Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme

Antiviren-, Firewall- und andere Schutzprogramme: Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 08.02.2021, 11:04   #1
Baal01
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Hallo seit paar Tagen bzw. dem 04.02.2021 werden ständig ungewollt Webseiten aufgerufen mit untersch. IPs sobald man einen Browser startet diese werden von McAfee gesperrt glücklicherweise. Frage mich nun ob man irgendwie auspüren kann welches Programm das verursacht hab mich eigentlich schon durchschaut msconfig und so weiter aber nichts aufälliges gefunden. Ist schon recht nervig und weiß ned wirklich was man machen kann dagegen. Grad gesehen dass die Malware oder was auch immer versucht sich in verschiedene ports einzurichten keine Ahnung einfach mal im Anhang anschauen danke hab halt echt kein Plan von sowas. Hoffe ist im richtigem Unterforum. Danke schonmal im Vorraus.

MfG Justin
Angehängte Grafiken
Dateityp: png 1.png (37,7 KB, 51x aufgerufen)
Dateityp: png 2.png (22,9 KB, 27x aufgerufen)
Dateityp: png 3.png (27,3 KB, 21x aufgerufen)

Alt 08.02.2021, 12:11   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Ich hab hier irgendwie den Eindurck, dass du überhaupt nicht verstanden hast, was das für Meldungen sind. Und von einem Schrott wie McAfee rät man auch schon seit halben Ewigkeiten von ab. Wieso installierst du das überhaupt?
__________________

__________________

Alt 09.02.2021, 11:30   #3
Baal01
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Bin mir recht sicher, dass McAfee recht gute Arbeit leistet bei der Sache sonst würde er ja nicht ungewollte Seiten blocken. Oder ebend zugreifen zu bestimmten Ports ohne Erlaubnis. Vor allem werde ich seitdem 04.02.2021 zugespammt das heißt ja wohl dann dass etwas nicht stimmen kann und ich habe mir paar Sachen am 03.02.2021 runtergeladen alle auch schon gelöscht mit dem IOBit Uninstaller genauso hab ich mein System überprüft mit Malwarebyte aber auch mit McAfee. Will nur wissen ob es ein Tool gibt was die scheiße auch löschen kann. Seit dem 04.02.2021 sind schon 2500 Sachen geblockt worden davor waren es vielleicht 5 - 9. Ist doch dann klar dass was nicht stimmt oder etwa nicht. Aber danke für die Antwort.
__________________

Alt 09.02.2021, 12:15   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Also das ist schon mal dicker Quatsch.

Eingehende Verbindung in dein System auf Port 80. Das würde bedeuten, dass die direkt im Internet wärst ohne Router oder dein Router ist sperrangelweit weit offen und/oder du hast ne Portweiterleitung eingerichtet. Letztes glaube ich nicht, du vermittelt nämlich nicht den Eindruck als wüsstest du wie man das macht geschweige wozu das genau gut ist.

Dann kommst du mit iobit uninstaller an. Auch dicker Müll. Kurz du hast hier schon mindestens zwei gravierende Softwareböcke.


Logdateien erstellen mit FRST64
  • Bitte lade dir Farbar's Recovery Scan Tool (FRST64.exe) auf deinen Desktop
  • Starte anschließend FRST64.exe per Doppelklick.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und die Addition.txt in deinem Thread in CODE-Tags (#-Symbol im Eingabefenster der Webseite anklicken)


Falls der Smartscreenfilter FRST blockiert sollte, kannst du den dort deaktivieren:
Start > Einstellungen > Update und Sicherheit > Windows Sicherheit > App- & Browsersteuerung > Zuverlässigkeitsbasierter Schutz

