| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im LogWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.03.2024, 05:22
| #1 |
| |  PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im Log Hallo zusammen, seit bereits einiger Zeit verhält sich mein PC merkwürdig. Es scheint, als sei dieser per Remote gesteuert oder als sei ein zweiter Benutzeraccount gleichzeitig angemeldet, welcher separat auf seinem eigenen Screen Sachen/Dinge tun kann, welche dann auf auch auf meinem Screen passieren. Anti Malwarebytes, Bitdefender zeigen nichts auffälliges an, FRST zeigt mehrere "Warnungen". Da ich mich damit nicht auskenne, wollte ich hier anfragen, ob mir jemand bei der Analyse und Bekämpfung helfen kann. Da ich mir nicht zu 100% sicher bin, erstmal hier im Forum. Eine kurze "Bestätigung", dass tatsächlich etwas nicht stimmt, würde mir schon sehr weiterhelfen. Die Warnungen sind z.B.: In der Registry (Nicht auf der Ausnahmeliste) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG Auffällig viele Tasks / Aufgaben, z.B.: Task: {EFE38490-A9D5-4DCC-AD94-662999AC8E2A} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2024-02-02] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {CD2D4FF3-EB2D-494A-93A0-E4694F48E9F0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [4103360 2024-02-10] (Microsoft Windows -> Microsoft Corporation) Task: {FCDD0D5E-E823-42D0-892F-40941CF84C60} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-03-01] (Adobe Inc. -> Adobe Inc.) Gleichzeitig werden gefühlt auch Keystrokes abgefangen / fühlt sich an wie nen Keylogger bzw. falls es nen zweiter Benutzer ist, kann dieser in dem Sinne "meinen" Desktop sehen + Dateneingaben, ich weiß aber nichts von einem zweiten. Vielen Dank bereits im Voraus, falls ich noch weitere Infos liefern kann, gerne Bescheid geben. Ich schaue regelmäßig in den Thread. LG |
|
02.03.2024, 10:31
| #2 | |
| /// TB-Ausbilder   | PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im Log Mein Name ist Matthias und ich werde dir bei der Analyse und Bereinigung deines Systems helfen. Zitat:
 Allerdings können wir nur dann eine Analyse vornehmen, wenn du die beiden Logdateien von FRST (FRST.txt und Addition.txt) vollständig bereitstellst, so wie FRST sie erzeugt.  Hier sind alle Regeln und Hinweise aufgeführt. Mit diesen wenigen Zeilen ist keine qualifizierte Aussage möglich. |
|
04.03.2024, 21:06
| #3 |
| | PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im Log Vielen Dank für deine schnelle Antwort. Hier sind die beiden Log-Dateien:
__________________FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11.02.2024
durchgeführt von Jscn (Administrator) auf DESKTOP-MBQM2CV (ASUS System Product Name) (04-03-2024 19:52:18)
Gestartet von C:\Users\Jscn\Desktop\FRST64.exe
Geladene Profile: Jscn
Plattform: Microsoft Windows 11 Pro Version 24H2 26058.1400 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Brave
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.266\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <4>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\LibreWolf\librewolf.exe ->) (DroidMonkey Apps, LLC -> ) C:\Program Files\KeePassXC\keepassxc-proxy.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.1301.260.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.59\msedgewebview2.exe <6>
(C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jscn\AppData\Local\PowerToys\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.AlwaysOnTop.exe
(C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.ColorPickerUI.exe
(C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.CropAndLock.exe
(C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.FancyZones.exe
(C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.PowerLauncher.exe
(C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jscn\AppData\Local\PowerToys\WinUI3Apps\PowerToys.Peek.UI.exe
(C:\Users\Jscn\AppData\Local\TIDAL\app-2.36.2\TIDAL.exe ->) (TIDAL Music AS -> TIDAL Music AS) C:\Users\Jscn\AppData\Local\TIDAL\app-2.36.2\resources\app.asar.unpacked\resources\win\TIDALPlayer.exe
(explorer.exe ->) () [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\Editor.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <11>
(explorer.exe ->) (DroidMonkey Apps, LLC -> KeePassXC Team) C:\Program Files\KeePassXC\KeePassXC.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe
(explorer.exe ->) (NextDNS, Inc. -> NextDNS) C:\Program Files (x86)\NextDNS\NextDNS.exe
(explorer.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (OpenSC Project) [Datei ist nicht signiert] C:\Program Files\OpenSC Project\OpenSC\tools\opensc-notify.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\Jscn\AppData\Local\Programs\signal-desktop\Signal.exe <5>
(Mozilla Corporation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\librewolf.exe <9>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_d0ba3dc7378fedf6\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_0772df9f9e65a702\logi_lamparray_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpDefenderCoreService.exe
(services.exe ->) (Nextdns, Inc. -> ) C:\Program Files (x86)\NextDNS\NextDNSService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything 1.5a\Everything64.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\ShellHost.exe
(svchost.exe ->) (58D26209-1D57-482C-B403-B655571B5C7B -> ) C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.3368.0_x64__rz1tebttyb220\DolbyAccess.exe
(svchost.exe ->) (Henry++) [Datei ist nicht signiert] C:\Program Files\simplewall\simplewall.exe
(svchost.exe ->) (Martin Malik - REALiX -> REALiX s.r.o.) C:\Program Files\HWiNFO64\HWiNFO64.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.1301.260.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (Rémi Mercier) [Datei ist nicht signiert] C:\Users\Jscn\Downloads\FanControl_net_8_0\FanControl.exe
(TIDAL Music AS -> TIDAL Music AS) C:\Users\Jscn\AppData\Local\TIDAL\app-2.36.2\TIDAL.exe <6>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1067296 2024-02-21] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BraveVpnWireguardService] => C:\Program Files\BraveSoftware\Brave-Browser\Application\122.1.63.165\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10880024 2024-02-28] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\...\Run: [pkcs11-register.exe] => C:\Program Files\OpenSC Project\OpenSC\tools\pkcs11-register.exe [168960 2023-12-13] (OpenSC Project) [Datei ist nicht signiert]
HKLM\...\Run: [opensc-notify.exe] => C:\Program Files\OpenSC Project\OpenSC\tools\opensc-notify.exe [176128 2023-12-13] (OpenSC Project) [Datei ist nicht signiert]
HKLM\...\Run: [NextDNS] => C:\Program Files (x86)\NextDNS\NextDNS.exe [359016 2022-12-07] (NextDNS, Inc. -> NextDNS)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [11859680 2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [96194336 2024-02-02] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2024-02-03] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2024-02-03] (Adobe Inc. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2600352 2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Run: [Discord] => C:\Users\Jscn\AppData\Local\Discord\Update.exe [1525024 2024-01-29] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\Jscn\AppData\Local\Programs\signal-desktop\Signal.exe [177137600 2024-02-14] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [981640 2024-02-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Run: [SignalRgb] => C:\Users\Jscn\AppData\Local\VortxEngine\SignalRgbLauncher.exe [498688 2024-02-08] () [Datei ist nicht signiert]
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Run: [simplewall] => C:\Program Files\simplewall\simplewall.exe [841728 2024-02-03] (Henry++) [Datei ist nicht signiert]
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [5317328 2024-02-13] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Run: [MicrosoftEdgeAutoLaunch_7D156541D2D30087B8A1090113ED92B2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4056616 2024-02-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2252719920-710989956-444148845-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4056616 2024-02-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2252719920-710989956-444148845-500\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2600352 2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Virtual Port Monitor: C:\Windows\system32\VirtualMon.dll [184320 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\122.1.63.165\Installer\chrmstp.exe [2024-02-29] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{9F02E2F5-5A41-4D1A-B473-4617E84BC957}] -> C:\WINDOWS\system32\WindowsProtectedPrintConfiguration.dll [2024-02-10] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Syncthing.lnk [2024-02-08]
ShortcutTarget: Syncthing.lnk -> C:\Tools\syncthing-windows-amd64-v1.27.3\syncthing.exe (Stiftelsen Syncthing -> The Syncthing Authors)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {648EC11E-D1D5-42DE-B928-AFF90618902C} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe (Keine Datei)
Task: {0E1CBC86-9AE4-474B-940C-7EE5B3ED372E} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {5A58955C-A9CD-450D-A380-5C2421F3B1ED} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.266\WatchDog.exe [1111184 2023-12-12] (Bitdefender SRL -> Bitdefender)
Task: {DAAA4F17-404C-4FC9-B1DB-162B0C2160B5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2024-02-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {EFE38490-A9D5-4DCC-AD94-662999AC8E2A} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2024-02-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CD2D4FF3-EB2D-494A-93A0-E4694F48E9F0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [4103360 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
Task: {D1864B10-4883-4FF9-86BB-803E9A16C374} - System32\Tasks\FanControl => C:\Users\Jscn\Downloads\FanControl_net_8_0\\FanControl.exe [708608 2024-02-22] (Rémi Mercier) [Datei ist nicht signiert]
Task: {E0CD28FB-62E3-489B-A03A-A649A6ABEC05} - System32\Tasks\HWiNFO => C:\Program Files\HWiNFO64\HWiNFO64.EXE [8873952 2024-02-05] (Martin Malik - REALiX -> REALiX s.r.o.)
Task: {FCDD0D5E-E823-42D0-892F-40941CF84C60} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-03-01] (Adobe Inc. -> Adobe Inc.)
Task: {44699256-D3A1-4D4F-96F6-672D4291BC36} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E8273D2-C7F6-42FA-90EC-072B4607A233} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {60911F73-909C-4810-AB96-4885C3687C86} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157576 2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {50C4E2C8-A837-4BAC-BD00-A07F57E06E60} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157576 2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {88FB391A-8EEB-4F2B-A5AF-1E0772A7680F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FFD48C7-EB3E-4C5A-A21B-B458354B2989} - System32\Tasks\Microsoft\Windows\Containers\CmCleanup => {F50E9363-6BC8-4DC5-8CAB-7D9F8C1B81B4}
Task: {8964B037-71D6-4642-96C2-02AEB5795DE9} - System32\Tasks\Microsoft\Windows\Diagnosis\UnexpectedCodepath => C:\WINDOWS\system32\UCConfigTask.exe [57344 2024-02-10] (Microsoft Windows -> )
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Keine Datei)
Task: {C40D0523-33F0-460E-BD3A-701A6D6F0282} - System32\Tasks\Microsoft\Windows\ReFsDedupSvc\Initialization => {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} C:\WINDOWS\System32\ReFsDedupSvc.exe [2113536 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
Task: {1A81275E-94EF-4E42-A26E-784775CDAFA0} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => {7750564D-D61C-4557-8A9D-7DF56BDCFF96} C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [245760 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
Task: {A17C8D0B-BF82-4D36-ABFE-3DDEBCB9BD00} - System32\Tasks\Microsoft\Windows\Sustainability\PowerGridForecastTask => {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} C:\WINDOWS\system32\PowerGridForecastTask.dll [331776 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
Task: {F5CEB054-06E1-4F30-A6E9-B508BBEC5635} - System32\Tasks\Microsoft\Windows\Sustainability\SustainabilityTelemetry => {6EE41D75-D091-4FB7-9AD5-018760DD25D4} C:\WINDOWS\system32\EcoScoreTask.dll [90112 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
Task: {E8DB7256-ADD5-434E-A897-9FB7E6CF29E8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {AECE9DCD-D3AD-4893-A499-329CE670BC03} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UUS Failover Task => C:\WINDOWS\System32\MLEngineStub.exe [86016 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
Task: {EBBE92F0-7EA5-4884-8593-71D4123748A9} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2023-04-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F7DB45B6-CA31-45DB-96D9-63D6A0E78376} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [Datei ist nicht signiert]
Task: {994F0B76-4A69-40D0-998E-D5C526665EA6} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3867176 2024-02-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1EE41794-737E-4390-B513-463CD9EEC7C6} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206000 2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {80407592-D560-4AAC-BD60-3128AD633375} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2252719920-710989956-444148845-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206000 2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C1EEBC2-87C7-4AB4-9CB5-6C4FE5FDBC93} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2252719920-710989956-444148845-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206000 2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F5853B9-AEA6-4B55-83A4-195038F310C2} - System32\Tasks\PowerToys\Autorun for Jscn => C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.exe [1224112 2024-01-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {67935007-4865-4B2F-AC2B-11599AE86E68} - System32\Tasks\simplewallTask => C:\Program Files\simplewall\simplewall.exe [841728 2024-02-03] (Henry++) [Datei ist nicht signiert]
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7f1b8621-7225-41fa-9936-59ed6e29fa07}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7f1b8621-7225-41fa-9936-59ed6e29fa07}: [DhcpDomain] fritz.box
Edge:
=======
Edge Profile: C:\Users\Jscn\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-04]
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\Jscn\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2024-02-02]
Edge Extension: (Google Docs Offline) - C:\Users\Jscn\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-22]
Edge Extension: (Edge relevant text changes) - C:\Users\Jscn\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-22]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
FireFox:
========
FF DefaultProfile: 703c06rp.default
FF ProfilePath: C:\Users\Jscn\AppData\Roaming\librewolf\Profiles\703c06rp.default [2024-02-06]
FF ProfilePath: C:\Users\Jscn\AppData\Roaming\librewolf\Profiles\pmk41g1w.default-default [2024-03-04]
FF Extension: (Dark Reader) - C:\Users\Jscn\AppData\Roaming\librewolf\Profiles\pmk41g1w.default-default\Extensions\addon@darkreader.org.xpi [2024-02-26]
FF Extension: (KeePassXC-Browser) - C:\Users\Jscn\AppData\Roaming\librewolf\Profiles\pmk41g1w.default-default\Extensions\keepassxc-browser@keepassxc.org.xpi [2024-02-26]
FF Extension: (uBlock Origin) - C:\Users\Jscn\AppData\Roaming\librewolf\Profiles\pmk41g1w.default-default\Extensions\uBlock0@raymondhill.net.xpi [2024-02-26]
FF Extension: (Sidebery) - C:\Users\Jscn\AppData\Roaming\librewolf\Profiles\pmk41g1w.default-default\Extensions\{3c078156-979c-498b-8990-85f7987dd929}.xpi [2024-02-26]
FF Extension: (Gesturefy) - C:\Users\Jscn\AppData\Roaming\librewolf\Profiles\pmk41g1w.default-default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2024-02-26]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2024-01-30] [] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-02-03] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-02-03] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
Brave:
=======
BRA Profile: C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-03-04]
BRA StartupUrls: Default -> "hxxps://www.g2g.com/categories/diablo-4-item/offer/group?fa=9870fe77%3Af6b9fb70%7C33821c26%3A0a926d8a%7C59dd7f4c%3Af6477539&sort=lowest_price"
BRA DefaultSearchKeyword: Default -> :g
BRA Session Restore: Default -> ist aktiviert.
