01.13 17:07:45 | 001,967,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe [2024.01.13 17:07:45 | 001,779,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe [2024.01.13 17:07:45 | 001,416,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi [2024.01.13 17:07:45 | 000,872,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe [2024.01.13 17:07:45 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll [2024.01.13 17:07:45 | 000,263,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll [2024.01.13 17:07:45 | 000,198,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll [2024.01.13 17:07:45 | 000,062,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll [2024.01.13 17:07:45 | 000,017,008 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim [2024.01.13 17:07:44 | 000,838,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll [2024.01.13 17:07:44 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll [2024.01.13 17:07:44 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll [2024.01.13 17:07:44 | 000,287,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockScreenData.dll [2024.01.13 17:07:44 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll [2024.01.13 17:07:44 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BitLockerCsp.dll [2024.01.13 17:07:44 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincredui.dll [2024.01.13 17:07:43 | 004,340,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe [2024.01.13 17:07:43 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scesrv.dll [2024.01.13 17:07:43 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll [2024.01.13 17:07:42 | 014,986,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2024.01.13 17:07:42 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAJApi.dll [2024.01.13 17:07:42 | 000,525,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Internal.FrameworkUdk.System.dll [2024.01.13 17:07:41 | 004,435,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2024.01.13 17:07:41 | 004,338,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll [2024.01.13 17:07:41 | 003,757,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windowsudk.shellcommon.dll [2024.01.13 17:07:40 | 003,212,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll [2024.01.13 17:07:40 | 001,974,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll [2024.01.13 17:07:40 | 001,094,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll [2024.01.13 17:07:40 | 001,094,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.WASDK.dll [2024.01.13 17:07:40 | 000,670,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SmartcardCredentialProvider.dll [2024.01.13 17:07:40 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppcext.dll [2024.01.13 17:07:40 | 000,407,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themeui.dll [2024.01.13 17:07:39 | 004,722,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe [2024.01.13 17:07:39 | 002,291,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ServicingUAPI.dll [2024.01.13 17:07:39 | 000,422,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemSettings.DataModel.dll [2024.01.13 17:07:39 | 000,283,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreCommonProxyStub.dll [2024.01.13 17:07:38 | 001,736,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2024.01.13 17:07:38 | 000,872,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmartcardCredentialProvider.dll [2024.01.13 17:07:37 | 003,592,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll [2024.01.13 17:07:37 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogonext.dll [2024.01.13 17:07:36 | 006,103,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2024.01.13 17:07:36 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll [2024.01.13 17:07:36 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll [2024.01.13 17:07:36 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll [2024.01.13 17:07:36 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenData.dll [2024.01.13 17:07:36 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll [2024.01.13 17:07:36 | 000,162,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll [2024.01.13 17:07:35 | 001,526,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi [2024.01.13 17:07:35 | 001,278,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll [2024.01.13 17:07:35 | 001,250,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll [2024.01.13 17:07:35 | 000,569,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys [2024.01.13 17:07:35 | 000,456,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys [2024.01.13 17:07:35 | 000,294,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerCsp.dll [2024.01.13 17:07:35 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincredui.dll [2024.01.13 17:07:35 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceMetadataRetrievalClient.dll [2024.01.13 17:07:34 | 001,638,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2024.01.13 17:07:34 | 001,274,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe [2024.01.13 