Alt 09.02.2021, 13:49   #5
Baal01
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-02-2021 01
Ran by Baal (administrator) on WIN-GPE7CHGD8F4 (MEDION E2050 2391) (09-02-2021 14:26:33)
Running from C:\Users\Administrator\Downloads
Loaded Profiles: Baal
Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Language: Englisch (Vereinigte Staaten)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Glarysoft LTD -> Glarysoft Ltd) [File not signed] C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe
(Glarysoft LTD -> Glarysoft Ltd) [File not signed] C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\Cloudscan\MHCloudSvc.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\PCBooster.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\QuickSearch.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MemfilesService.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\x64ProcessAssistSvc.exe
(Henry++) [File not signed] C:\Program Files\Mem Reduct\memreduct.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> MalwareBytes) C:\Windows\System32\config\systemprofile\AppData\LocalLow\IGDump\wqqjronxecuhixisskyzijykfxjwjsnf\ig.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.9.121.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_9\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NETGEAR -> ) C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_8024d97d167d7438\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\Administrator\AppData\Local\Programs\Opera\73.0.3856.344\opera.exe <17>
(Opera Software AS -> Opera Software) C:\Users\Administrator\AppData\Local\Programs\Opera\73.0.3856.344\opera_crashreporter.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [119000 2020-11-18] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\Administrator\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [MalTray] => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe [982448 2021-02-09] (Glarysoft LTD -> Glarysoft Ltd) [File not signed]
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:maps;cortana;cortana-language;windowsinsider;windowsinsider-optin;windowsdefender;findmydevice
HKLM\...\Policies\Explorer: [DisableThumbnails] 0
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Administrator\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-27] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [Mem Reduct] => C:\Program Files\Mem Reduct\memreduct.exe [309248 2019-02-10] (Henry++) [File not signed]
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [82336 2019-07-16] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [Discord] => C:\Users\Administrator\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [Opera Browser Assistant] => C:\Users\Administrator\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3366040 2021-01-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [Spotify] => C:\Users\Administrator\AppData\Roaming\Spotify\Spotify.exe [25972968 2021-01-28] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-08] (Valve -> Valve Corporation)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Policies\Explorer: [DisableThumbnails] 0
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18ACF0AA-B6A1-4F08-8436-271B0CCB0C1E} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-01-27] (McAfee, Inc. -> McAfee, LLC.)
Task: {20B9EB87-C1CF-4C44-9141-E86132B99C6A} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [993400 2020-10-30] (McAfee, LLC -> McAfee, LLC)
Task: {265F1BFC-573C-4DF5-A8FD-1D10B437C381} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2D2DC7D0-1E13-4CD3-930F-8C7AB677DC9E} - System32\Tasks\GMHAutoScan => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2441136 2021-02-09] (Glarysoft LTD -> Glarysoft Ltd) [File not signed]
Task: {30AFC6CE-2FAB-4A52-9CAB-4745932BF9AA} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [993400 2020-10-30] (McAfee, LLC -> McAfee, LLC)
Task: {3BDA7B93-7CA4-49C2-87AC-DCE6E23BA69A} - System32\Tasks\Opera scheduled Autoupdate 1611763329 => C:\Users\Administrator\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software)
Task: {4B4418FE-4644-4A8D-9CD4-AA3FE95D1105} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993288 2021-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D769CD0-4EDF-489F-AB89-5084EA3817A8} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1627544 2020-07-08] (Bitsum LLC -> Bitsum LLC)
Task: {55812086-D6D1-4973-8D3C-851291442941} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {57848288-2ADE-444C-A084-9C6033711D0C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {600FFD5B-E6E5-42FF-ABC4-817B21AA72D8} - System32\Tasks\Uninstaller_SkipUac_Baal => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6594048 2021-01-06] (IObit) [File not signed]
Task: {639E5A12-04A3-43FB-A850-3ECF3D9FE10F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199272 2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D17C0DA-69ED-4FAE-AE73-134C31473D7D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199272 2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {70FA7427-862F-4482-8DCB-7FA5CEC5C707} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993288 2021-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {84C9F231-8CBB-4256-8921-88A75082CE77} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F05EF4B-55C4-4760-B16B-BD822BFA7BAC} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [1165208 2020-07-08] (Bitsum LLC -> Bitsum LLC)
Task: {9047CA02-5DEB-45D0-951A-716D18F5A796} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2441136 2021-02-09] (Glarysoft LTD -> Glarysoft Ltd) [File not signed]
Task: {92CD423D-1E56-4FD0-9903-76109D260AF9} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.5.132\DADUpdater.exe [4054696 2021-01-18] (McAfee, LLC -> McAfee, LLC)
Task: {94F27786-57AF-4BE2-BF31-B6CA4FF68CC0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {99B00CEC-5B7C-4462-AD1D-77993B6B8C44} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4623976 2020-10-19] (McAfee, LLC -> McAfee, LLC)
Task: {A143C432-668D-46EE-A8FF-FF9516E424C3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B16CCB4B-A293-4665-92D5-C1F6D36386AB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5106A81-119A-426B-981C-F0DE3460A717} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142184 2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B67449F4-31C2-4ED7-BF00-9F9926113981} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142184 2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3BD96AC-480B-47D5-B0D9-C336B19241B3} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [736704 2020-11-03] (McAfee, LLC -> McAfee, LLC)