BRA Extension: ( Temp Business Email Address ) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ednjmeomfcmonkgaogcgmfeelgegkpma [2024-02-02]
BRA Extension: (Twitch ™ Adblock Plus) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efdkmejbldmccndljocbkmpankbjhaao [2024-02-02]
BRA Extension: (Dark Reader) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-03-01]
BRA Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-02-21]
BRA Extension: (Twitch VOD Downloader) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gaabmdjigfcnkgeommfpnoinpdmpfhaj [2024-02-02]
BRA Extension: (Shoop Cashback & Gutscheine) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hacngjmphfcjdfpmfmlngemhddjdncpe [2024-02-14]
BRA Extension: (Perplexity - AI Companion) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hlgbcneanomplepojfcnclggenpcoldo [2024-02-02]
BRA Extension: (CLEAN crxMouse Gestures) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mjidkpedjlfnanainpdfnedkdlacidla [2024-02-02]
BRA Extension: (Tab Manager Auto) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mplpoddifhoaicmpbjgpfnbljcabibak [2024-02-02]
BRA Extension: (YouTube Summary with ChatGPT & Claude) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nmmicjeknamkfloonkhhcjmomieiodli [2024-02-02]
BRA Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2024-02-14]
BRA Extension: (KeePassXC-Browser) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\oboonakemofpalcgghocfoadofidjkkk [2024-02-02]
BRA Extension: (Material Theme Dark [blue-grey]) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\paoafodbgcjnmijjepmpgnlhnogaahme [2024-02-02]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-03-03]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-03-04]
BRA Extension: (Brave NTP background images) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-02-02]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-03-04]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-03-04]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-03-01]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-02-02]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-03-04]
BRA Extension: (Brave Ads Resources) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2024-03-01]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2024-03-04]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-02-02]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Jscn\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2024-03-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2024-02-03] (Adobe Inc. -> Adobe Inc.)
S3 ApxSvc; C:\WINDOWS\System32\ApxSvc.dll [69632 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe [907112 2024-01-11] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [502120 2023-11-22] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1157088 2024-03-04] (ASUSTeK COMPUTER INC. -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2530440 2024-02-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [849328 2024-02-21] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [849328 2024-02-21] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [849328 2024-02-21] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2963856 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2574864 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [849328 2024-02-21] (Bitdefender SRL -> Bitdefender)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2024-02-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2024-02-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\122.1.63.165\brave_vpn_helper.exe [2730008 2024-02-28] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\122.1.63.165\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10880024 2024-02-28] (Brave Software, Inc. -> Brave Software, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749256 2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
R2 Everything (1.5a); C:\Program Files\Everything 1.5a\Everything64.exe [5093392 2024-01-09] (voidtools -> voidtools)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncHelper.exe [3516848 2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_9783a0a827c7c2a2\lib\PlatformLicenseManagerService.exe [741488 2023-09-04] (Intel Corporation -> Intel(R) Corporation)
S3 LocalKdc; C:\WINDOWS\system32\localkdcsvc.dll [761856 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_0772df9f9e65a702\logi_lamparray_service.exe [9887216 2024-02-08] (Logitech Inc -> Logitech, Inc.)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [13004248 2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-15] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpDefenderCoreService.exe [1418736 2024-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NextDNSService; C:\Program Files (x86)\NextDNS\NextDNSService.exe [8394080 2024-03-01] (Nextdns, Inc. -> )
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-12-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\Display.NvContainer\NVDisplay.Container.exe [1274992 2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.037.0220.0001\OneDriveUpdaterService.exe [3856288 2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
S3 PrintDeviceConfigurationService; C:\WINDOWS\System32\PrintDeviceConfigurationService.dll [159744 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 PrintScanBrokerService; C:\WINDOWS\System32\PrintScanBrokerService.dll [126976 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [686032 2023-12-12] (Bitdefender SRL -> Bitdefender)
S3 refsdedupsvc; C:\WINDOWS\System32\ReFsDedupSvc.exe [2113536 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [516808 2024-02-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [282728 2024-02-21] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [849328 2024-02-21] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\122.1.63.165\elevation_service.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 acpipagr; C:\WINDOWS\System32\DriverStore\FileRepository\acpipagr.inf_amd64_7bed937245aacc5a\acpipagr.sys [49152 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 AcpiPmi; C:\WINDOWS\System32\DriverStore\FileRepository\acpipmi.inf_amd64_c6f800e15e2a710a\acpipmi.sys [53248 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
R0 amdwps; C:\WINDOWS\System32\drivers\amdwps.sys [61704 2024-02-10] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [59344 2023-11-22] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [6611008 2023-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [800168 2023-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2023-05-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender)
R3 bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [49200 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [39840 2022-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 CDD; C:\WINDOWS\System32\cdd.dll [331776 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 devmap; C:\WINDOWS\System32\DriverStore\FileRepository\devmap.inf_amd64_2fc09d601f34d1e3\devmap.sys [53248 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 DisplayMux; C:\WINDOWS\System32\DriverStore\FileRepository\displaymux.inf_amd64_a411104f67da552a\DisplayMux.sys [57344 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 e2f68; C:\WINDOWS\System32\drivers\e2f68.sys [507904 2024-02-08] (Microsoft Windows -> Intel Corporation)
R3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_b0343b02ae8bdfed\e2f.sys [530048 2024-02-25] (Intel Corporation -> Intel Corporation)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1347496 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 HWiNFO_191; C:\Users\Jscn\AppData\Local\Temp\HWiNFO64A_191.SYS [57936 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ACHTUNG
S3 I3CHost; C:\WINDOWS\System32\DriverStore\FileRepository\i3chost.inf_amd64_5729b0fbe50b3bb8\I3CHost.sys [270560 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-17] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-17] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1606816 2023-07-24] (Intel Corporation -> Intel Corporation)
R2 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [165312 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 kdnic_legacy; C:\WINDOWS\System32\drivers\kdnic_legacy.sys [65760 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys [52672 2024-02-02] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_0772df9f9e65a702\logi_lamparray.sys [89072 2024-02-08] (Logitech Inc -> Logitech, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\Program Files\NordVPN\7.19.4.0\Drivers\NDivert.sys [131472 2024-01-10] (nordvpn s.a. -> Nordvpn S.A.)
S2 NetworkPrivacyPolicy; C:\WINDOWS\System32\DriverStore\FileRepository\networkprivacypolicy.inf_amd64_5217328619294abb\NetworkPrivacyPolicy.sys [106496 2024-02-10] (Microsoft Windows -> )
R2 NextDNSEngine; C:\WINDOWS\system32\DRIVERS\NextDNSEngine.sys [55432 2024-02-27] (NextDNS, Inc. -> Initex)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2024-01-18] (nordvpn s.a. -> TEFINCOM S.A.)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [69984 2024-01-18] (WDKTestCert Nmap,133147429230506937 -> Insecure.Com LLC.)
S3 PlutonHeci; C:\WINDOWS\System32\DriverStore\FileRepository\pluton-heci.inf_amd64_945598254532dc90\pluton-heci.sys [53472 2024-02-10] (Microsoft Windows -> )
S3 PlutonHsp2; C:\WINDOWS\System32\DriverStore\FileRepository\plutonhsp2.inf_amd64_5df3c416cef85d72\PlutonHsp2.sys [53472 2024-02-10] (Microsoft Windows -> )
R3 R0FanControl; C:\Users\Jscn\Downloads\FanControl_net_8_0\FanControl.sys [14544 2024-03-04] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 SignalRgbDriver; C:\WINDOWS\System32\Drivers\SignalRgbDriver.sys [19984 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [49744 2024-01-29] (nordvpn s.a. -> The OpenVPN Project)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [629184 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 uiomap; C:\WINDOWS\System32\DriverStore\FileRepository\uiomap.inf_amd64_7b4a4cbd6ed0736b\uiomap.sys [69632 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 UmPass; C:\WINDOWS\System32\DriverStore\FileRepository\umpass.inf_amd64_f054aad019c95251\umpass.sys [53248 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
R2 UnionFS; C:\WINDOWS\system32\drivers\UnionFS.sys [487648 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [813112 2024-02-08] (Microsoft Windows Hardware Compatibility Publisher -> IDRIX)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [520144 2023-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 vwifibus; C:\WINDOWS\System32\DriverStore\FileRepository\netvwifibus.inf_amd64_b5db3138c451ae9f\vwifibus.sys [65536 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2024-02-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2024-02-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-02-02] (Microsoft Windows -> Microsoft Corporation)
S3 WinAccelCx0101; C:\WINDOWS\System32\drivers\WinAccelCx.sys [139488 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WinI3C; C:\WINDOWS\System32\DriverStore\FileRepository\wini3c.inf_amd64_cdc0c616f87b5a6e\WinI3C.sys [69856 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-03-01] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 ZTDNS; C:\WINDOWS\System32\drivers\ztdns.sys [98528 2024-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X] <==== ACHTUNG
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== ACHTUNG
S0 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
|
|
04.03.2024, 21:07
| #4 |
| | PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im LogCode:
ATTFilter ==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-03-04 19:52 - 2024-03-04 19:52 - 000046172 _____ C:\Users\Jscn\Desktop\FRST.txt
2024-03-04 19:48 - 2024-03-04 19:48 - 000706648 _____ C:\WINDOWS\system32\perfh007.dat
2024-03-04 19:48 - 2024-03-04 19:48 - 000149622 _____ C:\WINDOWS\system32\perfc007.dat
2024-03-04 19:39 - 2024-03-04 19:39 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Equalizer APO 1.3.2
2024-03-03 18:59 - 2024-03-03 18:59 - 000000000 ____D C:\WINDOWS\Minidump
2024-03-02 05:48 - 2024-03-02 05:48 - 000000000 ____D C:\Users\Jscn\AppData\Local\CrashDumps
2024-03-02 05:23 - 2024-03-02 05:24 - 000000000 ____D C:\AdwCleaner
2024-03-02 04:34 - 2024-03-02 04:34 - 009832696 _____ C:\Users\Jscn\Desktop\yt1s.com - World of Warcraft Chronicle Volume 1 Chapter 1 Audiobook_144p.mp4
2024-03-01 16:52 - 2024-03-01 16:52 - 000001790 _____ C:\Users\Public\Desktop\NordVPN.lnk
2024-03-01 16:52 - 2024-03-01 16:52 - 000000000 ____D C:\Users\Jscn\AppData\Local\NordVPN
2024-03-01 16:52 - 2024-03-01 16:52 - 000000000 ____D C:\ProgramData\NordVPN
2024-03-01 16:52 - 2024-03-01 16:52 - 000000000 ____D C:\ProgramData\NordUpdater
2024-03-01 16:52 - 2024-03-01 16:52 - 000000000 ____D C:\Program Files\NordVPN
2024-03-01 16:52 - 2024-03-01 16:52 - 000000000 ____D C:\Program Files\NordUpdater
2024-03-01 16:52 - 2024-01-29 17:57 - 000049744 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapnordvpn.sys
2024-03-01 16:52 - 2024-01-18 13:35 - 000044928 _____ (TEFINCOM S.A.) C:\WINDOWS\system32\Drivers\nordlwf.sys
2024-03-01 16:52 - 2023-03-23 14:52 - 000041024 _____ (TEFINCOM S.A.) C:\WINDOWS\Nord.Setup.dll
2024-03-01 15:25 - 2024-03-01 16:30 - 000003578 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2024-03-01 14:53 - 2024-03-01 19:34 - 000000000 ____D C:\Users\Jscn\Desktop\Kleinanzeigen
2024-03-01 11:09 - 2024-03-01 21:09 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Todoist
2024-03-01 11:09 - 2024-03-01 11:09 - 000002359 _____ C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Todoist.lnk
2024-03-01 11:09 - 2024-03-01 11:09 - 000002351 _____ C:\Users\Jscn\Desktop\Todoist.lnk
2024-03-01 11:09 - 2024-03-01 11:09 - 000000000 ____D C:\Users\Jscn\AppData\Local\todoist-updater
2024-02-28 19:49 - 2024-02-28 19:49 - 000001841 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2024-02-28 19:49 - 2024-02-28 19:49 - 000000000 ____D C:\Program Files\Wireshark
2024-02-27 16:01 - 2024-02-27 16:01 - 000055432 _____ (Initex) C:\WINDOWS\system32\Drivers\NextDNSEngine.sys
2024-02-26 17:31 - 2024-03-04 19:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2024-02-26 17:31 - 2024-02-26 17:31 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2024-02-26 17:30 - 2024-02-26 17:31 - 000000000 ____D C:\Users\Jscn\AppData\Local\PowerToys
2024-02-26 15:40 - 2024-02-26 15:40 - 000000000 ____D C:\Users\Jscn\AppData\LocalLow\Temp
2024-02-25 19:39 - 2024-02-25 19:39 - 000000000 ____D C:\Users\Jscn\ansel
2024-02-25 19:38 - 2024-02-26 08:32 - 000000000 ____D C:\Users\Jscn\AppData\Local\NVIDIA Corporation
2024-02-25 19:38 - 2024-02-25 19:38 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-25 19:38 - 2024-02-25 19:38 - 000001444 _____ C:\Users\Public\Desktop\NVIDIA.lnk
2024-02-25 19:38 - 2024-02-25 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-02-25 19:38 - 2024-02-19 10:22 - 003132456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-02-25 19:38 - 2024-02-19 10:22 - 002418216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-02-25 19:38 - 2024-02-19 10:22 - 000306728 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2024-02-25 19:38 - 2024-02-19 10:22 - 000268840 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2024-02-25 19:38 - 2024-02-19 10:22 - 000171048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-02-25 19:38 - 2024-02-19 10:22 - 000150056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-02-25 19:38 - 2024-02-19 10:22 - 000050216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2024-02-25 19:38 - 2024-02-17 12:38 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-25 19:38 - 2024-02-17 12:38 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-02-25 19:38 - 2024-02-17 12:38 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-25 19:38 - 2024-02-17 12:38 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-02-25 19:38 - 2024-02-17 12:38 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-02-25 19:38 - 2024-02-17 12:38 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-25 19:38 - 2024-02-17 12:38 - 001227296 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-02-25 19:38 - 2024-02-17 12:35 - 000669816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-02-25 19:38 - 2024-02-17 12:35 - 000505456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-02-25 19:38 - 2024-02-17 12:34 - 002173448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-02-25 19:38 - 2024-02-17 12:34 - 001625096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-02-25 19:38 - 2024-02-17 12:34 - 001541640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-02-25 19:38 - 2024-02-17 12:34 - 001199112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-02-25 19:38 - 2024-02-17 12:34 - 001024032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-02-25 19:38 - 2024-02-17 12:34 - 000842272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-02-25 19:38 - 2024-02-17 12:34 - 000786952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-02-25 19:38 - 2024-02-17 12:33 - 016033824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-02-25 19:38 - 2024-02-17 12:33 - 012928032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-02-25 19:38 - 2024-02-17 12:33 - 006780528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-02-25 19:38 - 2024-02-17 12:33 - 005773448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-02-25 19:38 - 2024-02-17 12:33 - 003721760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-02-25 19:38 - 2024-02-17 12:33 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-02-25 19:38 - 2024-02-17 12:32 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-02-25 19:38 - 2024-02-15 17:42 - 000119184 _____ C:\WINDOWS\system32\nvinfo.pb
