| |
| |||||||
Mülltonne: Hijack.StartpageWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
25.01.2024, 07:19
| #1 |
 |  Hijack.Startpage Habe mir nach Jahren wieder was nerviges eingefangen. Ich hoffe mache die ersten Schritte gleich richtig. Habe Scans mit Malwarebytes und OTL gemacht. Hier die Log-Dateien von Malwarebytes: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 25.01.24
Scan-Zeit: 06:41
Protokolldatei: 6f11d302-bb44-11ee-ab06-28dfeb5c0f7a.json
-Softwaredaten-
Version: 4.6.7.301
Komponentenversion: 1.0.2222
Version des Aktualisierungspakets: 1.0.80060
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 11 (Build 22621.3007)
CPU: x64
Dateisystem: NTFS
Benutzer: ATICKERT\Andre
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 261228
Erkannte Bedrohungen: 2
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 1 Min., 20 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 2
Hijack.StartPage, C:\USERS\ANDRE\APPDATA\LOCAL\MICROSOFT\EDGE\USER DATA\Default\Secure Preferences, Keine Aktion durch Benutzer, 4891, 1205031, 1.0.80060, , ame, , B29FF2AF0493B0F5970D229C14C1080A, A6500D94527906724DFA2FED0FBD91CB5763CC164C5BE763DF1FC96432DFBFA2
Hijack.StartPage, C:\USERS\ANDRE\APPDATA\LOCAL\MICROSOFT\EDGE\USER DATA\Default\Web Data, Keine Aktion durch Benutzer, 4891, 1205031, 1.0.80060, , ame, , B38071520C3858A2EBD4CBAAEB16EDEC, 5BEFC83D176C8661525CD8AB08A128BA24CDD8DF349F684CD7781D07495CB291
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Hier der OTL-Scan: Code:
ATTFilter OTL logfile created on: 25.01.2024 06:56:50 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andre\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.22621.0) Locale: 00000407 | Country: | Language: DEU | Date Format: dd.MM.yyyy 27,90 Gb Total Physical Memory | 17,81 Gb Available Physical Memory | 63,83% Memory free 29,65 Gb Paging File | 16,46 Gb Available in Paging File | 55,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 930,74 Gb Total Space | 9,78 Gb Free Space | 1,05% Space Free | Partition Type: NTFS Computer Name: ATICKERT | User Name: Andre | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\Andre\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\Common Files\Steam\steamservice.exe (Valve Corporation) PRC - C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\Discord.exe (Discord Inc.) PRC - C:\Programme\Avast Software\Avast\aswToolsSvc.exe (AVAST Software) PRC - C:\Programme\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe (Microsoft Corporation) PRC - C:\Programme\AtlasVPN\Bin\AtlasVPN.Worker.exe (AtlasVPN.Worker) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc.) PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation) PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) PRC - C:\Programme\AMD\Performance Profile Client\AUEPDU.exe (AMD) PRC - C:\Programme\KDService\bin\KDService.exe (KYOCERA Document Solutions Inc.) PRC - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_voice-3\discord_voice\discord_voice.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_voice-3\discord_voice\mediapipe.dll () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_voice-3\discord_voice\OPENH264-2.2.0-WIN32.DLL () MOD - C:\Program Files (x86)\Steam\video.dll () MOD - C:\Program Files (x86)\Steam\SDL3.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_krisp-1\discord_krisp\discord_krisp.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_dispatch-1\discord_dispatch\discord_dispatch.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_cloudsync-1\discord_cloudsync\discord_cloudsync.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_game_utils-1\discord_game_utils\discord_game_utils.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_utils-1\discord_utils\discord_utils.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_overlay2-1\discord_overlay2\discord_overlay2.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_media-1\discord_media\discord_media.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_erlpack-1\discord_erlpack\discord_erlpack.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_modules-1\discord_modules\discord_modules.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_utils-1\discord_utils\node_modules\windows-notification-state\build\Release\notificationstate.node () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\modules\discord_utils-1\discord_utils\node_modules\macos-notification-state\build\Release\notificationstate.node () MOD - C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\libglesv2.dll () MOD - C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\vk_swiftshader.dll () MOD - \\?\C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\updater.node () MOD - C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\ffmpeg.dll () MOD - C:\Users\Andre\AppData\Local\Discord\app-1.0.9030\libegl.dll () MOD - C:\Program Files (x86)\Steam\libswscale-5.dll () MOD - C:\Program Files (x86)\Steam\libavutil-56.dll () MOD - C:\Program Files (x86)\Steam\libavresample-4.dll () MOD - C:\Program Files (x86)\Steam\libavformat-58.dll () MOD - C:\Program Files (x86)\Steam\libavcodec-58.dll () MOD - C:\Windows\SysWOW64\GameManager32.dll () MOD - C:\Program Files (x86)\Steam\openvr_api.dll () ========== Services (SafeList) ========== SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation) SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation) SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation) SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) SRV:64bit: - (UdkUserSvc) -- C:\Windows\SysNative\windowsudkservices.shellcommon.dll (Microsoft Corporation) SRV:64bit: - (GameInputSvc) -- C:\Windows\SysNative\GameInputSvc.exe (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (avast! Tools) -- C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (AVAST Software) SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Avast Software\Avast\AvastSvc.exe (AVAST Software) SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation) SRV:64bit: - (FrameServerMonitor) -- C:\Windows\SysNative\FrameServerMonitor.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (DispBrokerDesktopSvc) -- C:\Windows\SysNative\DispBroker.Desktop.dll (Microsoft Corporation) SRV:64bit: - (PenService) -- C:\Windows\SysNative\PenService.dll (Microsoft Corporation) SRV:64bit: - (dcsvc) -- C:\Windows\SysNative\dcsvc.dll (Microsoft Corporation) SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation) SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation) SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation) SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation) SRV:64bit: - (InstallService) -- C:\Windows\SysNative\InstallService.dll (Microsoft Corporation) SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation) SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation) SRV:64bit: - (CloudBackupRestoreSvc) -- C:\Windows\SysNative\CloudRestoreLauncher.dll (Microsoft Corporation) SRV:64bit: - (WManSvc) -- C:\Windows\SysNative\Windows.Management.Service.dll (Microsoft Corporation) SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation) SRV:64bit: - (P9RdrService) -- C:\Windows\SysNative\p9rdrservice.dll (Microsoft Corporation) SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcvss.dll (Microsoft Corporation) SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation) SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (McpManagementService) -- C:\Windows\SysNative\McpManagementService.dll (Microsoft Corporation) SRV:64bit: - (ConsentUxUserSvc) -- C:\Windows\SysNative\ConsentUxClient.dll (Microsoft Corporation) SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation) SRV:64bit: - (cbdhsvc) -- C:\Windows\SysNative\CBDHSvc.dll (Microsoft Corporation) SRV:64bit: - (webthreatdefusersvc) -- C:\Windows\SysNative\webthreatdefusersvc.dll (Microsoft Corporation) SRV:64bit: - (perceptionsimulation) -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe (Microsoft Corporation) SRV:64bit: - (webthreatdefsvc) -- C:\Windows\SysNative\webthreatdefsvc.dll (Microsoft Corporation) SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation) SRV:64bit: - (SgrmBroker) -- C:\Windows\SysNative\Sgrm\SgrmBroker.exe (Microsoft Corporation) SRV:64bit: - (BcastDVRUserService) -- C:\Windows\SysNative\bcastdvruserservice.dll (Microsoft Corporation) SRV:64bit: - (DisplayEnhancementService) -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll (Microsoft Corporation) SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation) SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation) SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation) SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation) SRV:64bit: - (PrintWorkflowUserSvc) -- C:\Windows\SysNative\PrintWorkflowService.dll (Microsoft Corporation) SRV:64bit: - (NlaSvc) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation) SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (CaptureService) -- C:\Windows\SysNative\CaptureService.dll (Microsoft Corporation) SRV:64bit: - (InventorySvc) -- C:\Windows\SysNative\InventorySvc.dll (Microsoft Corporation) SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation) SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation) SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usosvc.dll (Microsoft Corporation) SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation) SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (NPSMSvc) -- C:\Windows\SysNative\NPSM.dll (Microsoft Corporation) SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation) SRV:64bit: - (GraphicsPerfSvc) -- C:\Windows\SysNative\GraphicsPerfSvc.dll (Microsoft Corporation) SRV:64bit: - (WarpJITSvc) -- C:\Windows\SysNative\Windows.WARP.JITService.dll (Microsoft Corporation) SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation) SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation) SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation) SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation) SRV:64bit: - (camsvc) -- C:\Windows\SysNative\CapabilityAccessManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationBrokerSvc) -- C:\Windows\SysNative\deviceaccess.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\psmsrv.dll (Microsoft Corporation) SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation) SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation) SRV:64bit: - (WaaSMedicSvc) -- C:\Windows\SysNative\WaaSMedicSvc.dll (Microsoft Corporation) SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation) SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation) SRV:64bit: - (PushToInstall) -- C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation) SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation) SRV:64bit: - (CredentialEnrollmentManagerUserSvc_1acc8ec2) -- C:\Windows\SysNative\CredentialEnrollmentManager.exe (Microsoft Corporation) SRV:64bit: - (CredentialEnrollmentManagerUserSvc) -- C:\Windows\SysNative\CredentialEnrollmentManager.exe (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation) SRV:64bit: - (WpcMonSvc) -- C:\Windows\SysNative\WpcDesktopMonSvc.dll (Microsoft Corporation) SRV:64bit: - (LxpSvc) -- C:\Windows\SysNative\LanguageOverlayServer.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (VacSvc) -- C:\Windows\SysNative\vac.dll (Microsoft Corporation) SRV:64bit: - (AarSvc) -- C:\Windows\SysNative\AarSvc.dll (Microsoft Corporation) SRV:64bit: - (TroubleshootingSvc) -- C:\Windows\SysNative\MitigationClient.dll (Microsoft Corporation) SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation) SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation) SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation) SRV:64bit: - (BTAGService) -- C:\Windows\SysNative\BTAGService.dll (Microsoft Corporation) SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation) SRV:64bit: - (BluetoothUserService) -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll (Microsoft Corporation) SRV:64bit: - (BthAvctpSvc) -- C:\Windows\SysNative\BthAvctpSvc.dll (Microsoft Corporation) SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation) SRV:64bit: - (AvastWscReporter) -- C:\Program Files\Avast Software\Avast\wsc_proxy.exe (AVAST Software) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\atiesrxx.exe (AMD) SRV:64bit: - (AMD Crash Defender Service) -- C:\Windows\SysNative\amdfendrsr.exe (Advanced Micro Devices, Inc.) SRV:64bit: - (MixedRealityOpenXRSvc) -- C:\Windows\SysNative\MixedRealityRuntime.dll (Microsoft Corporation) SRV:64bit: - (SharedRealitySvc) -- C:\Windows\SysNative\SharedRealitySvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (diagsvc) -- C:\Windows\SysNative\DiagSvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation) SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation) SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation) SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation) SRV:64bit: - (autotimesvc) -- C:\Windows\SysNative\autotimesvc.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (WpnUserService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (webthreatdefusersvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UserDataSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UnistoreSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UdkUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (PrintWorkflowUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (PimIndexMaintenanceSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (PenService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (P9RdrService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (OneSyncSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (NPSMSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (MessagingService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (DevicesFlowUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (DevicePickerUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (DeviceAssociationBrokerSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (ConsentUxUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (CloudBackupRestoreSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (CDPUserSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (cbdhsvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (CaptureService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (BluetoothUserService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (BcastDVRUserService_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (AarSvc_1acc8ec2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation) SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation) SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation) SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation) SRV:64bit: - (DevicePickerUserSvc) -- C:\Windows\SysNative\Windows.Devices.Picker.dll (Microsoft Corporation) SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation) SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation) SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation) SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation) SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation) SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation) SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation) SRV:64bit: - (ssh-agent) -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe () SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (MicrosoftEdgeElevationService) -- C:\Program Files (x86)\Microsoft\Edge\Application\120.0.2210.144\elevation_service.exe (Microsoft Corporation) SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation) SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\steamservice.exe (Valve Corporation) SRV - (aswbIDSAgent) -- C:\Programme\Avast Software\Avast\aswidsagent.exe (AVAST Software) SRV - (MBAMService) -- C:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation) SRV - (tzautoupdate) -- C:\Windows\SysWOW64\tzautoupdate.dll (Microsoft Corporation) SRV - (InstallService) -- C:\Windows\SysWOW64\InstallService.dll (Microsoft Corporation) SRV - (wisvc) -- C:\Windows\SysWOW64\FlightSettings.dll (Microsoft Corporation) SRV - (OneDrive Updater Service) -- C:\Programme\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe (Microsoft Corporation) SRV - (FileSyncHelper) -- C:\Programme\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe (Microsoft Corporation) SRV - (AtlasVPN.Worker) -- C:\Programme\AtlasVPN\Bin\AtlasVPN.Worker.exe (AtlasVPN.Worker) SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation) SRV - (PrintWorkflowUserSvc) -- C:\Windows\SysWOW64\PrintWorkflowService.dll (Microsoft Corporation) SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation) SRV - (DeviceAssociationBrokerSvc) -- C:\Windows\SysWOW64\deviceaccess.dll (Microsoft Corporation) SRV - (NPSMSvc) -- C:\Windows\SysWOW64\NPSM.dll (Microsoft Corporation) SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation) SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) SRV - (BTAGService) -- C:\Windows\SysWOW64\BTAGService.dll (Microsoft Corporation) SRV - (AarSvc) -- C:\Windows\SysWOW64\AarSvc.dll (Microsoft Corporation) SRV - (WdNisSvc) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe (Microsoft Corporation) SRV - (uhssvc) -- C:\Programme\Microsoft Update Health Tools\uhssvc.exe (Microsoft Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc.) SRV - (AMD External Events Utility) -- C:\WINDOWS\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\atiesrxx.exe (AMD) SRV - (MixedRealityOpenXRSvc) -- C:\Windows\SysWOW64\MixedRealityRuntime.dll (Microsoft Corporation) SRV - (DevicePickerUserSvc) -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll (Microsoft Corporation) SRV - (AUEPLauncher) -- C:\Programme\AMD\Performance Profile Client\AUEPDU.exe (AMD) SRV - (KDService) -- C:\Programme\KDService\bin\KDService.exe (KYOCERA Document Solutions Inc.) SRV - (edgeupdatem) -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation) SRV - (edgeupdate) -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMChameleon) -- C:\Windows\SysNative\drivers\MbamChameleon.sys (Malwarebytes) DRV:64bit: - (P9Rdr) -- C:\Windows\SysNative\drivers\p9rdr.sys (Microsoft Corporation) DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (BthMini) -- C:\Windows\SysNative\drivers\BthMini.SYS (Microsoft Corporation) DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation) DRV:64bit: - (IPT) -- C:\Windows\SysNative\drivers\ipt.sys (Microsoft Corporation) DRV:64bit: - (aswArPot) -- C:\Windows\SysNative\drivers\aswArPot.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswNetHub) -- C:\Windows\SysNative\drivers\aswNetHub.sys (AVAST Software) DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsh.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniv.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software) DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswArDisk) -- C:\Windows\SysNative\drivers\aswArDisk.sys (AVAST Software) DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdriver.sys (AVAST Software) DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys (Malwarebytes) DRV:64bit: - (MbamElam) -- C:\Windows\SysNative\drivers\MbamElam.sys (Malwarebytes) DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation) DRV:64bit: - (Usb4DeviceRouter) -- C:\Windows\SysNative\DriverStore\FileRepository\usb4devicerouter.inf_amd64_b82adceab7e2e0cd\Usb4DeviceRouter.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (Usb4HostRouter) -- C:\Windows\SysNative\DriverStore\FileRepository\usb4hostrouter.inf_amd64_09c189c71f4a601b\Usb4HostRouter.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation) DRV:64bit: - (BthA2dp) -- C:\Windows\SysNative\drivers\BthA2dp.sys (Microsoft Corporation) DRV:64bit: - (MbbCx) -- C:\Windows\SysNative\drivers\MbbCx.sys (Microsoft Corporation) DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation) DRV:64bit: - (UCPD) -- C:\Windows\SysNative\drivers\UCPD.sys (Microsoft Corporation) DRV:64bit: - (aswElam) -- C:\Windows\SysNative\drivers\aswElam.sys (AVAST Software) DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (PktMon) -- C:\Windows\SysNative\drivers\PktMon.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (wtd) -- C:\Windows\SysNative\drivers\wtd.sys (Microsoft Corporation) DRV:64bit: - (SgrmAgent) -- C:\Windows\SysNative\drivers\SgrmAgent.sys (Microsoft Corporation) DRV:64bit: - (RoutePolicy) -- C:\Windows\SysNative\drivers\RoutePolicy.sys () DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation) DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation) DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation) DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation) DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation) DRV:64bit: - (ExecutionContext) -- C:\Windows\SysNative\drivers\ExecutionContext.sys (Microsoft Corporation) DRV:64bit: - (MsQuic) -- C:\Windows\SysNative\drivers\msquic.sys (Microsoft Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (Microsoft Corporation) DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_a479fc09885aecbd\UfxChipidea.sys (Microsoft Corporation) DRV:64bit: - (hidspi) -- C:\Windows\SysNative\drivers\hidspi.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (UcmUcsiAcpiClient) -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys (Microsoft Corporation) DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_1dcac3970ff32f7b\urschipidea.sys (Microsoft Corporation) DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_d123de445c8c5235\urssynopsys.sys (Microsoft Corporation) DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation) DRV:64bit: - (UcmUcsiCx0101) -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys (Microsoft Corporation) DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation) DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation) DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation) DRV:64bit: - (bfs) -- C:\Windows\SysNative\drivers\bfs.sys (Microsoft Corporation) DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation) DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation) DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation) DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation) DRV:64bit: - (bindflt) -- C:\Windows\SysNative\drivers\bindflt.sys (Microsoft Corporation) DRV:64bit: - (HidSpiCx) -- C:\Windows\SysNative\drivers\HidSpiCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (WifiCx) -- C:\Windows\SysNative\drivers\WifiCx.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_402645b3f1a80dd7\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation) DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation) DRV:64bit: - (umbus) -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_3702527f0d5a77cf\umbus.sys (Microsoft Corporation) DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation) DRV:64bit: - (Acx01000) -- C:\Windows\SysNative\drivers\Acx01000.sys (Microsoft Corporation) DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation) DRV:64bit: - (IntelPMT) -- C:\Windows\SysNative\drivers\IntelPMT.sys (Microsoft Corporation) DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\BthHfEnum.sys (Microsoft Corporation) DRV:64bit: - (BthHFAud) -- C:\Windows\SysNative\drivers\BthHfAud.sys (Microsoft Corporation) DRV:64bit: - (Microsoft_Bluetooth_AvrcpTransport) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys (Microsoft Corporation) DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation) DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation) DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\wd\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\wd\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (amdwddmg) -- C:\Windows\SysNative\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\amdkmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (CH341SER_A64) -- C:\Windows\SysNative\drivers\CH341S64.SYS (wch.cn) DRV:64bit: - (Netwtw12) -- C:\Windows\SysNative\DriverStore\FileRepository\netwtw6e.inf_amd64_4d2bf8e0a2f591ce\Netwtw12.sys (Intel Corporation) DRV:64bit: - (ibtusb) -- C:\Windows\SysNative\DriverStore\FileRepository\ibtusb.inf_amd64_45a68fe32dafa531\ibtusb.sys (Intel Corporation) DRV:64bit: - (amdfendrmgr) -- C:\Windows\SysNative\drivers\amdfendrmgr.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdfendr) -- C:\Windows\SysNative\drivers\amdfendr.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus2.sys (Samsung Electronics Co., Ltd.) DRV:64bit: - (ss_conn_usb_driver2) -- C:\Windows\SysNative\drivers\ss_conn_usb_driver2.sys (Samsung Electronics Co., Ltd.) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (Samsung Electronics Co., Ltd.) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (hvcrash) -- C:\Windows\SysNative\drivers\hvcrash.