17:07:34 | 000,546,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2024.01.13 17:07:34 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll [2024.01.13 17:07:34 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsaadt.dll [2024.01.13 17:07:34 | 000,153,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll [2024.01.13 17:07:33 | 012,076,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2024.01.13 17:07:33 | 001,662,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll [2024.01.13 17:07:33 | 001,185,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll [2024.01.13 17:07:33 | 000,699,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll [2024.01.13 17:07:33 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll [2024.01.13 17:07:33 | 000,282,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll [2024.01.13 17:07:33 | 000,199,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncrypt.dll [2024.01.13 17:07:32 | 001,997,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi [2024.01.13 17:07:32 | 001,670,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe [2024.01.13 17:07:32 | 001,332,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellAppRuntime.exe [2024.01.13 17:07:32 | 001,026,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll [2024.01.13 17:07:32 | 000,565,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scesrv.dll [2024.01.13 17:07:31 | 010,313,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll [2024.01.13 17:07:31 | 003,732,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskbar.dll [2024.01.13 17:07:31 | 003,261,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll [2024.01.13 17:07:31 | 000,488,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_DesktopTaskbar.dll [2024.01.13 17:07:31 | 000,234,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe [2024.01.13 17:07:30 | 003,817,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2024.01.13 17:07:30 | 003,194,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2024.01.13 17:07:30 | 001,339,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll [2024.01.13 17:07:30 | 000,166,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll [2024.01.13 17:07:30 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS [2024.01.13 17:07:29 | 019,017,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2024.01.13 17:07:29 | 004,435,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll [2024.01.13 17:07:29 | 002,764,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAJApi.dll [2024.01.13 17:07:29 | 000,724,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Internal.FrameworkUdk.System.dll [2024.01.13 17:07:29 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.Common.dll [2024.01.13 17:07:28 | 005,599,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll [2024.01.13 17:07:27 | 005,173,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll [2024.01.13 17:07:27 | 001,974,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll [2024.01.13 17:07:27 | 000,447,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll [2024.01.13 17:07:27 | 000,407,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInputInbox.dll [2024.01.13 17:07:27 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudkservices.shellcommon.dll [2024.01.13 17:07:27 | 000,071,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInputSvc.exe [2024.01.13 17:07:26 | 005,718,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2024.01.13 17:07:26 | 000,692,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll [2024.01.13 17:07:26 | 000,585,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll [2024.01.13 17:07:25 | 005,319,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2024.01.13 17:07:25 | 001,073,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys [2024.01.13 17:07:25 | 000,741,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll [2024.01.13 17:07:25 | 000,615,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.DataModel.dll [2024.01.13 17:07:25 | 000,220,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsBroker.exe [2024.01.13 17:07:25 | 000,169,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hspfw.dll [2024.01.13 17:07:25 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Win32_DeviceGuard.dll [2024.01.13 17:07:25 | 000,016,720 | ---- | M] () -- C:\WINDOWS\SysNative\IntegratedServicesRegionPolicySet.json [2024.01.13 17:07:22 | 001,803,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll [2024.01.13 17:07:22 | 000,716,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreCommonProxyStub.dll [2024.01.13 17:07:22 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ManageCI.dll [2024.01.13 17:07:22 | 000,099,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ipt.sys [2024.01.12 20:09:37 | 000,002,233 | ---- | M] () -- C:\Users\Andre\OneDrive\Desktop\Discord.lnk [2024.01.04 11:53:39 | 000,002,386 | ---- | M] () -- C:\Users\Andre\OneDrive\Desktop\CornelsenOfflineLernen.lnk [2024.01.04 09:58:39 | 001,555,339 | ---- | M] () -- C:\Users\Andre\OneDrive\Desktop\Scan20240104095720_1.jpeg [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2024.01.13 19:26:21 | 000,720,948 | ---- | C] () -- C:\WINDOWS\SysNative\perfh007.dat [2024.01.13 19:26:21 | 000,672,594 | ---- | C] () -- C:\WINDOWS\SysNative\perfh009.dat [2024.01.13 19:26:21 | 000,149,040 | ---- | C] () -- C:\WINDOWS\SysNative\perfc007.dat [2024.01.13 19:26:21 | 000,128,006 | ---- | C] () -- C:\WINDOWS\SysNative\perfc009.dat [2024.01.13 17:07:45 | 000,017,008 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim [2024.01.13 17:07:25 | 000,016,720 | ---- | C] () -- C:\WINDOWS\SysNative\IntegratedServicesRegionPolicySet.json [2024.01.05 10:19:30 | 000,001,401 | ---- | C] () -- C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSizeFree.lnk [2024.01.04 09:57:37 | 001,555,339 | ---- | C] () -- C:\Users\Andre\OneDrive\Desktop\Scan20240104095720_1.jpeg [2023.11.16 07:21:39 | 000,133,120 | ---- | C] () -- C:\WINDOWS\SysWow64\stordiag.exe [2023.11.16 07:21:38 | 000,070,616 | ---- | C] () -- C:\WINDOWS\SysWow64\wtdccm.dll [2023.11.16 07:20:49 | 000,090,624 | ---- | C] () -- C:\WINDOWS\SysWow64\WinUICohabitation.dll [2023.11.16 07:20:41 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll [2023.11.16 07:20:34 | 000,264,704 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll [2023.11.05 10:14:41 | 000,000,187 | ---- | C] () -- C:\Users\Andre\.HBTM [2023.10.12 07:25:01 | 000,082,432 | ---- | C] () -- C:\WINDOWS\SysWow64\BluetoothOppPushClient.dll [2023.10.12 07:25:00 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\TaskManagerDataLayer.dll [2023.09.27 18:50:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\wiso.ini [2023.04.06 12:16:36 | 001,531,784 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-999-0-0-0.exe [2023.04.06 12:16:36 | 001,531,784 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe [2023.04.06 12:16:32 | 001,168,568 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-999-0-0-0.dll [2023.04.06 12:16:32 | 001,168,568 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll [2023.04.06 12:16:22 | 000,147,288 | ---- | C] () -- C:\WINDOWS\SysWow64\mantleaxl32.dll [2023.04.06 12:16:12 | 000,163,160 | ---- | C] () -- C:\WINDOWS\SysWow64\mantle32.dll [2023.04.06 12:16:08 | 000,457,600 | ---- | C] () -- C:\WINDOWS\SysWow64\GameManager32.dll [2023.04.06 12:13:52 | 000,404,400 | ---- | C] () -- C:\WINDOWS\SysWow64\atieah32.exe [2023.04.06 12:13:46 | 000,118,192 | ---- | C] () -- C:\WINDOWS\SysWow64\atidxx32.dll [2023.04.06 12:13:24 | 075,124,144 | ---- | C] () -- C:\WINDOWS\SysWow64\amd_comgr32.dll [2023.04.06 12:10:46 | 000,113,584 | ---- | C] () -- C:\WINDOWS\SysWow64\amdxc32.dll [2023.04.06 12:07:12 | 000,432,008 | ---- | C] () -- C:\WINDOWS\SysWow64\amdgfxinfo32.dll [2023.02.09 16:34:44 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2022.10.21 15:15:20 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat [2022.10.21 15:15:20 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat [2022.05.07 06:25:03 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2022.05.07 06:25:02 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2022.05.07 06:25:02 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config [2022.05.07 06:20:24 | 000,019,485 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat [2022.05.07 06:20:24 | 000,011,292 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr-v.dat [2022.05.07 06:20:21 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2022.05.07 06:20:19 | 000,057,856 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2022.05.07 06:19:56 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2022.05.07 06:19:54 | 000,016,384 | ---- | C] () -- C:\WINDOWS\SysWow64\BrokerFileDialog.dat [2022.05.07 06:19:52 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2022.05.07 06:19:51 | 003,635,200 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll [2022.05.07 06:19:48 | 000,022,720 | ---- | C] () -- C:\WINDOWS\SysWow64\camext.dll [2022.05.07 06:19:47 | 000,987,512 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfDspCpu.dll [2022.05.07 06:19:45 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2022.05.07 06:19:41 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2023.12.12 19:53:20 | 009,463,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2023.12.12 19:53:42 | 007,301,376 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2023.11.16 07:19:39 | 001,011,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2023.11.16 07:20:53 | 000,815,104 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2022.05.07 06:19:27 | 000,499,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Files - Unicode (All) ========== (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software? Adrenalin Edition) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition < End of report > |
| Themen zu Hijack.Startpage |
| adobe, antivirus, autorun, avast, cdrom, converter, defender, explorer, explorer.exe, firefox, format, logfile, malwarebytes, microsoft, opera, performance, programme, realtek, registry, secure, svchost.exe, usb, windows, winlogon, wma |
Baum-Darstellung