2024-02-25 19:14 - 2024-02-25 19:14 - 000000000 ____D C:\Users\Jscn\Desktop\240225_BIOS Settings
2024-02-22 20:24 - 2024-02-25 19:31 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\asus_framework
2024-02-22 20:16 - 2024-03-02 12:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-22 20:12 - 2024-02-25 19:31 - 000000000 ____D C:\Program Files (x86)\LightingService
2024-02-22 20:09 - 2024-02-25 19:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2024-02-22 20:09 - 2024-02-25 19:32 - 000000000 ____D C:\Users\Jscn\AppData\Local\ASUS
2024-02-22 20:09 - 2024-02-25 19:32 - 000000000 ____D C:\Users\Jscn\AppData\Local\AcSdkInsLog
2024-02-22 20:09 - 2024-02-25 19:32 - 000000000 ____D C:\Program Files\ASUS
2024-02-22 20:09 - 2024-02-25 19:28 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-02-22 20:09 - 2023-12-25 12:27 - 000054752 ____N (ASUSTeK Computer Inc.) C:\WINDOWS\system32\Drivers\IOMap64.sys
2024-02-22 20:09 - 2023-11-22 17:07 - 000524648 _____ (Asustek Computer Inc.) C:\WINDOWS\system32\AsIO3.dll
2024-02-22 20:09 - 2023-11-22 17:07 - 000430440 _____ (Asustek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO3.dll
2024-02-22 20:09 - 2023-11-22 01:18 - 000059344 _____ (Asustek Computer Inc.) C:\WINDOWS\system32\Drivers\AsIO3.sys
2024-02-22 20:05 - 2024-02-25 19:32 - 000000000 ____D C:\Program Files (x86)\ASUS
2024-02-22 20:05 - 2024-02-22 20:05 - 001189784 _____ (ASUSTeK Computer Inc.) C:\WINDOWS\system32\AsusDownloadAgent.exe
2024-02-22 20:05 - 2024-02-22 20:05 - 000378376 _____ C:\WINDOWS\system32\syncas.dll
2024-02-22 20:05 - 2024-02-22 20:05 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-02-22 20:03 - 2024-02-22 20:03 - 000000020 ___SH C:\Users\Jscn\ntuser.ini
2024-02-22 16:43 - 2024-03-04 19:48 - 001633260 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-22 16:41 - 2024-03-04 19:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-22 16:41 - 2024-03-04 19:40 - 000003140 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2024-02-22 16:41 - 2024-03-02 10:06 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2252719920-710989956-444148845-1001
2024-02-22 16:41 - 2024-03-02 10:06 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2252719920-710989956-444148845-500
2024-02-22 16:41 - 2024-03-02 10:06 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-02-22 16:41 - 2024-02-22 20:24 - 000003654 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2024-02-22 16:41 - 2024-02-22 20:05 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2024-02-22 16:41 - 2024-02-22 16:41 - 000003760 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{870EF929-B65D-45B3-8046-8065ABF82D67}
2024-02-22 16:41 - 2024-02-22 16:41 - 000003582 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2024-02-22 16:41 - 2024-02-22 16:41 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{05725E7A-FBE2-4BE2-941C-5622F31D6C53}
2024-02-22 16:41 - 2024-02-22 16:41 - 000003358 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2024-02-22 16:41 - 2024-02-22 16:41 - 000002988 _____ C:\WINDOWS\system32\Tasks\simplewallTask
2024-02-22 16:41 - 2024-02-22 16:41 - 000002700 _____ C:\WINDOWS\system32\Tasks\FanControl
2024-02-22 16:41 - 2024-02-22 16:41 - 000002354 _____ C:\WINDOWS\system32\Tasks\HWiNFO
2024-02-22 16:41 - 2024-02-22 16:41 - 000002160 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2024-02-22 16:41 - 2024-02-22 16:41 - 000000494 __RSH C:\ProgramData\ntuser.pol
2024-02-22 16:40 - 2024-02-22 16:40 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2024-02-22 16:39 - 2024-02-22 16:39 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\SystemCertificates
2024-02-22 16:39 - 2024-02-22 16:39 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Network
2024-02-22 16:39 - 2024-02-22 16:39 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Crypto
2024-02-22 16:39 - 2024-02-22 16:39 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates
2024-02-22 16:39 - 2024-02-22 16:39 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Network
2024-02-22 16:39 - 2024-02-22 16:39 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto
2024-02-22 16:36 - 2024-03-03 19:04 - 000000000 ____D C:\Users\Jscn
2024-02-22 16:36 - 2024-02-22 20:03 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows
2024-02-22 16:36 - 2024-02-22 16:39 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows
2024-02-22 16:36 - 2024-02-22 16:39 - 000000000 ____D C:\Users\Administrator
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Jscn\Vorlagen
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Jscn\Startmenü
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Jscn\Netzwerkumgebung
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Jscn\Lokale Einstellungen
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Jscn\Eigene Dateien
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Jscn\Druckumgebung
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Jscn\AppData\Local\Verlauf
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Jscn\AppData\Local\Anwendungsdaten
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Jscn\Anwendungsdaten
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Administrator\Vorlagen
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Administrator\Startmenü
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Administrator\Eigene Dateien
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Administrator\Druckumgebung
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Spelling
2024-02-22 16:36 - 2024-02-22 16:36 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Spelling
2024-02-22 16:35 - 2024-03-03 18:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-22 16:35 - 2024-02-25 19:34 - 000471536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-22 16:35 - 2024-02-25 19:23 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-02-22 16:35 - 2024-02-22 16:41 - 000000000 ____D C:\Windows.old
2024-02-22 16:33 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2024-02-22 16:33 - 2024-02-22 16:33 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-02-22 16:33 - 2024-02-22 16:33 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-02-22 15:43 - 2024-02-22 20:03 - 000000000 ___DC C:\WINDOWS\Panther
2024-02-16 02:38 - 2024-02-22 20:24 - 000007168 _____ (painter) C:\WINDOWS\system32\painter_x64.dll
2024-02-16 02:36 - 2024-02-16 02:36 - 000000000 ____D C:\Users\Jscn\AppData\Local\INetHistory
2024-02-16 02:34 - 2024-03-04 19:41 - 000006570 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2024-02-16 00:42 - 2024-02-16 00:42 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2024-02-15 22:44 - 2024-02-16 00:13 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2024-02-15 22:29 - 2024-02-15 22:29 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2024-02-15 22:17 - 2024-02-15 22:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\PeerDistRepub
2024-02-15 22:17 - 2024-02-15 22:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2024-02-15 22:15 - 2024-02-15 23:46 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2024-02-15 22:14 - 2024-02-15 22:14 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2024-02-15 22:12 - 2024-02-22 16:36 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2024-02-15 22:12 - 2024-02-16 01:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\Malwarebytes
2024-02-15 22:12 - 2024-02-15 22:12 - 000002397 _____ C:\Users\Administrator\Desktop\Brave.lnk
2024-02-15 22:12 - 2024-02-15 22:12 - 000002356 _____ C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2024-02-15 22:12 - 2024-02-15 22:12 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Protect
2024-02-15 22:12 - 2024-02-15 22:12 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Credentials
2024-02-15 22:12 - 2024-02-15 22:12 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Vault
2024-02-15 22:12 - 2024-02-15 22:12 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Bitdefender Security App
2024-02-15 22:12 - 2024-02-15 22:12 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2024-02-15 22:12 - 2024-02-15 22:12 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\NVIDIA
2024-02-15 22:12 - 2024-02-15 22:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2024-02-15 22:12 - 2024-02-15 22:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\BraveSoftware
2024-02-15 22:12 - 2024-02-15 22:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\Bitdefender
2024-02-15 22:12 - 2024-02-14 13:07 - 000000000 ____D C:\Users\Administrator\.dotnet
2024-02-15 22:12 - 2024-02-06 04:22 - 000000000 ___RD C:\Users\Administrator\OneDrive
2024-02-15 21:08 - 2024-02-15 21:08 - 000000000 ___HD C:\$SysReset
2024-02-15 20:02 - 2024-02-22 15:22 - 000000000 ____D C:\srumstuff
2024-02-15 19:53 - 2024-02-15 19:53 - 000000000 ____D C:\Users\Jscn\AppData\Local\ElevatedDiagnostics
2024-02-15 19:32 - 2024-02-15 19:32 - 000000000 ____D C:\Users\Jscn\Desktop\FRST-OlderVersion
2024-02-15 00:34 - 2024-02-15 00:43 - 000000000 _____ C:\Users\Jscn\Desktop\+.txt
2024-02-15 00:30 - 2024-02-15 01:01 - 000000000 ____D C:\ProgramData\UWP
2024-02-15 00:26 - 2024-03-02 05:43 - 000000000 ____D C:\Users\Jscn\Desktop\Temp
2024-02-15 00:22 - 2024-02-15 00:22 - 185678252 _____ C:\Users\Jscn\Desktop\DRV_Audio_RTK_UWD_DTSXU_TP_W11_64_V6092441_20211027R.zip
2024-02-15 00:09 - 2024-03-04 19:42 - 000000000 ____D C:\Users\Jscn\AppData\Local\Malwarebytes
2024-02-15 00:09 - 2024-02-15 00:09 - 000002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-02-15 00:09 - 2024-02-15 00:09 - 000000000 ____D C:\Users\Jscn\AppData\Local\mbam
2024-02-15 00:08 - 2024-02-15 00:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-02-15 00:08 - 2024-02-15 00:08 - 000000000 ____D C:\Program Files\Malwarebytes
2024-02-14 23:22 - 2024-02-14 23:22 - 000000000 ____D C:\ProgramData\Battle.net_components
2024-02-14 22:14 - 2024-02-17 12:38 - 001487904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-02-14 22:14 - 2024-02-17 12:35 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-02-14 22:14 - 2024-02-17 12:32 - 005912712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-02-14 22:14 - 2024-02-17 12:31 - 006943344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-02-14 22:14 - 2024-02-17 12:31 - 006030584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-14 22:14 - 2024-02-07 23:49 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-02-14 21:46 - 2024-02-14 21:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-02-14 21:14 - 2024-02-22 16:34 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2024-02-14 21:14 - 2024-02-22 16:33 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-02-14 21:14 - 2024-02-22 16:33 - 000000000 ____D C:\Program Files\MSBuild
2024-02-14 21:14 - 2024-02-16 02:12 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-02-14 21:14 - 2024-02-16 02:12 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-02-14 20:52 - 2024-02-14 20:52 - 000000000 ____D C:\Users\Jscn\AppData\Local\WhyNotWin11
2024-02-14 19:48 - 2024-02-22 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2024-02-14 19:41 - 2024-02-14 19:41 - 000000000 ____D C:\Program Files\VSTPlugins
2024-02-14 19:35 - 2024-02-26 14:37 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\vlc
2024-02-14 19:33 - 2024-02-14 19:33 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\slobs-plugins
2024-02-14 19:33 - 2024-02-14 19:33 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\obs-studio-node-server
2024-02-14 19:33 - 2024-02-14 19:33 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-02-14 19:32 - 2024-02-26 17:29 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\slobs-client
2024-02-14 19:30 - 2024-03-04 19:39 - 000000000 ____D C:\Program Files\EqualizerAPO
2024-02-14 19:30 - 2024-02-14 19:48 - 000000000 ____D C:\Program Files\Macrium
2024-02-14 19:22 - 2024-02-14 19:32 - 000000000 ____D C:\ProgramData\Macrium
2024-02-14 19:17 - 2024-02-14 19:17 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2024-02-14 17:32 - 2024-02-14 18:39 - 000000000 ____D C:\Program Files\WireGuard
2024-02-14 13:45 - 2024-02-14 13:45 - 000001938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2024-02-14 13:45 - 2024-02-14 13:45 - 000000000 ____D C:\Program Files\Nextcloud
2024-02-14 13:07 - 2024-02-14 13:07 - 000000000 ____D C:\Users\Default\.dotnet
2024-02-12 12:30 - 2024-02-12 12:31 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Xiaomi
2024-02-12 12:24 - 2024-02-12 12:24 - 000000000 ____D C:\Users\Jscn\AppData\LocalLow\webviewdata
2024-02-12 12:21 - 2024-02-14 18:39 - 000000000 ____D C:\adb
2024-02-12 12:09 - 2024-02-12 12:09 - 000000000 ____D C:\Users\Jscn\.android
2024-02-12 12:07 - 2024-02-12 12:07 - 000000000 ____D C:\Users\Jscn\adb
2024-02-12 12:07 - 2024-02-12 12:07 - 000000000 ____D C:\Program Files\DIFX
2024-02-11 01:11 - 2024-02-11 01:11 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Logishrd
2024-02-10 15:38 - 2024-02-22 16:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-02-10 15:38 - 2024-02-22 16:30 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-02-10 15:38 - 2024-02-22 16:30 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-02-10 15:38 - 2024-02-10 15:39 - 000000000 ____D C:\WINDOWS\Containers
2024-02-10 15:38 - 2024-02-10 15:38 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-02-10 15:38 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\mde
2024-02-10 15:38 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\RemotePackages
2024-02-10 15:38 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\InboxApps
2024-02-10 15:38 - 2024-02-10 15:38 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2024-02-10 15:37 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2024-02-10 15:37 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-02-10 15:37 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2024-02-10 15:37 - 2024-02-10 15:37 - 000000000 ____D C:\ProgramData\ssh
2024-02-10 15:34 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2024-02-10 15:34 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2024-02-10 15:34 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2024-02-10 15:34 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2024-02-10 15:34 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\system32\winrm
2024-02-10 15:34 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\system32\WCN
2024-02-10 15:34 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\system32\slmgr
2024-02-10 15:34 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2024-02-10 15:34 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\system32\de
2024-02-10 15:34 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2024-02-10 15:34 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2024-02-10 15:34 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2024-02-10 15:34 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\system32\0409
2024-02-10 15:34 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\DigitalLocker
2024-02-10 10:03 - 2024-02-10 10:03 - 000000000 _SHDL C:\Users\Default User
2024-02-10 10:03 - 2024-02-10 10:03 - 000000000 _SHDL C:\Users\All Users
2024-02-10 09:59 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\Setup
2024-02-10 09:56 - 2024-03-04 19:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-10 09:56 - 2024-03-04 19:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-10 09:56 - 2024-03-04 14:21 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-10 09:56 - 2024-03-04 14:21 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-10 09:56 - 2024-03-01 20:37 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2024-02-10 09:56 - 2024-03-01 20:37 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2024-02-10 09:56 - 2024-02-26 17:12 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-10 09:56 - 2024-02-26 15:42 - 000000000 ____D C:\WINDOWS\OCR