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (VirtualRender) -- C:\Windows\SysNative\DriverStore\FileRepository\vrd.inf_amd64_df3fa89d8f6bbc88\vrd.sys (Microsoft Corporation) DRV:64bit: - (NDKPing) -- C:\Windows\SysNative\drivers\NDKPing.sys (Microsoft Corporation) DRV:64bit: - (NDKPerf) -- C:\Windows\SysNative\drivers\NDKPerf.sys () DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (spaceparser) -- C:\Windows\SysNative\drivers\spaceparser.sys (Microsoft Corporation) DRV:64bit: - (afunix) -- C:\Windows\SysNative\drivers\afunix.sys (Microsoft Corporation) DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (bam) -- C:\Windows\SysNative\drivers\bam.sys (Microsoft Corporation) DRV:64bit: - (WdmCompanionFilter) -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation) DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation) DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_cea150c98a1ca844\genericusbfn.sys (Microsoft Corporation) DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation) DRV:64bit: - (CimFS) -- C:\WINDOWS\SysNative\drivers\cimfs.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation) DRV:64bit: - (portcfg) -- C:\Windows\SysNative\drivers\portcfg.sys (Microsoft Corporation) DRV:64bit: - (HwNClx0101) -- C:\Windows\SysNative\drivers\mshwnclx.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (Hsp) -- C:\Windows\SysNative\drivers\Hsp.sys (Microsoft Corporation) DRV:64bit: - (nvdimm) -- C:\Windows\SysNative\drivers\nvdimm.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_02da009b3d736cc1\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation) DRV:64bit: - (bttflt) -- C:\Windows\SysNative\drivers\bttflt.sys (Microsoft Corporation) DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications) DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox) DRV:64bit: - (iaStorAVC) -- C:\Windows\SysNative\drivers\iaStorAVC.sys (Intel Corporation) DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation) DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox) DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (SmartSAMD) -- C:\Windows\SysNative\drivers\SmartSAMD.sys (Microsemi Corportation) DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox) DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation) DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox) DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies) DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (pvscsi) -- C:\Windows\SysNative\drivers\pvscsii.sys (VMware, Inc.) DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (ItSas35i) -- C:\Windows\SysNative\drivers\ItSas35i.sys (Avago Technologies) DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies) DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation) DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI) DRV:64bit: - (megasas35i) -- C:\Windows\SysNative\drivers\megasas35i.sys (Broadcom Inc) DRV:64bit: - (nvmedisk) -- C:\Windows\SysNative\drivers\nvmedisk.sys (Microsoft Corporation) DRV:64bit: - (mpi3drvi) -- C:\Windows\SysNative\drivers\mpi3drvi.sys (Broadcom Limited) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies) DRV:64bit: - (UEFI) -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_3abb917fc03c6fa8\uefi.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (PRM) -- C:\Windows\SysNative\DriverStore\FileRepository\prm.inf_amd64_de435dc5c75d64a5\prm.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Marvell Semiconductor Inc.) DRV:64bit: - (ebdrv0) -- C:\Windows\SysNative\drivers\evbd0a.sys (QLogic Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation) DRV:64bit: - (Ramdisk) -- C:\Windows\SysNative\drivers\ramdisk.sys (Microsoft Corporation) DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation) DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_d84a235075a8ff73\swenum.sys (Microsoft Corporation) DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation) DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation) DRV:64bit: - (usbaudio2) -- C:\Windows\SysNative\drivers\usbaudio2.sys (Microsoft Corporation) DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation) DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation) DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_2e50c98177d80a40\CompositeBus.sys (Microsoft Corporation) DRV:64bit: - (iaLPSS2i_I2C_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_I2C_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation) DRV:64bit: - (AppleSSD) -- C:\Windows\SysNative\drivers\AppleSSD.sys (Apple Inc.) DRV:64bit: - (iaLPSS2i_GPIO2_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_GPIO2_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation) DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation) DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation) DRV:64bit: - (intelpmax) -- C:\Windows\SysNative\drivers\intelpmax.sys (Microsoft Corporation) DRV:64bit: - (GenPass) -- C:\Windows\SysNative\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys (Microsoft Corporation) DRV:64bit: - (amdi2c) -- C:\Windows\SysNative\drivers\amdi2c.sys (Advanced Micro Devices, Inc) DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation) DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation) DRV:64bit: - (AMDRyzenMasterDriverV19) -- C:\Windows\SysNative\AMDRyzenMasterDriver.sys (Advanced Micro Devices) DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek ) DRV:64bit: - (Netwtw10) -- C:\Windows\SysNative\DriverStore\FileRepository\netwtw6e.inf_amd64_ed6cba5ffa9fc767\Netwtw10.sys (Intel Corporation) DRV:64bit: - (AMDSAFD) -- C:\Windows\SysNative\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys (Advanced Micro Devices) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdWT6.sys (Advanced Micro Devices) DRV:64bit: - (AMDXE) -- C:\Windows\SysNative\drivers\amdxe.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdpsp) -- C:\Windows\SysNative\drivers\amdpsp.sys (Advanced Micro Devices, Inc. ) DRV:64bit: - (amdgpio3) -- C:\Windows\SysNative\drivers\amdgpio3.sys (Advanced Micro Devices, Inc) DRV:64bit: - (amdgpio2) -- C:\Windows\SysNative\drivers\amdgpio2.sys (Advanced Micro Devices, Inc) DRV - (Usb4DeviceRouter) -- C:\WINDOWS\System32\DriverStore\FileRepository\usb4devicerouter.inf_amd64_b82adceab7e2e0cd\Usb4DeviceRouter.sys (Microsoft Corporation) DRV - (Usb4HostRouter) -- C:\WINDOWS\System32\DriverStore\FileRepository\usb4hostrouter.inf_amd64_09c189c71f4a601b\Usb4HostRouter.sys (Microsoft Corporation) DRV - (UfxChipidea) -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_a479fc09885aecbd\UfxChipidea.sys (Microsoft Corporation) DRV - (UrsChipidea) -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_1dcac3970ff32f7b\urschipidea.sys (Microsoft Corporation) DRV - (UrsSynopsys) -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_d123de445c8c5235\urssynopsys.sys (Microsoft Corporation) DRV - (BasicRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_402645b3f1a80dd7\BasicRender.sys (Microsoft Corporation) DRV - (umbus) -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_3702527f0d5a77cf\umbus.sys (Microsoft Corporation) DRV - (amdwddmg) -- C:\WINDOWS\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\amdkmdag.sys (Advanced Micro Devices, Inc.) DRV - (Netwtw12) -- C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_4d2bf8e0a2f591ce\Netwtw12.sys (Intel Corporation) DRV - (ibtusb) -- C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_45a68fe32dafa531\ibtusb.sys (Intel Corporation) DRV - (VirtualRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_df3fa89d8f6bbc88\vrd.sys (Microsoft Corporation) DRV - (afunix) -- C:\Windows\SysWOW64\drivers\afunix.sys (Microsoft Corporation) DRV - (genericusbfn) -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_cea150c98a1ca844\genericusbfn.sys (Microsoft Corporation) DRV - (BasicDisplay) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_02da009b3d736cc1\BasicDisplay.sys (Microsoft Corporation) DRV - (UEFI) -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_3abb917fc03c6fa8\UEFI.sys (Microsoft Corporation) DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_d84a235075a8ff73\swenum.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_2e50c98177d80a40\CompositeBus.sys (Microsoft Corporation) DRV - (Netwtw10) -- C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_ed6cba5ffa9fc767\Netwtw10.sys (Intel Corporation) DRV - (AMDSAFD) -- C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys (Advanced Micro Devices) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.region: "DE" FF - prefs.js..browser.search.separatePrivateDefault.urlbarResult.enabled: false FF - prefs.js..browser.startup.homepage: "https://www.spiegel.de/" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.361.2: C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.361.2: C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@vlc.de/vlc,version=3.0.16: C:\Program Files\VLC Plus Player\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 122.0\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 122.0\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\com.microsoft.defender.browser_extension.native_message_host\\: C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.23090.2008-0\COM.MICROSOFT.DEFENDER.BE.FIREFOX.JSON [2023.10.05 05:51:39 | 000,000,310 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 122.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 122.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2022.02.09 21:23:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andre\AppData\Roaming\mozilla\Extensions [2023.11.05 18:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andre\AppData\Roaming\mozilla\Firefox\Profiles\zvcv4vmd.default-release\extension-store [2022.02.09 21:23:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andre\AppData\Roaming\mozilla\Firefox\Profiles\zvcv4vmd.default-release\storage\default\moz-extension+++09469495-5399-4b00-a3aa-7047153267b6^userContextId=4294967295 [2023.09.28 18:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andre\AppData\Roaming\mozilla\Firefox\Profiles\zvcv4vmd.default-release\storage\default\moz-extension+++09469495-5399-4b00-a3aa-7047153267b6^userContextId=4294967295\idb O1 HOSTS File: ([2021.06.05 13:08:54 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\120.0.2210.144\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.8.0_361\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre1.8.0_361\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\120.0.2210.144\BHO\ie_to_edge_bho.dll (Microsoft Corporation) O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\Avast Software\Avast\AvLaunch.exe (AVAST Software) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [VDownloader] C:\Programme\VDownloader\VDownloader5.exe (Vitzo Inc.) O4 - HKCU..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted File not found O4 - HKCU..\Run: [Discord] "C:\Users\Andre\AppData\Local\Discord\Update.exe" --processStart Discord.exe File not found O4 - HKCU..\Run: [MicrosoftEdgeAutoLaunch_0A9DA7EA2F0097BA878B1731B123F49D] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) O4 - HKCU..\Run: [OneDrive] C:\Program Files\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation) O4 - HKCU..\Run: [Opera Stable] C:\Users\Andre\AppData\Local\Programs\Opera\launcher.exe (Opera Software) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [VLC Plus Player Updater] C:\Users\Andre\AppData\Local\VLC Plus Player Updater\Updater.exe () O4 - Startup: C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitCleaner Tasker.lnk = C:\Users\Andre\AppData\Roaming\BitCleaner\BitCleaner Tasker.exe (Binarylabs LTD ) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1 O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105 File not found O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\nlansp_c.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\nlansp_c.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75169d28-bd20-42d6-a903-816568201c94}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ba11a7eb-abc4-4ddf-96b7-1b2a9423a06e}: DhcpNameServer = 192.168.20.1 O18:64bit: - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2024.01.13 23:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2024.01.13 19:18:03 | 000,222,784 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys [2024.01.13 17:08:07 | 011,208,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntkrla57.exe [2024.01.13 17:08:05 | 003,815,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2024.01.13 17:08:05 | 002,703,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll [2024.01.13 17:08:05 | 001,179,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll [2024.01.13 17:08:05 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSHExtensions.dll [2024.01.13 17:08:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll [2024.01.13 17:08:04 | 007,758,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2024.01.13 17:08:04 | 006,084,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2024.01.13 17:08:04 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sqlsrv32.dll [2024.01.13 17:08:04 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll [2024.01.13 17:08:02 | 020,370,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2024.01.13 17:08:02 | 001,188,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\archiveint.dll [2024.01.13 17:08:02 | 000,148,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\p9rdr.sys [2024.01.13 17:08:02 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll [2024.01.13 17:08:01 | 009,228,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2024.01.13 17:08:01 | 000,794,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sqlsrv32.dll [2024.01.13 17:08:01 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll [2024.01.13 17:08:01 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl [2024.01.13 17:07:59 | 027,086,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2024.01.13 17:07:59 | 001,421,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\archiveint.dll [2024.01.13 17:07:45 | 001,967,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe [2024.01.13 17:07:45 | 001,779,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe [2024.01.13 17:07:45 | 001,416,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi [2024.01.13 17:07:45 | 000,872,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe [2024.01.13 17:07:45 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll [2024.01.13 17:07:45 | 000,263,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll [2024.01.13 17:07:45 | 000,198,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll [2024.01.13 17:07:45 | 000,062,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll [2024.01.13 17:07:44 | 000,838,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll [2024.01.13 17:07:44 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll [2024.01.13 17:07:44 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll [2024.01.13 17:07:44 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockScreenData.dll [2024.01.13 17:07:44 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll [2024.01.13 17:07:44 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BitLockerCsp.dll [2024.01.13 17:07:44 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincredui.dll [2024.01.13 17:07:43 | 004,340,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe [2024.01.13 17:07:43 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scesrv.dll [2024.01.13 17:07:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll [2024.01.13 17:07:42 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAJApi.dll [2024.01.13 17:07:42 | 000,525,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Internal.FrameworkUdk.System.dll [2024.01.13 17:07:41 | 014,986,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2024.01.13 17:07:41 | 004,435,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2024.01.13 17:07:41 | 004,338,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll [2024.01.13 17:07:41 | 003,757,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windowsudk.shellcommon.dll [2024.01.13 17:07:40 | 001,974,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll [2024.01.13 17:07:40 | 001,094,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll [2024.01.13 17:07:40 | 001,094,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.WASDK.dll [2024.01.13 17:07:40 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SmartcardCredentialProvider.dll [2024.01.13 17:07:40 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppcext.dll [2024.01.13 17:07:40 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themeui.dll [2024.01.13 17:07:39 | 004,722,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe [2024.01.13 17:07:39 | 002,291,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ServicingUAPI.dll [2024.01.13 17:07:39 | 000,422,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemSettings.DataModel.dll [2024.01.13 17:07:39 | 000,283,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreCommonProxyStub.dll [2024.01.13 17:07:38 | 001,736,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2024.01.13 17:07:38 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmartcardCredentialProvider.dll [2024.01.13 17:07:37 | 003,592,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll [2024.01.13 17:07:37 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogonext.dll [2024.01.13 17:07:36 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2024.01.13 17:07:36 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll [2024.01.13 17:07:36 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll [2024.01.13 17:07:36 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll [2024.01.13 17:07:36 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenData.dll [2024.01.13 17:07:36 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll [2024.01.13 17:07:36 | 000,162,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll [2024.01.13 17:07:35 | 001,278,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll [2024.01.13 17:07:35 | 001,250,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll [2024.01.13 17:07:35 | 000,569,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys [2024.01.13 17:07:35 | 000,456,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys [2024.01.13 17:07:35 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerCsp.dll [2024.01.13 17:07:35 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincredui.dll [2024.01.13 17:07:35 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceMetadataRetrievalClient.dll [2024.01.13 17:07:34 | 001,638,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2024.01.13 17:07:34 | 001,526,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi [2024.01.13 17:07:34 | 001,274,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe [2024.01.13 17:07:34 | 000,546,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2024.01.13 17:07:34 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll [2024.01.13 17:07:34 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsaadt.dll [2024.01.13 17:07:34 | 000,153,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll [2024.01.13 17:07:33 | 001,662,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll [2024.01.13 17:07:33 | 001,185,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll [2024.01.13 17:07:33 | 000,699,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll [2024.01.13 17:07:33 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll [2024.01.13 17:07:33 | 000,282,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll [2024.01.13 17:07:33 | 000,199,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncrypt.dll [2024.01.13 17:07:32 | 012,076,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2024.01.13 17:07:32 | 001,997,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi [2024.01.13 17:07:32 | 001,670,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe [2024.01.13 17:07:32 | 001,332,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellAppRuntime.exe [2024.01.13 17:07:32 | 001,026,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll [2024.01.13 17:07:32 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scesrv.dll [2024.01.13 17:07:31 | 010,313,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll [2024.01.13 17:07:31 | 003,732,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskbar.dll [2024.01.13 17:07:31 | 000,488,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_DesktopTaskbar.dll [2024.01.13 17:07:31 | 000,234,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe [2024.01.13 17:07:30 | 003,817,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2024.01.13 17:07:30 | 003,261,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll [2024.01.13 17:07:30 | 001,339,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll [2024.01.13 17:07:30 | 000,166,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll [2024.01.13 17:07:30 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS [2024.01.13 17:07:29 | 004,435,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll [2024.01.13 17:07:29 | 003,194,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2024.01.13 17:07:29 | 002,764,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAJApi.dll [2024.01.13 17:07:29 | 000,724,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Internal.FrameworkUdk.System.dll [2024.01.13 17:07:29 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.Common.dll [2024.01.13 17:07:28 | 019,017,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2024.01.13 17:07:27 | 005,599,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll [2024.01.13 17:07:27 | 001,974,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll [2024.01.13 17:07:27 | 000,447,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll [2024.01.13 17:07:27 | 000,407,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInputInbox.dll [2024.01.13 17:07:27 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudkservices.shellcommon.dll [2024.01.13 17:07:27 | 000,071,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInputSvc.exe [2024.01.13 17:07:26 | 005,718,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2024.01.13 17:07:26 | 005,173,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll [2024.01.13 17:07:26 | 000,692,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll [2024.01.13 17:07:26 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll [2024.01.13 17:07:25 | 005,319,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2024.01.13 17:07:25 | 001,073,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys [2024.01.13 17:07:25 | 000,741,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll [2024.01.13 17:07:25 | 000,615,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.DataModel.dll [2024.01.13 17:07:25 | 000,220,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsBroker.exe [2024.01.13 17:07:25 | 000,169,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hspfw.dll [2024.01.13 17:07:25 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Win32_DeviceGuard.dll [2024.01.13 17:07:22 | 001,803,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll [2024.01.13 17:07:22 | 000,716,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreCommonProxyStub.dll [2024.01.13 17:07:22 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ManageCI.dll [2024.01.13 17:07:22 | 000,099,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ipt.sys [2024.01.13 17:03:18 | 000,000,000 | -H-D | C] -- C:\$WinREAgent [2024.01.11 07:44:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2024.01.05 10:19:30 | 000,000,000 | ---D | C] -- C:\Users\Andre\AppData\Roaming\JAM Software [2024.01.05 10:19:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free [2024.01.05 10:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software [2022.03.08 08:37:58 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Program Files (x86)\Common Files\keyhelp.ocx [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2024.01.25 06:46:42 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2024.01.25 06:40:50 | 3391,340,542 | -HS- | M] () -- C:\hiberfil.sys [2024.01.19 21:05:57 | 000,000,638 | ---- | M] () -- C:\WINDOWS\tasks\TrackerAutoUpdate.job [2024.01.19 19:28:42 | 000,002,276 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Edge.lnk [2024.01.13 19:26:21 | 001,662,892 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2024.01.13 19:26:21 | 000,720,948 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2024.01.13 19:26:21 | 000,672,594 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2024.01.13 19:26:21 | 000,149,040 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2024.01.13 19:26:21 | 000,128,006 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2024.01.13 19:18:03 | 000,222,784 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys [2024.01.13 19:17:58 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys [2024.01.13 17:21:46 | 000,615,936 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2024.01.13 17:08:07 | 011,208,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntkrla57.exe [2024.01.13 17:08:05 | 007,758,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2024.01.13 17:08:05 | 003,815,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2024.01.13 17:08:05 | 002,703,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll [2024.01.13 17:08:05 | 001,179,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll [2024.01.13 17:08:05 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSHExtensions.dll [2024.01.13 17:08:05 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll [2024.01.13 17:08:04 | 