2024-02-10 09:56 - 2024-02-23 13:03 - 000000000 ____D C:\WINDOWS\appcompat
2024-02-10 09:56 - 2024-02-22 20:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-10 09:56 - 2024-02-22 20:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-10 09:56 - 2024-02-22 20:17 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2024-02-10 09:56 - 2024-02-22 20:12 - 000000000 ___RD C:\Program Files (x86)
2024-02-10 09:56 - 2024-02-22 16:41 - 000000000 ___RD C:\Program Files\Windows Defender
2024-02-10 09:56 - 2024-02-22 16:41 - 000000000 ____D C:\Program Files\Windows NT
2024-02-10 09:56 - 2024-02-22 16:38 - 000000000 __RSD C:\WINDOWS\Media
2024-02-10 09:56 - 2024-02-22 16:36 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2024-02-10 09:56 - 2024-02-22 16:35 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\spool
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-02-10 09:56 - 2024-02-22 16:35 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-02-10 09:56 - 2024-02-22 16:34 - 000000000 __RHD C:\Users\Public\Libraries
2024-02-10 09:56 - 2024-02-22 16:34 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2024-02-10 09:56 - 2024-02-22 16:34 - 000000000 ____D C:\WINDOWS\system32\MUI
2024-02-10 09:56 - 2024-02-22 16:34 - 000000000 ____D C:\WINDOWS\schemas
2024-02-10 09:56 - 2024-02-22 16:30 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-02-10 09:56 - 2024-02-22 16:30 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-02-10 09:56 - 2024-02-22 16:30 - 000000000 ___SD C:\WINDOWS\system32\dsc
2024-02-10 09:56 - 2024-02-22 16:30 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-10 09:56 - 2024-02-22 16:30 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2024-02-10 09:56 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-02-10 09:56 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-02-10 09:56 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-10 09:56 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-10 09:56 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\SystemApps
2024-02-10 09:56 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2024-02-10 09:56 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2024-02-10 09:56 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-10 09:56 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\security
2024-02-10 09:56 - 2024-02-10 15:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\te-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\or-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\km-KH
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\is-IS
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\id-ID
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\be-BY
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\as-IN
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\am-ET
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2024-02-10 09:56 - 2024-02-10 15:37 - 000000000 ____D C:\WINDOWS\Globalization
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\system32\Com
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\IME
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\Help
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\Program Files\Common Files\System
2024-02-10 09:56 - 2024-02-10 15:34 - 000000000 ____D C:\Program Files (x86)\Windows NT
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 __SHD C:\Program Files\Windows Sidebar
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\Web
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\system32\winevt
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\system32\ras
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\system32\Pbr
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\SKB
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\Resources
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\Registration
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\Provisioning
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\PLA
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\InputMethod
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\IdentityCRL
2024-02-10 09:56 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ___SD C:\WINDOWS\system32\Nui
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\WUModels
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\WaaS
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\Vss
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\UUS
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\tracing
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\TAPI
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\ShellExperiences
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\Keywords
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\IME
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\icsxml
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\ias
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\DriverState
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\downlevel
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\System
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\SchCache
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\rescache
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\Performance
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\ModemLogs
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\L2Schemas
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\Cursors
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\WINDOWS\Branding
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Spelling
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\ProgramData\USOShared
2024-02-10 09:56 - 2024-02-10 09:56 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2024-02-10 09:56 - 2024-02-10 09:54 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2024-02-10 09:56 - 2024-02-10 09:54 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2024-02-10 09:56 - 2024-02-10 09:54 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2024-02-10 09:54 - 2024-03-04 19:48 - 000000000 ____D C:\WINDOWS\INF
2024-02-10 09:52 - 2024-02-10 09:52 - 000089761 _____ C:\WINDOWS\system32\DiskSnapshot.conf
2024-02-10 09:52 - 2024-02-10 09:52 - 000061060 _____ C:\WINDOWS\SysWOW64\ctac.json
2024-02-10 09:52 - 2024-02-10 09:52 - 000061060 _____ C:\WINDOWS\system32\ctac.json
2024-02-10 09:52 - 2024-02-10 09:52 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\oflc-nz.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\csrr.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000045056 _____ (Microsoft) C:\WINDOWS\system32\fpb.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\esrb.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\cero.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000040448 _____ (Microsoft) C:\WINDOWS\SysWOW64\csrr.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000038400 _____ (Microsoft) C:\WINDOWS\SysWOW64\oflc-nz.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000038128 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys
2024-02-10 09:52 - 2024-02-10 09:52 - 000037888 _____ (Microsoft) C:\WINDOWS\SysWOW64\fpb.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000036864 _____ (Microsoft) C:\WINDOWS\system32\usk.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000036864 _____ (Microsoft) C:\WINDOWS\system32\cob-au.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000036256 _____ C:\WINDOWS\system32\Microsoft.Management.Deployment.winmd
2024-02-10 09:52 - 2024-02-10 09:52 - 000033280 _____ (Microsoft) C:\WINDOWS\SysWOW64\cero.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000030208 _____ (Microsoft) C:\WINDOWS\SysWOW64\esrb.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi-pt.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\grb.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000027648 _____ (Microsoft) C:\WINDOWS\SysWOW64\usk.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000027648 _____ (Microsoft) C:\WINDOWS\SysWOW64\cob-au.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\pcbp.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\djctq.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000020979 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-10 09:52 - 2024-02-10 09:52 - 000020979 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-10 09:52 - 2024-02-10 09:52 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi-pt.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000017920 _____ (Microsoft) C:\WINDOWS\SysWOW64\grb.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000014336 _____ (Microsoft) C:\WINDOWS\SysWOW64\djctq.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000013824 _____ (Microsoft) C:\WINDOWS\SysWOW64\pcbp.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000012288 _____ (Microsoft) C:\WINDOWS\system32\WEB.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000010576 _____ C:\WINDOWS\system32\TransformPPSToWlan.xslt
2024-02-10 09:52 - 2024-02-10 09:52 - 000005059 _____ C:\WINDOWS\system32\ecoscore_config.json
2024-02-10 09:52 - 2024-02-10 09:52 - 000004608 _____ (Microsoft) C:\WINDOWS\SysWOW64\WEB.rs
2024-02-10 09:52 - 2024-02-10 09:52 - 000004512 _____ C:\WINDOWS\system32\ResPriUHMImageList
2024-02-10 09:52 - 2024-02-10 09:52 - 000004512 _____ C:\WINDOWS\system32\ResPriLMImageList
2024-02-10 09:52 - 2024-02-10 09:52 - 000004512 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2024-02-10 09:52 - 2024-02-10 09:52 - 000004512 _____ C:\WINDOWS\system32\ResPriImageList
2024-02-10 09:52 - 2024-02-10 09:52 - 000004512 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2024-02-10 09:52 - 2024-02-10 09:52 - 000004512 _____ C:\WINDOWS\system32\ResPriHMImageList
2024-02-10 09:52 - 2024-02-10 09:52 - 000001820 _____ C:\WINDOWS\SysWOW64\rasctrnm.h
2024-02-10 09:52 - 2024-02-10 09:52 - 000001820 _____ C:\WINDOWS\system32\rasctrnm.h
2024-02-10 09:52 - 2024-02-10 09:52 - 000001688 _____ C:\WINDOWS\system32\TransformPPSToWlanCredentials.xslt
2024-02-10 09:52 - 2024-02-10 09:52 - 000000670 ___RH C:\WINDOWS\WindowsShell.Manifest
2024-02-10 09:52 - 2024-02-10 09:52 - 000000146 _____ C:\WINDOWS\system32\UevAppMonitor.exe.config
2024-02-10 09:52 - 2024-02-10 09:52 - 000000112 _____ C:\WINDOWS\SysWOW64\MixedRealityRuntime.json
2024-02-10 09:52 - 2024-02-10 09:52 - 000000112 _____ C:\WINDOWS\system32\MixedRealityRuntime.json
2024-02-10 09:52 - 2024-02-10 09:52 - 000000021 _____ C:\WINDOWS\SysWOW64\MiniLM.onnx
2024-02-10 09:52 - 2024-02-10 09:52 - 000000021 _____ C:\WINDOWS\system32\MiniLM.onnx
2024-02-10 09:51 - 2024-03-04 19:41 - 105644032 _____ C:\WINDOWS\system32\config\SOFTWARE
2024-02-10 09:51 - 2024-03-04 19:41 - 021495808 _____ C:\WINDOWS\system32\config\SYSTEM
2024-02-10 09:51 - 2024-03-04 19:41 - 001048576 _____ C:\WINDOWS\system32\config\DEFAULT
2024-02-10 09:51 - 2024-03-04 19:41 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-10 09:51 - 2024-03-04 19:41 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2024-02-10 09:51 - 2024-03-04 19:41 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2024-02-10 09:51 - 2024-03-01 10:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-10 09:51 - 2024-02-22 16:30 - 000000000 ____D C:\WINDOWS\servicing
2024-02-10 09:51 - 2024-02-10 10:04 - 000000000 ____D C:\WINDOWS\system32\SMI
2024-02-10 05:01 - 2024-02-22 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2024-02-10 05:01 - 2024-02-10 05:01 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Greenshot
2024-02-10 05:01 - 2024-02-10 05:01 - 000000000 ____D C:\Users\Jscn\AppData\Local\Greenshot
2024-02-10 05:01 - 2024-02-10 05:01 - 000000000 ____D C:\Program Files\Greenshot
2024-02-10 03:28 - 2024-02-10 03:28 - 000000000 ____D C:\Users\Jscn\AppData\Local\NVIDIA
2024-02-09 02:55 - 2024-03-01 20:28 - 000000000 ____D C:\Users\Jscn\AppData\Local\Syncthing
2024-02-08 23:00 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\log
2024-02-08 21:56 - 2024-02-11 01:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-02-08 21:29 - 2024-02-09 02:54 - 000000000 ____D C:\Users\Jscn\AppData\Local\SyncthingOld
2024-02-08 20:08 - 2024-02-08 20:08 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\QuickStyles
2024-02-08 19:50 - 2024-02-08 19:50 - 000266905 _____ C:\Users\Jscn\Downloads\AS_SSD_Benchmark7316.zip
2024-02-08 19:50 - 2024-02-08 19:50 - 000000000 ____D C:\Users\Jscn\Downloads\AS_SSD_Benchmark7316
2024-02-08 19:45 - 2024-02-22 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2024-02-08 19:45 - 2024-02-08 19:50 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\JAM Software
2024-02-08 19:45 - 2024-02-08 19:45 - 000001416 _____ C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSizeFree.lnk
2024-02-08 19:45 - 2024-02-08 19:45 - 000000000 ____D C:\Program Files\JAM Software
2024-02-08 19:44 - 2024-02-08 19:44 - 013282336 _____ (JAM Software ) C:\Users\Jscn\Downloads\TreeSizeFreeSetup.exe
2024-02-08 18:06 - 2024-02-21 10:35 - 000000000 ____D C:\Users\Jscn\.dbus-keyrings
2024-02-08 18:06 - 2024-02-08 18:06 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\BleachBit
2024-02-08 17:24 - 2024-03-02 10:08 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Ledger Live
2024-02-08 17:24 - 2024-03-02 10:08 - 000000000 ____D C:\Program Files\Ledger Live
2024-02-08 17:24 - 2024-03-02 10:05 - 000000000 ____D C:\Users\Jscn\AppData\Local\ledger-live-desktop-updater
2024-02-08 17:24 - 2024-02-08 17:24 - 000001912 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ledger Live.lnk
2024-02-08 17:23 - 2024-02-08 17:23 - 119234032 _____ (Ledger Live Team) C:\Users\Jscn\Downloads\ledger-live-desktop-2.75.0-win-x64.exe
2024-02-08 15:59 - 2024-02-08 19:54 - 000000000 ____D C:\Users\Jscn\AppData\Local\FSDART
2024-02-08 15:59 - 2024-02-08 16:04 - 000000000 ____D C:\ProgramData\F-Secure
2024-02-08 15:59 - 2024-02-08 15:59 - 011688976 _____ (F-Secure Corporation) C:\Users\Jscn\Downloads\F-SecureOnlineScanner.exe
2024-02-08 15:59 - 2024-02-08 15:59 - 000000000 ____D C:\Users\Jscn\AppData\Local\F-Secure
2024-02-08 08:26 - 2024-02-08 08:28 - 000000000 ____D C:\Users\Jscn\KeePass
2024-02-08 08:20 - 2024-02-08 21:29 - 000000000 ____D C:\Users\Jscn\Sync
2024-02-08 08:09 - 2024-02-22 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt
2024-02-08 08:09 - 2024-02-08 08:14 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\VeraCrypt
2024-02-08 08:08 - 2024-02-08 08:09 - 000000000 ____D C:\Program Files\VeraCrypt
2024-02-08 08:07 - 2024-02-08 08:07 - 035282192 _____ (IDRIX) C:\Users\Jscn\Downloads\VeraCrypt Setup 1.26.7.exe
2024-02-08 08:04 - 2024-02-08 08:04 - 026076462 _____ (Syncthing Foundation ) C:\Users\Jscn\Downloads\syncthing-1.27.3-setup.exe
2024-02-08 07:52 - 2024-03-04 19:42 - 000000000 ___SD C:\Users\Jscn\Nextcloud
2024-02-08 07:52 - 2024-02-08 07:52 - 000000000 ____D C:\Users\Jscn\AppData\Local\cache
2024-02-08 07:46 - 2024-03-04 19:42 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Nextcloud
2024-02-08 07:46 - 2024-02-08 21:28 - 000000000 ____D C:\Users\Jscn\AppData\Local\Nextcloud
2024-02-08 07:46 - 2024-02-08 07:46 - 113086464 _____ C:\Users\Jscn\Downloads\Nextcloud-3.11.1-x64.msi
2024-02-08 07:44 - 2024-03-02 16:49 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-08 02:46 - 2024-02-08 02:46 - 074423614 _____ C:\Users\Jscn\Downloads\d4lf_v4.1.3.zip
2024-02-07 22:01 - 2024-02-07 22:01 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Stationery
2024-02-07 22:01 - 2024-02-07 22:01 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Signatures
2024-02-07 12:45 - 2024-02-07 12:45 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Proof
2024-02-07 12:44 - 2024-02-07 12:50 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Outlook
2024-02-07 08:03 - 2024-02-07 08:03 - 000000027 _____ C:\WINDOWS\system32\ctc.json
2024-02-07 07:59 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\DTS
2024-02-07 07:59 - 2024-02-07 12:07 - 000000000 ____D C:\ProgramData\DTSAudio
2024-02-06 07:29 - 2024-02-06 07:29 - 098153642 _____ C:\Users\Jscn\Downloads\UWP_Offline_BUNDLE.7z
2024-02-06 07:29 - 2024-02-06 07:29 - 025407627 _____ C:\Users\Jscn\Downloads\9520.1_UAD_WHQL_DTS_2023.7z
2024-02-06 06:27 - 2024-02-08 16:59 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\UProof
2024-02-06 06:26 - 2024-03-02 09:43 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Excel