020,370,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2024.01.13 17:08:04 | 006,084,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2024.01.13 17:08:04 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sqlsrv32.dll [2024.01.13 17:08:04 | 000,444,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll [2024.01.13 17:08:02 | 001,188,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\archiveint.dll [2024.01.13 17:08:02 | 000,148,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\p9rdr.sys [2024.01.13 17:08:02 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll [2024.01.13 17:08:01 | 009,228,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2024.01.13 17:08:01 | 000,794,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sqlsrv32.dll [2024.01.13 17:08:01 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll [2024.01.13 17:08:01 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl [2024.01.13 17:08:00 | 027,086,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2024.01.13 17:07:59 | 001,421,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\archiveint.dll [2024.01.13 17:07:45 | 001,967,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe [2024.01.13 17:07:45 | 001,779,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe [2024.01.13 17:07:45 | 001,416,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi [2024.01.13 17:07:45 | 000,872,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe [2024.01.13 17:07:45 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll [2024.01.13 17:07:45 | 000,263,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll [2024.01.13 17:07:45 | 000,198,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll [2024.01.13 17:07:45 | 000,062,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll [2024.01.13 17:07:45 | 000,017,008 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim [2024.01.13 17:07:44 | 000,838,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll [2024.01.13 17:07:44 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll [2024.01.13 17:07:44 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll [2024.01.13 17:07:44 | 000,287,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockScreenData.dll [2024.01.13 17:07:44 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll [2024.01.13 17:07:44 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BitLockerCsp.dll [2024.01.13 17:07:44 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincredui.dll [2024.01.13 17:07:43 | 004,340,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe [2024.01.13 17:07:43 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scesrv.dll [2024.01.13 17:07:43 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll [2024.01.13 17:07:42 | 014,986,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2024.01.13 17:07:42 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAJApi.dll [2024.01.13 17:07:42 | 000,525,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Internal.FrameworkUdk.System.dll [2024.01.13 17:07:41 | 004,435,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2024.01.13 17:07:41 | 004,338,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll [2024.01.13 17:07:41 | 003,757,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windowsudk.shellcommon.dll [2024.01.13 17:07:40 | 003,212,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll [2024.01.13 17:07:40 | 001,974,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll [2024.01.13 17:07:40 | 001,094,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll [2024.01.13 17:07:40 | 001,094,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.WASDK.dll [2024.01.13 17:07:40 | 000,670,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SmartcardCredentialProvider.dll [2024.01.13 17:07:40 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppcext.dll [2024.01.13 17:07:40 | 000,407,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themeui.dll [2024.01.13 17:07:39 | 004,722,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe [2024.01.13 17:07:39 | 002,291,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ServicingUAPI.dll [2024.01.13 17:07:39 | 000,422,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemSettings.DataModel.dll [2024.01.13 17:07:39 | 000,283,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreCommonProxyStub.dll [2024.01.13 17:07:38 | 001,736,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2024.01.13 17:07:38 | 000,872,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmartcardCredentialProvider.dll [2024.01.13 17:07:37 | 003,592,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll [2024.01.13 17:07:37 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogonext.dll [2024.01.13 17:07:36 | 006,103,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2024.01.13 17:07:36 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll [2024.01.13 17:07:36 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll [2024.01.13 17:07:36 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll [2024.01.13 17:07:36 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenData.dll [2024.01.13 17:07:36 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll [2024.01.13 17:07:36 | 000,162,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll [2024.01.13 17:07:35 | 001,526,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi [2024.01.13 17:07:35 | 001,278,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll [2024.01.13 17:07:35 | 001,250,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll [2024.01.13 17:07:35 | 000,569,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys [2024.01.13 17:07:35 | 000,456,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys [2024.01.13 17:07:35 | 000,294,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerCsp.dll [2024.01.13 17:07:35 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincredui.dll [2024.01.13 17:07:35 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceMetadataRetrievalClient.dll [2024.01.13 17:07:34 | 001,638,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2024.01.13 17:07:34 | 001,274,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe [2024.01.13 17:07:34 | 000,546,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2024.01.13 17:07:34 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll [2024.01.13 17:07:34 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsaadt.dll [2024.01.13 17:07:34 | 000,153,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll [2024.01.13 17:07:33 | 012,076,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2024.01.13 17:07:33 | 001,662,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll [2024.01.13 17:07:33 | 001,185,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll [2024.01.13 17:07:33 | 000,699,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll [2024.01.13 17:07:33 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll [2024.01.13 17:07:33 | 000,282,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll [2024.01.13 17:07:33 | 000,199,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncrypt.dll [2024.01.13 17:07:32 | 001,997,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi [2024.01.13 17:07:32 | 001,670,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe [2024.01.13 17:07:32 | 001,332,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellAppRuntime.exe [2024.01.13 17:07:32 | 001,026,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll [2024.01.13 17:07:32 | 000,565,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scesrv.dll [2024.01.13 17:07:31 | 010,313,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll [2024.01.13 17:07:31 | 003,732,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskbar.dll [2024.01.13 17:07:31 | 003,261,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll [2024.01.13 17:07:31 | 000,488,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_DesktopTaskbar.dll [2024.01.13 17:07:31 | 000,234,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe [2024.01.13 17:07:30 | 003,817,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2024.01.13 17:07:30 | 003,194,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2024.01.13 17:07:30 | 001,339,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll [2024.01.13 17:07:30 | 000,166,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll [2024.01.13 17:07:30 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS [2024.01.13 17:07:29 | 019,017,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2024.01.13 17:07:29 | 004,435,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll [2024.01.13 17:07:29 | 002,764,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAJApi.dll [2024.01.13 17:07:29 | 000,724,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Internal.FrameworkUdk.System.dll [2024.01.13 17:07:29 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.Common.dll [2024.01.13 17:07:28 | 005,599,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll [2024.01.13 17:07:27 | 005,173,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll [2024.01.13 17:07:27 | 001,974,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll [2024.01.13 17:07:27 | 000,447,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll [2024.01.13 17:07:27 | 000,407,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInputInbox.dll [2024.01.13 17:07:27 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudkservices.shellcommon.dll [2024.01.13 17:07:27 | 000,071,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInputSvc.exe [2024.01.13 17:07:26 | 005,718,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2024.01.13 17:07:26 | 000,692,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll [2024.01.13 17:07:26 | 000,585,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll [2024.01.13 17:07:25 | 005,319,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2024.01.13 17:07:25 | 001,073,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys [2024.01.13 17:07:25 | 000,741,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll [2024.01.13 17:07:25 | 000,615,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.DataModel.dll [2024.01.13 17:07:25 | 000,220,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsBroker.exe [2024.01.13 17:07:25 | 000,169,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hspfw.dll [2024.01.13 17:07:25 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Win32_DeviceGuard.dll [2024.01.13 17:07:25 | 000,016,720 | ---- | M] () -- C:\WINDOWS\SysNative\IntegratedServicesRegionPolicySet.json [2024.01.13 17:07:22 | 001,803,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll [2024.01.13 17:07:22 | 000,716,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreCommonProxyStub.dll [2024.01.13 17:07:22 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ManageCI.dll [2024.01.13 17:07:22 | 000,099,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ipt.sys [2024.01.12 20:09:37 | 000,002,233 | ---- | M] () -- C:\Users\Andre\OneDrive\Desktop\Discord.lnk [2024.01.04 11:53:39 | 000,002,386 | ---- | M] () -- C:\Users\Andre\OneDrive\Desktop\CornelsenOfflineLernen.lnk [2024.01.04 09:58:39 | 001,555,339 | ---- | M] () -- C:\Users\Andre\OneDrive\Desktop\Scan20240104095720_1.jpeg [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2024.01.13 19:26:21 | 000,720,948 | ---- | C] () -- C:\WINDOWS\SysNative\perfh007.dat [2024.01.13 19:26:21 | 000,672,594 | ---- | C] () -- C:\WINDOWS\SysNative\perfh009.dat [2024.01.13 19:26:21 | 000,149,040 | ---- | C] () -- C:\WINDOWS\SysNative\perfc007.dat [2024.01.13 19:26:21 | 000,128,006 | ---- | C] () -- C:\WINDOWS\SysNative\perfc009.dat [2024.01.13 17:07:45 | 000,017,008 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim [2024.01.13 17:07:25 | 000,016,720 | ---- | C] () -- C:\WINDOWS\SysNative\IntegratedServicesRegionPolicySet.json [2024.01.05 10:19:30 | 000,001,401 | ---- | C] () -- C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSizeFree.lnk [2024.01.04 09:57:37 | 001,555,339 | ---- | C] () -- C:\Users\Andre\OneDrive\Desktop\Scan20240104095720_1.jpeg [2023.11.16 07:21:39 | 000,133,120 | ---- | C] () -- C:\WINDOWS\SysWow64\stordiag.exe [2023.11.16 07:21:38 | 000,070,616 | ---- | C] () -- C:\WINDOWS\SysWow64\wtdccm.dll [2023.11.16 07:20:49 | 000,090,624 | ---- | C] () -- C:\WINDOWS\SysWow64\WinUICohabitation.dll [2023.11.16 07:20:41 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll [2023.11.16 07:20:34 | 000,264,704 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll [2023.11.05 10:14:41 | 000,000,187 | ---- | C] () -- C:\Users\Andre\.HBTM [2023.10.12 07:25:01 | 000,082,432 | ---- | C] () -- C:\WINDOWS\SysWow64\BluetoothOppPushClient.dll [2023.10.12 07:25:00 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\TaskManagerDataLayer.dll [2023.09.27 18:50:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\wiso.ini [2023.04.06 12:16:36 | 001,531,784 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-999-0-0-0.exe [2023.04.06 12:16:36 | 001,531,784 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe [2023.04.06 12:16:32 | 001,168,568 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-999-0-0-0.dll [2023.04.06 12:16:32 | 001,168,568 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll [2023.04.06 12:16:22 | 000,147,288 | ---- | C] () -- C:\WINDOWS\SysWow64\mantleaxl32.dll [2023.04.06 12:16:12 | 000,163,160 | ---- | C] () -- C:\WINDOWS\SysWow64\mantle32.dll [2023.04.06 12:16:08 | 000,457,600 | ---- | C] () -- C:\WINDOWS\SysWow64\GameManager32.dll [2023.04.06 12:13:52 | 000,404,400 | ---- | C] () -- C:\WINDOWS\SysWow64\atieah32.exe [2023.04.06 12:13:46 | 000,118,192 | ---- | C] () -- C:\WINDOWS\SysWow64\atidxx32.dll [2023.04.06 12:13:24 | 075,124,144 | ---- | C] () -- C:\WINDOWS\SysWow64\amd_comgr32.dll [2023.04.06 12:10:46 | 000,113,584 | ---- | C] () -- C:\WINDOWS\SysWow64\amdxc32.dll [2023.04.06 12:07:12 | 000,432,008 | ---- | C] () -- C:\WINDOWS\SysWow64\amdgfxinfo32.dll [2023.02.09 16:34:44 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2022.10.21 15:15:20 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat [2022.10.21 15:15:20 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat [2022.05.07 06:25:03 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2022.05.07 06:25:02 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2022.05.07 06:25:02 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config [2022.05.07 06:20:24 | 000,019,485 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat [2022.05.07 06:20:24 | 000,011,292 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr-v.dat [2022.05.07 06:20:21 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2022.05.07 06:20:19 | 000,057,856 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2022.05.07 06:19:56 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2022.05.07 06:19:54 | 000,016,384 | ---- | C] () -- C:\WINDOWS\SysWow64\BrokerFileDialog.dat [2022.05.07 06:19:52 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2022.05.07 06:19:51 | 003,635,200 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll [2022.05.07 06:19:48 | 000,022,720 | ---- | C] () -- C:\WINDOWS\SysWow64\camext.dll [2022.05.07 06:19:47 | 000,987,512 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfDspCpu.dll [2022.05.07 06:19:45 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2022.05.07 06:19:41 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2023.12.12 19:53:20 | 009,463,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2023.12.12 19:53:42 | 007,301,376 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2023.11.16 07:19:39 | 001,011,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2023.11.16 07:20:53 | 000,815,104 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2022.05.07 06:19:27 | 000,499,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Files - Unicode (All) ========== (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software? Adrenalin Edition) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition < End of report > |
|
25.01.2024, 09:37
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Hijack.Startpage OTL wird hier schon ewig nicht mehr benutzt. Bitte lies die Hinweise für Hilfesuchende.
__________________
__________________ |
|
28.01.2024, 20:43
| #3 |
| /// TB-Ausbilder | Hijack.Startpage Fehlende Rückmeldung
__________________Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
|
01.02.2024, 12:08
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hijack.Startpage Da geht es weiter -> Hijack.Startpage
__________________ Logfiles bitte immer in CODE-Tags posten  |
| Themen zu Hijack.Startpage |
| adobe, antivirus, autorun, avast, cdrom, converter, defender, explorer, explorer.exe, firefox, format, logfile, malwarebytes, microsoft, opera, performance, programme, realtek, registry, secure, svchost.exe, usb, windows, winlogon, wma |
Linear-Darstellung