2024-02-06 06:26 - 2024-02-07 12:45 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Office
2024-02-06 06:26 - 2024-02-06 06:26 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\AddIns
2024-02-06 05:08 - 2024-02-22 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2024-02-06 05:08 - 2024-02-06 05:08 - 664937640 _____ (NVIDIA Corporation) C:\Users\Jscn\Downloads\551.23-desktop-win10-win11-64bit-international-dch-whql.exe
2024-02-06 05:08 - 2024-02-06 05:08 - 001594143 _____ (Igor Pavlov) C:\Users\Jscn\Downloads\7z2401-x64.exe
2024-02-06 05:08 - 2024-02-06 05:08 - 000000000 ____D C:\Program Files\7-Zip
2024-02-06 04:59 - 2024-02-22 16:35 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-02-06 04:24 - 2024-03-04 19:39 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-06 04:24 - 2024-02-22 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreWolf
2024-02-06 04:24 - 2024-02-06 04:24 - 134410107 _____ C:\Users\Jscn\Downloads\librewolf-122.0-2-windows-x86_64-setup.exe
2024-02-06 04:24 - 2024-02-06 04:24 - 000002182 _____ C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LibreWolf Private Browsing.lnk
2024-02-06 04:24 - 2024-02-06 04:24 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\librewolf
2024-02-06 04:24 - 2024-02-06 04:24 - 000000000 ____D C:\Users\Jscn\AppData\Local\librewolf
2024-02-06 04:24 - 2024-02-06 04:24 - 000000000 ____D C:\Program Files\LibreWolf
2024-02-06 04:23 - 2024-02-06 04:23 - 000040933 _____ C:\Users\Jscn\Downloads\Librefox-2.1-Firefox-Windows-64.0.0.zip
2024-02-06 04:22 - 2024-03-02 10:06 - 000002162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-06 04:22 - 2024-02-06 04:22 - 000000000 ___RD C:\Users\Default\OneDrive
2024-02-06 04:21 - 2024-02-06 04:21 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-06 04:20 - 2024-02-22 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2024-02-06 04:20 - 2024-02-06 04:20 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2024-02-06 04:20 - 2024-02-06 04:20 - 000002549 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-02-06 04:20 - 2024-02-06 04:20 - 000002528 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2024-02-06 04:20 - 2024-02-06 04:20 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2024-02-06 04:20 - 2024-02-06 04:20 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-02-06 04:20 - 2024-02-06 04:20 - 000002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2024-02-06 04:20 - 2024-02-06 04:20 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2024-02-06 04:19 - 2024-02-06 04:21 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-06 04:19 - 2024-02-06 04:19 - 000000000 ____D C:\Program Files\Microsoft Office 15
2024-02-06 04:17 - 2024-02-06 04:18 - 668190720 _____ C:\Users\Jscn\Downloads\O365HomePremRetail.img
2024-02-06 02:54 - 2024-02-06 02:54 - 000001658 _____ C:\Users\Jscn\Downloads\666c68.csv
2024-02-06 02:50 - 2024-03-04 19:41 - 000000000 ____D C:\Program Files (x86)\NextDNS
2024-02-06 02:50 - 2024-03-01 10:47 - 000001888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NextDNS.lnk
2024-02-06 02:50 - 2024-02-06 02:50 - 000000000 ____D C:\Users\Jscn\AppData\Local\NextDNS
2024-02-06 02:37 - 2024-02-06 02:37 - 009938344 _____ (NextDNS) C:\Users\Jscn\Downloads\NextDNSSetup-3.0.12.exe
2024-02-06 01:06 - 2024-02-06 01:06 - 261956799 _____ C:\Users\Jscn\Downloads\CinebenchR23.2 (1).zip
2024-02-06 00:59 - 2024-02-10 03:28 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Maxon
2024-02-06 00:58 - 2024-02-08 19:49 - 000000000 ____D C:\Users\Jscn\Downloads\CinebenchR23.2
2024-02-06 00:58 - 2024-02-06 00:58 - 261956799 _____ C:\Users\Jscn\Downloads\CinebenchR23.2.zip
2024-02-05 20:24 - 2024-02-05 20:24 - 000002055 _____ C:\Users\Jscn\Downloads\k4_pro_iso_rgb_v1.00.json.zip
2024-02-05 20:18 - 2024-02-14 18:38 - 000000000 ____D C:\Dell
2024-02-05 20:16 - 2024-02-05 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2024-02-05 20:14 - 2024-02-05 20:14 - 068477624 _____ (Dell Inc.) C:\Users\Jscn\Downloads\ddmsetup.exe
2024-02-05 20:14 - 2024-02-05 20:14 - 068477624 _____ (Dell Inc.) C:\Users\Jscn\Downloads\ddmsetup (1).exe
2024-02-05 20:14 - 2024-02-05 20:14 - 001576728 _____ C:\Users\Jscn\Downloads\DELL_S2721DGF-MONITOR_A00-00_DRVR_6F2V2.exe
2024-02-05 19:54 - 2024-02-05 19:54 - 014802488 _____ (Martin Malik, REALiX s.r.o. ) C:\Users\Jscn\Downloads\hwi_772.exe
2024-02-04 04:49 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
2024-02-04 04:49 - 2024-02-22 16:35 - 000000000 ____D C:\WINDOWS\system32\Npcap
2024-02-04 04:48 - 2024-02-04 04:49 - 000000000 ____D C:\Program Files\Npcap
2024-02-04 04:48 - 2024-02-04 04:48 - 001162272 _____ C:\Users\Jscn\Downloads\npcap-1.79.exe
2024-02-04 04:46 - 2024-02-04 05:32 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Wireshark
2024-02-04 01:49 - 2024-02-04 01:54 - 000400852 _____ C:\WINDOWS\ntbtlog.txt
2024-02-04 00:01 - 2024-02-04 00:01 - 000001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk
2024-02-03 23:58 - 2024-03-01 14:55 - 000000000 __RHD C:\Users\Jscn\Creative Cloud Files
2024-02-03 23:56 - 2024-03-01 14:55 - 000000000 ____D C:\Program Files\Adobe
2024-02-03 23:56 - 2024-02-07 07:59 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-02-03 23:56 - 2024-02-04 00:04 - 000000000 ____D C:\Users\Jscn\AppData\LocalLow\Adobe
2024-02-03 23:56 - 2024-02-03 23:59 - 000000000 ____D C:\ProgramData\Adobe
2024-02-03 23:56 - 2024-02-03 23:57 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-02-03 23:56 - 2024-02-03 23:56 - 000001394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-02-03 23:54 - 2024-03-01 17:37 - 000000000 ____D C:\Users\Jscn\AppData\Local\Adobe
2024-02-03 23:54 - 2024-02-04 00:04 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\com.adobe.dunamis
2024-02-03 23:34 - 2024-02-03 23:34 - 000000000 ____D C:\WINDOWS\system32\Plugins
2024-02-03 22:40 - 2024-02-03 22:40 - 053519872 _____ (PortableApps.com) C:\Users\Jscn\Downloads\WiresharkPortable64_4.2.2.paf.exe
2024-02-03 22:25 - 2024-02-03 22:25 - 000180121 _____ C:\Users\Jscn\Downloads\simplewall.zip
2024-02-03 22:18 - 2024-02-22 16:36 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\simplewall
2024-02-03 22:18 - 2024-02-03 22:18 - 000672446 _____ (Henry++) C:\Users\Jscn\Downloads\simplewall-3.7.8-setup.exe
2024-02-03 22:18 - 2024-02-03 22:18 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Henry++
2024-02-03 22:18 - 2024-02-03 22:18 - 000000000 ____D C:\Program Files\simplewall
2024-02-03 21:23 - 2024-02-03 21:23 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2024-02-03 20:15 - 2024-02-03 20:16 - 000223776 _____ C:\Users\Jscn\Downloads\FRITZ.Box_6660_Cable_252.07.57_03.02.24_2015.export
2024-02-03 19:24 - 2024-02-03 19:25 - 2005323323 _____ C:\WINDOWS\system32\Logfile.XML
2024-02-03 00:40 - 2024-03-04 19:52 - 000000000 ____D C:\FRST
2024-02-03 00:28 - 2024-02-03 00:28 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\HTML Help
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-03-04 19:54 - 2024-02-02 15:03 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Notepad++
2024-03-04 19:45 - 2024-02-02 13:38 - 000000000 ____D C:\Users\Jscn\AppData\Local\D3DSCache
2024-03-04 19:44 - 2024-02-02 14:31 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\TIDAL
2024-03-04 19:43 - 2024-02-02 14:32 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Signal
2024-03-04 19:42 - 2024-02-02 16:36 - 000000000 ____D C:\Users\Jscn\Downloads\FanControl_net_8_0
2024-03-04 19:41 - 2024-02-02 13:42 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-04 19:41 - 2024-02-02 13:28 - 001205104 _____ () C:\WINDOWS\system32\wpbbin.exe
2024-03-04 19:41 - 2024-02-02 13:28 - 001157088 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2024-03-04 19:41 - 2024-02-02 13:28 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-04 19:40 - 2024-02-02 15:39 - 000000000 ____D C:\Users\Jscn\AppData\Local\Everything
2024-03-04 19:40 - 2024-02-02 14:16 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Everything
2024-03-03 19:18 - 2024-02-02 14:44 - 000000000 ____D C:\Users\Jscn\AppData\Local\KeePassXC
2024-03-03 19:16 - 2024-02-02 13:35 - 000000000 ___SD C:\Users\Jscn\AppData\Roaming\Microsoft\Credentials
2024-03-03 18:59 - 2024-02-02 13:28 - 002873000 ____N C:\WINDOWS\Minidump\030324-8500-01.dmp
2024-03-03 18:56 - 2024-02-02 15:21 - 000000000 ____D C:\Users\Jscn\AppData\Local\Battle.net
2024-03-03 18:49 - 2024-02-02 15:36 - 000000000 ____D C:\Users\Jscn\AppData\Local\Discord
2024-03-03 18:49 - 2024-02-02 14:24 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\discord
2024-03-02 22:27 - 2024-02-02 16:39 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-03-02 05:28 - 2024-02-02 14:43 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\KeePassXC
2024-03-01 21:08 - 2024-02-02 13:35 - 000000000 ____D C:\Users\Jscn\AppData\Local\Packages
2024-03-01 20:46 - 2024-02-02 13:28 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-01 20:43 - 2024-02-02 14:28 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-01 20:43 - 2024-02-02 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-01 20:41 - 2024-02-02 14:31 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\WinRAR
2024-03-01 20:41 - 2024-02-02 14:28 - 000000000 ____D C:\Program Files\WinRAR
2024-03-01 17:37 - 2024-02-02 13:35 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Adobe
2024-03-01 17:14 - 2024-02-02 16:44 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Proton Mail
2024-03-01 10:51 - 2024-02-02 13:30 - 000000000 ____D C:\ProgramData\Packages
2024-02-29 10:22 - 2024-02-02 15:06 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-02-26 17:31 - 2024-02-02 14:50 - 000000000 ____D C:\Users\Jscn\AppData\Local\Package Cache
2024-02-25 19:39 - 2024-02-02 13:42 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-02-25 19:38 - 2024-02-02 13:42 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-02-25 19:38 - 2024-02-02 13:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-02-25 19:34 - 2024-02-02 13:28 - 000000000 ____D C:\ProgramData\ASUS
2024-02-25 19:32 - 2024-02-02 13:38 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-23 16:23 - 2024-02-02 15:21 - 000000000 ____D C:\Program Files (x86)\Battle.net
2024-02-22 20:05 - 2024-02-02 14:52 - 000338040 _____ () C:\WINDOWS\system32\AsusDownLoadLicense.exe
2024-02-22 20:03 - 2024-02-02 13:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-02-22 16:36 - 2024-02-02 19:22 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.12
2024-02-22 16:36 - 2024-02-02 17:14 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhirlwindFX
2024-02-22 16:36 - 2024-02-02 16:44 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Proton AG
2024-02-22 16:36 - 2024-02-02 16:39 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2024-02-22 16:36 - 2024-02-02 14:39 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BleachBit
2024-02-22 16:36 - 2024-02-02 14:31 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TIDAL Music AS
2024-02-22 16:36 - 2024-02-02 14:24 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-02-22 16:36 - 2024-02-02 13:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-02-22 16:35 - 2024-02-02 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSC Project
2024-02-22 16:35 - 2024-02-02 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2024-02-22 16:35 - 2024-02-02 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2024-02-22 16:35 - 2024-02-02 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2024-02-22 16:35 - 2024-02-02 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2024-02-22 16:35 - 2024-02-02 14:57 - 000000000 ____D C:\WINDOWS\system32\elambkup
2024-02-22 16:35 - 2024-02-02 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2024-02-22 16:35 - 2024-02-02 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePassXC
2024-02-22 16:35 - 2024-02-02 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2024-02-22 16:35 - 2024-02-02 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerShell
2024-02-22 16:35 - 2024-02-02 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller
2024-02-22 16:35 - 2024-02-02 13:38 - 000000000 ____D C:\Program Files\Intel
2024-02-22 16:35 - 2022-05-07 11:39 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2024-02-22 16:35 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-02-22 16:35 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2024-02-22 16:34 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-02-22 16:34 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-02-15 19:32 - 2024-01-27 17:21 - 002389504 _____ (Farbar) C:\Users\Jscn\Desktop\FRST64.exe
2024-02-15 14:19 - 2024-02-02 14:52 - 000000000 ____D C:\Users\Jscn\AppData\Local\PlaceholderTileLogoFolder
2024-02-15 14:13 - 2024-02-02 16:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-15 09:44 - 2024-02-02 14:12 - 000000000 ____D C:\Tools
2024-02-15 00:35 - 2024-02-02 16:16 - 000000000 ____D C:\Program Files\BraveSoftware
2024-02-15 00:35 - 2024-02-02 13:47 - 000000000 ____D C:\Users\Jscn\AppData\Local\BraveSoftware
2024-02-15 00:22 - 2024-02-02 13:43 - 000000000 ___HD C:\Program Files (x86)\Temp
2024-02-14 18:39 - 2024-02-02 15:21 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Battle.net
2024-02-14 18:39 - 2024-02-02 14:39 - 000000000 ____D C:\Program Files\HWiNFO64
2024-02-14 13:12 - 2024-02-02 16:32 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-14 13:08 - 2024-02-02 15:04 - 000000000 ____D C:\Program Files (x86)\dotnet
2024-02-14 13:07 - 2024-02-02 14:24 - 000000000 ____D C:\Program Files\dotnet
2024-02-14 10:07 - 2024-02-02 14:57 - 000000000 ____D C:\ProgramData\BDLogging
2024-02-10 07:18 - 2024-02-02 16:35 - 000000000 ____D C:\Users\Jscn\.d4lf
2024-02-08 22:17 - 2024-02-02 13:39 - 000000000 ____D C:\Users\Jscn\AppData\Roaming\Microsoft\MMC
2024-02-08 18:14 - 2024-02-02 17:14 - 000000000 ____D C:\Users\Jscn\AppData\Local\VortxEngine
2024-02-08 18:12 - 2024-02-02 17:15 - 000000000 ____D C:\Users\Jscn\AppData\Local\whirlwindengine.firebaseio.com
2024-02-06 05:19 - 2024-02-02 13:35 - 000000000 ____D C:\Users\Jscn\AppData\Local\ConnectedDevicesPlatform
2024-02-03 19:24 - 2024-02-02 20:44 - 000080408 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON24.SYS
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2024-02-02 20:42 - 2024-02-02 22:33 - 000007605 _____ () C:\Users\Jscn\AppData\Local\Resmon.ResmonCfg
==================== FLock ==============================
2024-02-02 13:28 C:\WINDOWS\system32\config\BFS
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
04.03.2024, 21:08
| #5 |
| | PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im Log Addition.txt FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11.02.2024
durchgeführt von Jscn (04-03-2024 19:54:46)
Gestartet von C:\Users\Jscn\Desktop
Microsoft Windows 11 Pro Version 24H2 26058.1400 (X64) (2024-02-22 15:41:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-2252719920-710989956-444148845-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2252719920-710989956-444148845-503 - Limited - Disabled)
Gast (S-1-5-21-2252719920-710989956-444148845-501 - Limited - Disabled)
Jscn (S-1-5-21-2252719920-710989956-444148845-1001 - Administrator - Enabled) => C:\Users\Jscn
WDAGUtilityAccount (S-1-5-21-2252719920-710989956-444148845-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Bitdefender Antivirus (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {37623117-A018-E2F0-08DD-DD91CABD1259}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 24.01 (x64) (HKLM\...\7-Zip) (Version: 24.01 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.1.0.587 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_4) (Version: 25.4.0.319 - Adobe Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BCUninstaller (HKLM\...\{f4fef76c-1aa9-441c-af7e-d27f58d898d1}_is1) (Version: 5.7.0.0 - Marcin Szeniak)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.266 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 27.0.27.129 - Bitdefender)
BleachBit (HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\BleachBit) (Version: 4.6.0.2537 - BleachBit)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 122.1.63.165 - Die Brave-Autoren)
Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Discord) (Version: 1.0.9032 - Discord Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{12EF5653-F4C0-4B29-A4EE-E2C7A527E668}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.3.2 - )
Everything 1.5.0.1366a (x64) (HKLM\...\Everything 1.5a) (Version: 1.5.0.1366 - voidtools)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HWiNFO64 (HKLM\...\HWiNFO64_is1) (Version: 7.72 - Martin Malik, REALiX s.r.o.)
Intel(R) Chipset Device Software (HKLM\...\{2B96B7E3-FA08-4749-9D23-CDC64F1B835B}) (Version: 10.1.19600.8418 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{404581d0-19c1-47ba-bcd3-10178793c239}) (Version: 10.1.19600.8418 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{39C50D87-BFD1-43DD-8A18-676086E328C9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2340.5.36.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{BA97A47F-9B59-4B07-BC82-FF3F6CE6E597}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{C8EEBC98-5759-4B1D-9834-E5F897161475}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{8105FECC-2670-4EA1-A98B-FA803A30AEEB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
IrfanView 4.66 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.66 - Irfan Skiljan)
KeePassXC (HKLM\...\{AE8C6DDF-D052-4AEF-9EE3-8F354EC1530D}) (Version: 2.7.6 - KeePassXC Team)
Ledger Live 2.77.2 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.77.2 - Ledger Live Team)
LibreWolf (HKLM-x32\...\LibreWolf LibreWolf) (Version: 122.0-2 - LibreWolf)
Macrium Reflect Free (HKLM\...\{A302C59F-C733-4DA0-9611-1286A9051D15}) (Version: 8.0.7783 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free (HKLM\...\MacriumReflect) (Version: v8.0.7783 - Paramount Software (UK) Ltd.)
Malwarebytes version 4.6.9.314 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.9.314 - Malwarebytes)
Microsoft .NET 8.0 Templates 8.0.102 (x64) (HKLM\...\{E577737C-D038-49A3-B5EA-0079319B6D87}) (Version: 32.7.48178 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.2 (x64) (HKLM\...\{6D073AE9-3804-4BBB-8544-76785DBD9A5A}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.2 (x64_arm64) (HKLM\...\{7ABFDEC9-72E7-4E2E-B3E4-B94EE2AF3C4E}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.2 (x64_x86) (HKLM\...\{22FC1894-BDF7-402B-9566-B0EE4EBB8F9B}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.27 (x64) (HKLM\...\{3A96B93E-763F-41E7-85C7-1F3CCC37EF27}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.2 (x64) (HKLM\...\{2BB73336-4F69-4141-9797-E9BD6FE3980A}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.2 (x86) (HKLM-x32\...\{AFC83F5E-A70F-40EB-B8A0-E1F7B83ED30F}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.27 (x64) (HKLM\...\{7447A794-FA2E-42BE-BA9A-5FCBD54C5DF3}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.2 (x64) (HKLM\...\{BCC2FB07-8CF0-4542-B10C-61BCEF04AFF2}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.2 (x86) (HKLM-x32\...\{8B3CFFA2-B674-4DB3-B0FF-F23EA1EDE9D0}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.27 (x64) (HKLM\...\{79043ED0-7ED1-4227-A5E5-04C5594D21F7}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.2 (x64) (HKLM\...\{C7B73281-AB0A-4DAD-A09F-5C30D40679AC}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.2 (x86) (HKLM-x32\...\{C259804F-E2F8-4240-8276-83302ABF17AE}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft .NET SDK 8.0.102 (x64) (HKLM-x32\...\{4e070b04-afbe-482f-a08f-5596f83423ce}) (Version: 8.1.224.6930 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 8.0.2 (x64) (HKLM\...\{5A92BEFC-7301-4A31-8546-843126C394E6}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 8.0.102 (x64) (HKLM\...\{7D1413A5-FDB3-4ED9-9682-B71445CEA73A}) (Version: 32.7.48178 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.16327.20264 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.2 Shared Framework (x64) (HKLM\...\{FCE529F0-BC1D-328D-A0D6-3CD7943CC6F2}) (Version: 8.0.2.24068 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.2 Targeting Pack (x64) (HKLM\...\{EF27BF0C-C26A-35DE-B5C1-8A4E2D0559D9}) (Version: 8.0.2.24068 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.10 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.59 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.037.0220.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33130 (HKLM-x32\...\{2cfeba4a-21f8-4ea7-9927-c5a5c6f13cc9}) (Version: 14.38.33130.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33130 (HKLM-x32\...\{5CA9AE7B-2EFC-4F02-81CD-32ABE173C755}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33130 (HKLM-x32\...\{DF1B52DF-C88E-4DDF-956B-6E7A03327F46}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.86.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.27 (x64) (HKLM\...\{E634F316-BEB6-4FB3-A612-F7102F576165}) (Version: 48.108.8836 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.27 (x64) (HKLM-x32\...\{d87ae0f4-64a6-4b94-859a-530b9c313c27}) (Version: 6.0.27.33320 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.2 (x64) (HKLM\...\{D46F1FD9-2FE8-4D05-B2AC-011C23B69B24}) (Version: 64.8.8806 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.2 (x86) (HKLM-x32\...\{3abfc6d6-ddca-44fd-a2b1-d8fc2b575ad6}) (Version: 8.0.2.33318 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.2 (x86) (HKLM-x32\...\{8396E7E6-F535-4E6F-9E2B-CB78A570547A}) (Version: 64.8.8806 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 8.0.2 (x64) (HKLM\...\{B4834DE5-9027-4FB7-9119-20B75387A643}) (Version: 64.8.8806 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-8.0.100 (x64) (HKLM\...\{B5A57BF9-FC7A-4FA6-BAEB-46E173986DF3}) (Version: 34.0.43 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Aspire.Manifest-8.0.100 (x64) (HKLM\...\{F3AEB036-4B8A-4C25-B4D2-850944E909C4}) (Version: 64.0.5426 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-8.0.100 (x64) (HKLM\...\{6BF59E75-BE05-4C69-9C48-3532B6DE0EC5}) (Version: 17.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-8.0.100 (x64) (HKLM\...\{8B5384CA-D189-4CFE-8DF0-2D05B4EA8499}) (Version: 17.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-8.0.100 (x64) (HKLM\...\{98927287-8779-447A-919E-73028D53F719}) (Version: 14.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-8.0.100 (x64) (HKLM\...\{116EF6D0-AE8E-4E6D-B0D8-EFF145CD45DA}) (Version: 8.0.3 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-8.0.100 (x64) (HKLM\...\{568F99E8-9F2D-48D7-A05D-D64C512B3AFD}) (Version: 17.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Current.Manifest (x64) (HKLM\...\{3B774BB2-83EC-489B-895A-1221AF44DBBB}) (Version: 64.8.8705 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{CE114835-1CC1-4E62-AD0A-075E1DD1F920}) (Version: 64.8.8705 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{253265CC-3131-4729-A9CC-E979BA76D4F2}) (Version: 64.8.8705 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Current.Manifest (x64) (HKLM\...\{C6478099-21AD-4213-8B92-B7106D93A3A6}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{0935381F-127D-4B69-9341-7D2A4C8ADD25}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{A5354BB3-5929-4967-8EAD-FF6FA0B06E0B}) (Version: 64.8.8795 - Microsoft Corporation) Hidden
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
Nextcloud (HKLM\...\{3C8EA973-1A3A-4457-910A-EF2A958152BA}) (Version: 3.12.0.20240213 - Nextcloud GmbH)
NextDNS (HKLM\...\NextDNS) (Version: 3.0.13 - NextDNS)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.2.146 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.19.4.0 - Nord Security)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.6.2 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.79 - Nmap Project)
NVIDIA FrameView SDK 1.4.9615.33661400 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.9615.33661400 - NVIDIA Corporation)
NVIDIA Grafiktreiber 551.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.61 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA-App 10.0.0.499 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 10.0.0.499 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
OpenSC smartcard framework (64bit) (HKLM\...\{6C53445C-BE2B-4819-BFC5-5C2B7EF64874}) (Version: 0.24.0.0 - OpenSC Project)
PowerShell 7-x64 (HKLM\...\{B06D1894-3827-4E0C-A092-7DC50BE8B210}) (Version: 7.4.1.0 - Microsoft Corporation)
PowerToys (Preview) (HKLM\...\{CD764F6E-D151-45D1-9EF8-4D858CE1B272}) (Version: 0.78.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\{2229436b-e304-42ae-befd-275c080f99dd}) (Version: 0.78.0 - Microsoft Corporation)
Proton Mail Beta (HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\proton_mail) (Version: 0.9.3 - Proton AG)
Python 3.12.1 (64-bit) (HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\{86e52725-ef45-452f-ac4c-b8958718bfea}) (Version: 3.12.1150.0 - Python Software Foundation)
Python 3.12.1 Add to Path (64-bit) (HKLM\...\{946DC818-F8CA-463A-BE16-946EB508BD48}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Core Interpreter (64-bit) (HKLM\...\{AC82C1A3-9597-40F2-893D-F02F778FBA4D}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Development Libraries (64-bit) (HKLM\...\{8C53CBDD-4DAF-426F-9478-6C7C2920CDDA}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Documentation (64-bit) (HKLM\...\{62667662-A580-409C-8044-55B06F774AE2}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Executables (64-bit) (HKLM\...\{44BC9F9C-15C2-46C1-B88D-3135A9DA555F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 pip Bootstrap (64-bit) (HKLM\...\{1662F43B-2337-4FD8-8CE6-BEA38FC94DD4}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Standard Library (64-bit) (HKLM\...\{47957EE3-0E23-4075-B825-F202E913670F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Tcl/Tk Support (64-bit) (HKLM\...\{926CDC62-3AE2-422B-9858-D6EC3BAD473F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Test Suite (64-bit) (HKLM\...\{E309AE00-4FB1-4817-9172-7E198668375D}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
ReaPlugs/x64 (HKLM\...\ReaPlugs) (Version: - )
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Signal 6.47.1 (HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.47.1 - Signal Messenger, LLC)
SignalRgb (HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\VortxEngine) (Version: 2.3.55 - WhirlwindFX)
simplewall (HKLM\...\simplewall) (Version: 3.7.8 - Henry++)
Spotify (HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\Spotify) (Version: 1.2.30.1135.g02fef27a - Spotify AB)
Streamlabs Desktop 1.15.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.15.1 - General Workings, Inc.)
TIDAL (HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\TIDAL) (Version: 2.36.2 - TIDAL Music AS)
Todoist 8.17.3 (HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\046cc9a8-e645-5367-8486-409093e0b69a) (Version: 8.17.3 - Doist)
TreeSize Free V4.7.1 (64 bit) (HKLM\...\TreeSize Free_is1) (Version: 4.7.1 - JAM Software)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.26.7 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.92.0 - Winamp SA)
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
Wireshark 4.2.3 x64 (HKLM-x32\...\Wireshark) (Version: 4.2.3 - The Wireshark developer community, hxxps://www.wireshark.org)
Packages:
=========
@{MicrosoftWindows.Client.FileExp_1000.26058.1000.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.FileExp/resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-22] (Microsoft Windows)
@{MicrosoftWindows.Client.LKG_1000.26058.1000.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.LKG/resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-02-22] (Microsoft Windows)
@{MicrosoftWindows.Client.OOBE_1000.26058.1000.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.OOBE/resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy [2024-02-22] (Microsoft Windows)
@{MicrosoftWindows.Client.Photon_1000.26058.1000.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.Photon/resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\MicrosoftWindows.Client.Photon_cw5n1h2txyewy [2024-02-22] (Microsoft Windows)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2024-02-14] (Adobe Systems Incorporated)
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2024-03-04] (Bitdefender)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.3368.0_x64__rz1tebttyb220 [2024-02-23] (Dolby Laboratories)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2402.13002.0_x64__8wekyb3d8bbwe [2024-02-21] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-02-15] (Microsoft Corp.)
Microsoft.ApplicationCompatibilityEnhancements -> C:\Program Files\WindowsApps\Microsoft.ApplicationCompatibilityEnhancements_1.2401.10.0_x64__8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.62361.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corporation)
Microsoft.AVCEncoderVideoExtension -> C:\Program Files\WindowsApps\Microsoft.AVCEncoderVideoExtension_1.0.271.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation)
Microsoft.Windows.Ai.Copilot.Provider -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-01] (Microsoft Corporation)
Microsoft.Windows.AugLoop.CBS -> C:\Windows\SystemApps\Microsoft.Windows.AugLoop.CBS_8wekyb3d8bbwe [2024-02-10] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation)
MicrosoftWindows.Client.FileExp -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-22] (Microsoft Windows)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.73.0_x64__cw5n1h2txyewy [2024-03-01] (Microsoft Windows) [Startup Task]
Notepad++ -> C:\Program Files (x86)\Notepad++\contextMenu [2024-02-02] (Notepad++)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-15] (NVIDIA Corp.)
PowerToys ImageResizer Context Menu -> C:\Users\Jscn\AppData\Local\PowerToys [2024-02-26] (Microsoft)
PowerToys PowerRename Context Menu -> C:\Users\Jscn\AppData\Local\PowerToys\WinUI3Apps [2024-02-26] (Microsoft)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.41.294.0_x64__dt26b99r8h8gj [2024-02-14] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0 [2024-03-01] (Spotify AB) [Startup Task]
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1136.2333.0_x64__8wekyb3d8bbwe [2024-02-15] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.58.448.0_x64__8wekyb3d8bbwe [2024-03-01] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1049.117.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1049.117.0-x6_4000.1049.117.0_x64__8wekyb3d8bbwe [2024-02-15] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1049.117.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1049.117.0-x8_4000.1049.117.0_x86__8wekyb3d8bbwe [2024-02-15] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-22] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-02-22] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy [2024-02-22] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Photon_cw5n1h2txyewy [2024-02-22] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2024-03-01] (win.rar GmbH)
Xbox Zubehör -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2403.2402.23002.0_x64__8wekyb3d8bbwe [2024-02-27] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{0440049F-D1DC-4E46-B27B-98393D79486B}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E8A2EBA3FF0} -> [Creative Cloud Files cn.jns@proton.me 43901F6164B2E3AF0A495EDA@AdobeID] => C:\Users\Jscn\Creative Cloud Files cn.jns@proton.me 43901F6164B2E3AF0A495EDA@AdobeID
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> c:\program files\macrium\common\reflectmonitor.exe (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{43e014c6-0dc9-2710-b529-d914f2677020}\localserver32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> nordvpn S.A.)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{51B4D7E5-7568-4234-B4BB-47FB3C016A69}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.ImageResizerExt.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{729B72CD-B72E-4FE9-BCBF-E954B33FE699}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.QoiPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{81343adc-d479-4959-afee-83ea47dce26e} -> [Nextcloud] => C:\Users\Jscn\Nextcloud [2024-02-08 07:52]
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{84D68575-E186-46AD-B0CB-BAEB45EE29C0}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{AD856B15-D25E-4008-AFB7-AFAA55586188}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.QoiThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{c8240322-d3a4-46aa-83bc-b5abece78584}\InprocServer32 -> C:\Program Files\LibreWolf\notificationserver.dll (Mozilla Foundation) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{d3c4ff40-fe38-83f7-9ce5-2199990e2d2d}\localserver32 -> C:\Users\Jscn\Downloads\FanControl_net_8_0\FanControl.EXE (Rémi Mercier) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{DD5CACDA-7C2E-4997-A62A-04A597B58F76}\localserver32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2252719920-710989956-444148845-1001_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Users\Jscn\AppData\Local\PowerToys\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\NCOverlays.dll [2024-02-13] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\NCOverlays.dll [2024-02-13] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\NCOverlays.dll [2024-02-13] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\NCOverlays.dll [2024-02-13] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\NCOverlays.dll [2024-02-13] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-01-31] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-03] (Adobe Inc. -> )
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\NCContextMenu.dll [2024-02-13] (Nextcloud GmbH -> Nextcloud GmbH)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-01-31] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.037.0220.0001\FileSyncShell64.dll [2024-03-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\nvshext.dll [2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-01-31] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-03] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers2_S-1-5-21-2252719920-710989956-444148845-1001: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Users\Jscn\AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-01-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3_S-1-5-21-2252719920-710989956-444148845-1001: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Users\Jscn\AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-01-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3_S-1-5-21-2252719920-710989956-444148845-1001: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Users\Jscn\AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-01-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_S-1-5-21-2252719920-710989956-444148845-1001: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Users\Jscn\AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-01-29] (Microsoft Corporation -> Microsoft Corporation)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2024-02-02 16:36 - 2024-02-22 15:31 - 000004608 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\FanControl.Plugins.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000232960 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000059392 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2023-04-02 23:49 - 2023-04-02 23:49 - 000699904 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000074240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000371712 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2024-01-28 10:11 - 2024-01-28 10:11 - 000613888 _____ () [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\EqualizerAPO.dll
2016-07-30 22:42 - 2016-07-30 22:42 - 002772692 _____ () [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\libfftw3f-3.dll
2017-04-02 18:01 - 2017-04-02 18:01 - 001748992 _____ () [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\libsndfile-1.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 000038912 _____ () [Datei ist nicht signiert] C:\Program Files\LibreWolf\libEGL.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 004875776 _____ () [Datei ist nicht signiert] C:\Program Files\LibreWolf\libGLESv2.dll
2023-09-12 15:30 - 2023-09-12 15:30 - 000186880 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\brotlicommon.dll
2023-09-12 15:30 - 2023-09-12 15:30 - 000108032 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\brotlidec.dll
2023-09-12 15:31 - 2023-09-12 15:31 - 002069504 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\harfbuzz.dll
2023-09-18 16:51 - 2023-09-18 16:51 - 000391680 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\KF5Archive.dll
2023-09-12 15:30 - 2023-09-12 15:30 - 000104960 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\libbzip2.dll
2023-10-08 21:52 - 2023-10-08 21:52 - 000017920 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\libEGL.DLL
2023-10-08 21:52 - 2023-10-08 21:52 - 003369472 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\libGLESv2.dll
2023-10-08 12:42 - 2023-10-08 12:42 - 000258560 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\libpng16.dll
2023-09-12 15:30 - 2023-09-12 15:30 - 001343488 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\libsqlite.dll
2024-02-13 15:19 - 2024-02-13 15:19 - 000125440 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_cfapi.dll
2024-02-13 15:19 - 2024-02-13 15:19 - 000033280 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_suffix.dll
2023-09-12 15:30 - 2023-09-12 15:30 - 000412160 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\pcre2-16.dll
2016-01-03 00:11 - 2016-01-03 00:11 - 000306688 _____ () [Datei ist nicht signiert] C:\Program Files\VSTPlugins\ReaPlugs\reafir_standalone.dll
2024-02-02 16:36 - 2024-02-22 15:31 - 000372224 _____ (Autofac) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\Autofac.dll
2024-02-02 16:36 - 2024-02-22 15:31 - 000467968 _____ (falahati.net) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\NvAPIWrapper.dll
2024-02-02 16:36 - 2024-02-22 15:31 - 000026624 _____ (FanControl.IPC) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\FanControl.IPC.dll
2024-02-02 16:36 - 2024-02-22 15:31 - 000113664 _____ (FanControl.Library) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\FanControl.Library.dll
2024-02-02 16:36 - 2024-02-22 15:31 - 000336896 _____ (GitHub Community) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\Microsoft.Win32.TaskScheduler.dll
2024-02-02 16:36 - 2024-02-22 15:31 - 000062976 _____ (Google) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\GrpcDotNetNamedPipes.dll
2024-02-02 16:36 - 2024-02-22 15:31 - 000668672 _____ (LibreHardwareMonitorLib) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\LibreHardwareMonitorLib.dll
2023-09-12 15:29 - 2023-09-12 15:29 - 001084928 _____ (Meta Platforms, Inc.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\zstd.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 000803328 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\freebl3.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 002344960 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\gkcodecs.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 000195584 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\ipcclientcerts.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 000152064 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\lgpllibs.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 003342336 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\mozavcodec.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 000225280 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\mozavutil.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 000673792 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\mozglue.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 002470400 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\nss3.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 000350208 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\nssckbi.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 000375296 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\osclientcerts.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 000272896 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\softokn3.dll
2010-01-01 01:00 - 2010-01-01 01:00 - 136540672 _____ (Mozilla Foundation) [Datei ist nicht signiert] C:\Program Files\LibreWolf\xul.dll
2024-02-02 16:36 - 2024-02-22 15:31 - 000303104 _____ (Mulholland Software/James Willock) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\MaterialDesignColors.dll
2024-02-02 16:36 - 2024-02-22 15:31 - 009591296 _____ (Mulholland Software/James Willock) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\MaterialDesignThemes.Wpf.dll
2024-02-25 19:38 - 2024-02-25 19:38 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2024-02-25 19:38 - 2024-02-25 19:38 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2023-12-13 09:54 - 2023-12-13 09:54 - 003831808 _____ (OpenSC Project) [Datei ist nicht signiert] C:\Program Files\OpenSC Project\OpenSC\tools\opensc.dll
2024-02-16 02:38 - 2024-02-22 20:24 - 000007168 _____ (painter) [Datei ist nicht signiert] C:\WINDOWS\System32\painter_x64.dll
2024-02-02 16:36 - 2024-02-22 15:31 - 003336192 _____ (Rémi Mercier) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\Jscn\Downloads\FanControl_net_8_0\FanControl.dll
2023-09-12 15:30 - 2023-09-12 15:30 - 000843264 _____ (The FreeType Project) [Datei ist nicht signiert] C:\Program Files\Nextcloud\freetype.dll
2023-09-12 14:48 - 2023-09-12 14:48 - 030422016 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files\Nextcloud\icudt71.dll
2023-09-12 14:48 - 2023-09-12 14:48 - 003463168 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files\Nextcloud\icuin71.dll
2023-09-12 14:48 - 2023-09-12 14:48 - 002188800 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files\Nextcloud\icuuc71.dll
2021-06-02 20:12 - 2021-06-02 20:12 - 000032256 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\qt\imageformats\qgif.dll
2021-06-02 20:12 - 2021-06-02 20:12 - 000031232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\qt\imageformats\qico.dll
2021-06-02 20:12 - 2021-06-02 20:12 - 000413696 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\qt\imageformats\qjpeg.dll
2021-06-02 20:10 - 2021-06-02 20:10 - 001394688 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\qt\platforms\qwindows.dll
2021-06-02 20:12 - 2021-06-02 20:12 - 000137216 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\qt\styles\qwindowsvistastyle.dll
2021-06-02 20:03 - 2021-06-02 20:03 - 006016512 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\Qt5Core.dll
2021-06-02 20:06 - 2021-06-02 20:06 - 004858368 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\Qt5Gui.dll
2021-06-02 20:08 - 2021-06-02 20:08 - 005450240 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\EqualizerAPO\Qt5Widgets.dll
2023-10-08 22:01 - 2023-10-08 22:01 - 000035328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\iconengines\qsvgicon.dll
2023-10-08 21:56 - 2023-10-08 21:56 - 000032256 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\imageformats\qgif.dll
2023-10-08 21:56 - 2023-10-08 21:56 - 000031744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\imageformats\qico.dll
2023-10-08 22:01 - 2023-10-08 22:01 - 000025600 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\imageformats\qsvg.dll
2023-10-08 21:58 - 2023-10-08 21:58 - 000810496 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\platforms\qwindows.dll
2023-10-08 22:09 - 2023-10-08 22:09 - 000229376 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt\labs\platform\qtlabsplatformplugin.dll
2023-10-16 13:12 - 2023-10-16 13:12 - 005051392 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Core.dll
2023-10-08 21:55 - 2023-10-08 21:55 - 006469632 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Gui.dll
2023-10-08 21:54 - 2023-10-08 21:54 - 001306624 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Network.dll
2023-10-08 22:06 - 2023-10-08 22:06 - 000311296 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Positioning.dll
2023-10-08 21:56 - 2023-10-08 21:56 - 000311296 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5PrintSupport.dll
2023-10-08 22:02 - 2023-10-08 22:02 - 003614208 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Qml.dll
2023-10-08 22:02 - 2023-10-08 22:02 - 000437248 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5QmlModels.dll
2023-10-08 22:02 - 2023-10-08 22:02 - 000050176 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5QmlWorkerScript.dll
2023-10-08 22:03 - 2023-10-08 22:03 - 004185600 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Quick.dll
2023-10-08 22:09 - 2023-10-08 22:09 - 000166912 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5QuickControls2.dll
2023-10-08 22:09 - 2023-10-08 22:09 - 001122304 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5QuickTemplates2.dll
2023-10-08 22:04 - 2023-10-08 22:04 - 000081408 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5QuickWidgets.dll
2023-10-08 21:53 - 2023-10-08 21:53 - 000203776 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Sql.dll
2023-10-08 22:01 - 2023-10-08 22:01 - 000326656 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Svg.dll
2023-10-08 22:43 - 2023-10-08 22:43 - 000136704 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5WebChannel.dll
2023-09-18 16:20 - 2023-09-18 16:20 - 112275456 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5WebEngineCore.dll
2023-09-18 16:22 - 2023-09-18 16:22 - 000244736 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5WebEngineWidgets.dll
2023-10-08 22:58 - 2023-10-08 22:58 - 000144896 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5WebSockets.dll
2023-10-08 21:56 - 2023-10-08 21:56 - 005545472 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Widgets.dll
2023-10-08 21:53 - 2023-10-08 21:53 - 000209408 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Xml.dll
2023-10-08 22:05 - 2023-10-08 22:05 - 000055808 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2023-10-08 22:05 - 2023-10-08 22:05 - 000059904 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2023-10-08 22:04 - 2023-10-08 22:04 - 000017408 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\QtQml\Models.2\modelsplugin.dll
2023-10-08 22:04 - 2023-10-08 22:04 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\QtQml\qmlplugin.dll
2023-10-08 22:04 - 2023-10-08 22:04 - 000018432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\QtQuick.2\qtquick2plugin.dll
2023-10-08 22:09 - 2023-10-08 22:09 - 000605696 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\QtQuick\Controls.2\Fusion\qtquickcontrols2fusionstyleplugin.dll
2023-10-08 22:09 - 2023-10-08 22:09 - 000640512 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2023-10-08 22:04 - 2023-10-08 22:04 - 000107008 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\QtQuick\Layouts\qquicklayoutsplugin.dll
2023-10-08 22:09 - 2023-10-08 22:09 - 000349696 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2023-10-08 22:04 - 2023-10-08 22:04 - 000046592 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\QtQuick\Window.2\windowplugin.dll
2023-10-08 21:57 - 2023-10-08 21:57 - 000137728 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\styles\qwindowsvistastyle.dll
2023-09-12 14:46 - 2023-09-12 14:46 - 000153600 _____ (The Tukaani Project <hxxp://tukaani.org/>) [Datei ist nicht signiert] C:\Program Files\Nextcloud\liblzma.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Jscn\Downloads\BraveBrowserSetup-BRV002.exe:BDU [0]
AlternateDataStreams: C:\Users\Jscn\Downloads\ddmsetup (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Jscn\Downloads\ddmsetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Jscn\Downloads\DELL_S2721DGF-MONITOR_A00-00_DRVR_6F2V2.exe:BDU [0]
AlternateDataStreams: C:\Users\Jscn\Downloads\F-SecureOnlineScanner.exe:BDU [0]
AlternateDataStreams: C:\Users\Jscn\Downloads\hwi_772.exe:BDU [0]
AlternateDataStreams: C:\Users\Jscn\Downloads\ledger-live-desktop-2.75.0-win-x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Jscn\Downloads\syncthing-1.27.3-setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Jscn\Downloads\TreeSizeFreeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Jscn\Downloads\VeraCrypt Setup 1.26.7.exe:BDU [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cdd.dll => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{13cfe1b1-6b17-424c-ac3f-16ace8733898} => ""="I3C devices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cdd.dll => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinHttpAutoProxySvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{13cfe1b1-6b17-424c-ac3f-16ace8733898} => ""="I3C devices"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-2252719920-710989956-444148845-1001\Software\Classes\regfile: <==== ACHTUNG
HKU\S-1-5-21-2252719920-710989956-444148845-1001\Software\Classes\.reg: => <==== ACHTUNG
HKU\S-1-5-21-2252719920-710989956-444148845-1001\Software\Classes\.bat: => <==== ACHTUNG
HKU\S-1-5-21-2252719920-710989956-444148845-1001\Software\Classes\.cmd: => <==== ACHTUNG
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackerstbie.dll [2024-02-21] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\antispam32\bdtrackerstbie.dll [2024-02-21] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2252719920-710989956-444148845-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img19.jpg
HKU\S-1-5-21-2252719920-710989956-444148845-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img19.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist deaktiviert.
Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Syncthing.lnk"
HKLM\...\StartupApproved\Run: => "Bdagent"
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run: => "BraveDevVpnWireguardService"
HKLM\...\StartupApproved\Run: => "BraveVpnWireguardService"
HKLM\...\StartupApproved\Run: => "Reflect UI"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "pkcs11-register.exe"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\StartupApproved\Run: => "org.whispersystems.signal-desktop"
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\StartupApproved\Run: => "WingetUI"
HKU\S-1-5-21-2252719920-710989956-444148845-1001\...\StartupApproved\Run: => "SignalRgb"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{DDBDDE10-88C8-4750-BE16-26BD788569C6}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{591651B7-B588-4326-BDD0-347D4AE012EA}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{A343B3E3-12EE-469F-B2C4-6D0570ACB9B7}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{ECEE8FCE-C656-4EA0-8B17-0FAFA9E924AA}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{799DEA19-DF03-45F6-A722-FA0B89CBC729}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{0B5C71DD-F73D-4CD7-A2C8-AF3A38AFA02F}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{EF9D6504-6830-4828-AE78-0B57959CDA06}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{B8FDA4AD-3B74-4EB0-B119-FEE5E11DFB0A}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{AB71E34B-AC7B-4763-93FC-1AC681B6C47C}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{98695BF9-F2E2-4D95-A7A2-3D211939543E}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{73799474-2E6D-4E9E-AC14-A5BA1BFBE737}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{54B7718F-F634-410F-B57A-B284992DCD73}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{EA42A102-E045-41F1-9EF4-F768BE5EF88F}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbupdatrV5.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{701BE601-A5D0-4BF7-84EC-4A927C809F08}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbupdatrV5.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{13E0F9D1-0B1A-4ACE-B022-6B9CB9F950B5}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbupdatrV5.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [{5BE64D51-8D83-44F3-BC1E-95EAA6830270}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbupdatrV5.exe (Malwarebytes Inc. -> Malwarebytes)
FirewallRules: [TCP Query User{6717CD1F-F34B-4A32-8994-EEFA697FEE67}D:\spiele\diablo iv\diablo iv.exe] => (Allow) D:\spiele\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F8DEA1F0-1E60-42F8-91FD-ADA09F1B1C68}D:\spiele\diablo iv\diablo iv.exe] => (Allow) D:\spiele\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{6F7AD3BB-1BAB-4495-8F4C-A137CD4A7F20}C:\users\jscn\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\jscn\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [UDP Query User{F327D977-62A7-45C3-8608-96720429D3CE}C:\users\jscn\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\jscn\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [TCP Query User{64D603A9-B489-4ECE-B427-FE7AD8685769}C:\tools\syncthing-windows-amd64-v1.27.3\syncthing.exe] => (Allow) C:\tools\syncthing-windows-amd64-v1.27.3\syncthing.exe (Stiftelsen Syncthing -> The Syncthing Authors)
FirewallRules: [UDP Query User{182E6780-8325-4220-98E8-78DD58009D69}C:\tools\syncthing-windows-amd64-v1.27.3\syncthing.exe] => (Allow) C:\tools\syncthing-windows-amd64-v1.27.3\syncthing.exe (Stiftelsen Syncthing -> The Syncthing Authors)
FirewallRules: [{6BD1B316-B179-462B-86AA-C32876A5F7CA}] => (Allow) C:\Users\Jscn\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => Keine Datei
FirewallRules: [{78B880DB-6854-4222-8920-0449C9B113D0}] => (Allow) C:\Users\Jscn\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => Keine Datei
FirewallRules: [{F1722075-D90B-4EFB-A9A9-782ECC9DDB16}] => (Allow) C:\Users\Jscn\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe => Keine Datei
FirewallRules: [{E65DB51C-7E5D-4C83-BA5D-291B5F44F9CB}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{5A98528B-4554-4EC6-858B-29024BEC9A0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{44CD5599-05CB-4973-A42E-4BBBABB7D1B7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E2509E3C-628D-4040-BB87-ADDF943E07B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0E48D7B9-7063-41F7-8CC5-BC94D560A6F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{09DBB393-82F8-42DD-95D4-D492F7D5FC53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13540B8D-576C-4D30-B60D-49CDC482A837}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{480F0350-6430-4324-AD83-A17BA4646F81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3F462F63-70FD-4303-A212-96584A5449B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B91E09D1-0665-468B-859E-6C909A0921B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6E6E3637-B816-40A0-ABC9-B2FADD934176}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E3CDC56B-81D0-45BE-A11D-92F2E683400E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.59\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A4D9694-2FDF-42FB-AD9D-E6FCC8522068}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1005.2701.7380_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B69A5E5E-40BE-47D0-B539-6EEA67679730}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1005.2701.7380_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
26-02-2024 17:27:49 O&O ShutUp10++
01-03-2024 10:51:13 Windows Update
01-03-2024 20:45:06 BCUninstaller deinstalliert 1 Anwendung(en)
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: TAP-NordVPN Windows Adapter V9
Description: TAP-NordVPN Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-NordVPN Windows Provider V9
Service: tapnordvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (03/04/2024 07:41:46 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-MBQM2CV$ über https://INTC-KeyId-34219b21f477f6c7f78a0f26b23d0430deea4363.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
Methode: GET(172ms)
Phase: GetCACaps
Die Serververbindung konnte nicht hergestellt werden. 0x80072efd (WinHttp: 12029 ERROR_WINHTTP_CANNOT_CONNECT)
Error: (03/04/2024 07:34:40 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-MBQM2CV$ über https://INTC-KeyId-34219b21f477f6c7f78a0f26b23d0430deea4363.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
Methode: GET(15ms)
Phase: GetCACaps
Die Serververbindung konnte nicht hergestellt werden. 0x80072efd (WinHttp: 12029 ERROR_WINHTTP_CANNOT_CONNECT)
Error: (03/04/2024 07:34:38 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-MBQM2CV$ über https://INTC-KeyId-34219b21f477f6c7f78a0f26b23d0430deea4363.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
Methode: GET(141ms)
Phase: GetCACaps
Die Serververbindung konnte nicht hergestellt werden. 0x80072efd (WinHttp: 12029 ERROR_WINHTTP_CANNOT_CONNECT)
Error: (03/04/2024 02:20:24 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-MBQM2CV$ über https://INTC-KeyId-34219b21f477f6c7f78a0f26b23d0430deea4363.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
Methode: GET(719ms)
Phase: GetCACaps
Die Serververbindung konnte nicht hergestellt werden. 0x80072efd (WinHttp: 12029 ERROR_WINHTTP_CANNOT_CONNECT)
Error: (03/04/2024 02:12:43 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-MBQM2CV$ über https://INTC-KeyId-34219b21f477f6c7f78a0f26b23d0430deea4363.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
Methode: GET(156ms)
Phase: GetCACaps
Die Serververbindung konnte nicht hergestellt werden. 0x80072efd (WinHttp: 12029 ERROR_WINHTTP_CANNOT_CONNECT)
Error: (03/03/2024 07:08:06 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-MBQM2CV$ über https://INTC-KeyId-34219b21f477f6c7f78a0f26b23d0430deea4363.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
Methode: GET(0ms)
Phase: GetCACaps
Die Serververbindung konnte nicht hergestellt werden. 0x80072efd (WinHttp: 12029 ERROR_WINHTTP_CANNOT_CONNECT)
Error: (03/03/2024 07:08:04 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-MBQM2CV$ über https://INTC-KeyId-34219b21f477f6c7f78a0f26b23d0430deea4363.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
Methode: GET(125ms)
Phase: GetCACaps
Die Serververbindung konnte nicht hergestellt werden. 0x80072efd (WinHttp: 12029 ERROR_WINHTTP_CANNOT_CONNECT)
Error: (03/03/2024 06:59:31 PM) (Source: CertEnroll) (EventID: 87) (User: NT-AUTORITÄT)
Description: Fehler bei der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-MBQM2CV$ über https://INTC-KeyId-34219b21f477f6c7f78a0f26b23d0430deea4363.microsoftaik.azure.net/templates/Aik/scep:
SubmitDone
GetCACertChain: OK
HTTP/1.1 200 OK
Date: Sun, 03 Mar 2024 17:59:24 GMT
Content-Length: 5959
Content-Type: application/x-x509-ca-ra-cert
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: fe59c5cd-e78d-4ddd-950f-1d04e8b18dc4
Methode: POST(2500ms)
Phase: SubmitDone
Die Serververbindung wurde aufgrund eines Fehlers beendet. 0x80072efe (WinHttp: 12030 ERROR_WINHTTP_CONNECTION_ERROR)
Systemfehler:
=============
Error: (03/03/2024 06:59:22 PM) (Source: Microsoft-Windows-WER-SystemErrorReporting) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x000000ef (0xffffa284cb077280, 0x0000000000000000, 0xffffa284e3efa280, 0x0000000000000000)C:\WINDOWS\Minidump\030324-8500-01.dmpb1742e8d-1e58-4aae-87a8-a0e8accfb403
Error: (03/03/2024 06:59:16 PM) (Source: volmgr) (EventID: 162) (User: )
Description: Generierung der Dumpdatei erfolgreich.
Error: (03/03/2024 06:59:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 03.03.2024 um 18:46:26 unerwartet heruntergefahren.
Error: (03/01/2024 10:57:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/27/2024 06:35:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience
Error: (02/26/2024 07:36:28 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "UsoSvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{B91D5831-B1BD-4608-8198-D72E155020F7}
Error: (02/26/2024 07:36:28 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "UsoSvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{B91D5831-B1BD-4608-8198-D72E155020F7}
Error: (02/26/2024 07:35:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MBQM2CV)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===============
Date: 2024-03-04 19:52:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267060097545431176\antimalware_provider64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 3302 02/21/2024
Hauptplatine: ASUSTeK COMPUTER INC. PRIME Z690-A
Prozessor: 12th Gen Intel(R) Core(TM) i7-12700K
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 65277.35 MB
Verfügbarer physikalischer RAM: 54363.92 MB
Summe virtueller Speicher: 69373.35 MB
Verfügbarer virtueller Speicher: 55995.19 MB
==================== Laufwerke ================================
Drive c: (SK Hynix P41 P) (Fixed) (Total:500.16 GB) (Free:362.15 GB) (Model: SHPP41-2000GM) NTFS
Drive d: (SK Hynix P41 P) (Fixed) (Total:1361.16 GB) (Free:1048.53 GB) (Model: SHPP41-2000GM) NTFS
\\?\Volume{e7520865-9485-4077-8516-fae037a0f10d}\ () (Fixed) (Total:0.82 GB) (Free:0.31 GB) NTFS
\\?\Volume{ddc6114c-0bac-4e8b-a4df-83688c48452f}\ () (Fixed) (Total:0.76 GB) (Free:0.75 GB) NTFS
\\?\Volume{1d286173-ce95-4b7f-928b-4b53d1b0ee2f}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt =======================
Welche Informationen würden sonst noch weiterhelfen bei der Suche? Vielen Dank schon vorab! LG! Geändert von Backslash (04.03.2024 um 21:14 Uhr) |
|
04.03.2024, 21:11
| #6 |
| | PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im Log -- Beitrag doppelt Geändert von Backslash (04.03.2024 um 21:13 Uhr) Grund: -- Beitrag doppelt |
|
04.03.2024, 22:12
| #7 | |
| /// TB-Ausbilder | PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im Log Ich sehe keine aktive Malware in diesen Logdateien. Es stellt sich jedoch die Frage, warum du eine veraltete Version von FRST eingesetzt hast... ? Zitat:
Außerdem können wir mit ein paar Tools das System überprüfen. Zudem ist mir ein ungewöhnlicher Eintrag aufgefallen, den man weiter untersuchen könnte. Gib Bescheid, wenn du Interesse daran hast. |
|
09.03.2024, 21:51
| #8 |
| /// TB-Ausbilder | PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im Log Fehlende Rückmeldung Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
|
| Themen zu PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im Log |
| 100%, adobe, anti, bitdefender, c:\windows, defender, desktop, explorer.exe, frage, fragen, gleichzeitig, hallo zusammen, keylogger, log, malwarebytes, microsoft, nichts, registry, remote, screen, software, system, system32, treiber, windows |
Linear-Darstellung