Task: {C8A2E27B-6506-4CFD-BC47-7396A8A6EA93} - System32\Tasks\Opera scheduled assistant Autoupdate 1611763334 => C:\Users\Administrator\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Administrator\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {DECE4499-7C21-4709-BC5E-276ACF6997FF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {EB5F88E8-8A83-4CE6-BAB5-4D41837F959D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EBFDAC75-528C-4874-A841-41A500D4107C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F298F764-E7A5-494B-A2C9-C12B356BDD9C} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {F61C054E-D337-4DA3-8D18-308E64D3AF3F} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [70984 2020-12-24] (Stanislav Zinukhov -> www.startisback.com)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{07d491a1-f939-4cac-b1b5-cbd0682a4ca2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d60cc1f7-7cd6-4872-8a16-c89a0b00708f}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-01-27] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-11-04] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera: 
=======
OPR Profile: C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable [2021-02-09]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-09]
OPR Extension: (uBlock Origin) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2021-01-27]
StartMenuInternet: (HKU\S-1-5-21-1186616812-1126677590-2245216935-500) OperaStable - "C:\Users\Administrator\AppData\Local\Programs\Opera\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8902024 2021-01-22] (Microsoft Corporation -> Microsoft Corporation)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-12-31] (NVIDIA Corporation -> NVIDIA)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-08] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2021-02-05] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_9\McApExe.exe [779592 2020-11-04] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.9.121.0\\McCSPServiceHost.exe [2785184 2020-11-04] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2020-09-14] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2020-09-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2020-09-14] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1589976 2020-10-30] (McAfee, LLC -> McAfee, LLC)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [309664 2019-07-16] (Locktime Software s.r.o. -> Locktime Software)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4215368 2020-10-19] (McAfee, LLC -> McAfee, LLC)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15221296 2020-11-18] (VMware, Inc. -> )
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-19] (NETGEAR -> )
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_8024d97d167d7438\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_8024d97d167d7438\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [75704 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2021-02-08] (Malwarebytes Corporation -> Malwarebytes)
S3 GUMHFilters; C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [41232 2020-11-23] (Glarysoft LTD -> Glarysoft Ltd)
S1 GUSBootStartup; C:\Windows\System32\drivers\GUSBootStartup.sys [28936 2021-02-09] (Glarysoft LTD -> Glarysoft Ltd)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220600 2021-02-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-02-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198248 2021-02-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-02-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-02-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [142440 2021-02-09] (Malwarebytes Inc -> Malwarebytes)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [89096 2020-05-26] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [531896 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [385464 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85944 2020-09-22] (Microsoft Windows Early Launch Anti-Malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522168 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [1019832 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [603072 2020-09-17] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [107968 2020-09-17] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116664 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252344 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [178944 2019-07-16] (Locktime Software s.r.o. -> Locktime Software)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [25312 2007-01-20] (NETGEAR -> Windows (R) Codename Longhorn DDK provider)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [204544 2020-11-11] (RH Software Ltd -> Ray Hinchliffe)
R1 vmkbd3; C:\Windows\system32\DRIVERS\vmkbd.sys [60344 2020-11-18] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [68544 2020-11-18] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [54592 2020-08-12] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 cbdhsvc_59ed3; no ImagePath
U4 Sense; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-09 14:12 - 2021-02-09 14:12 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-02-09 14:11 - 2021-02-09 14:11 - 000198248 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-02-09 14:11 - 2021-02-09 14:11 - 000142440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-02-09 14:08 - 2021-02-09 14:27 - 000025786 _____ C:\Users\Administrator\Downloads\FRST.txt
2021-02-09 14:06 - 2021-02-09 14:27 - 000000000 ____D C:\FRST
2021-02-09 14:05 - 2021-02-09 14:05 - 002297344 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2021-02-09 14:04 - 2021-02-09 14:04 - 000000000 ___HD C:\$GlaryQuarantine
2021-02-09 13:00 - 2021-02-09 13:00 - 000003826 _____ C:\Windows\system32\Tasks\GMHAutoScan
2021-02-09 12:44 - 2021-02-09 14:13 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\GlarySoft
2021-02-09 12:43 - 2021-02-09 12:43 - 000028936 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUSBootStartup.sys
2021-02-09 12:43 - 2021-02-09 12:43 - 000003060 _____ C:\Windows\system32\Tasks\GMHSkipUAC
2021-02-09 12:43 - 2021-02-09 12:43 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2021-02-09 12:26 - 2021-02-09 12:26 - 000000000 ___HD C:\Users\Administrator\MicrosoftEdgeBackups
2021-02-09 12:11 - 2021-02-09 12:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2021-02-09 12:11 - 2021-02-09 12:11 - 000002950 _____ C:\Windows\system32\Tasks\Uninstaller_SkipUac_Baal
2021-02-09 12:11 - 2021-02-09 12:11 - 000001338 _____ C:\Users\Administrator\Desktop\IObit Uninstaller.lnk
2021-02-09 12:11 - 2021-02-09 12:11 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\IObit
2021-02-09 12:11 - 2021-02-09 12:11 - 000000000 ____D C:\Program Files (x86)\IObit
2021-02-09 12:07 - 2021-02-09 12:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2021-02-08 22:38 - 2021-02-08 22:39 - 000000000 ____D C:\Users\Administrator\Desktop\NosVipClient
2021-02-08 21:45 - 2021-02-08 22:38 - 272431467 _____ C:\Users\Administrator\Downloads\NosVipClient.zip
2021-02-08 17:12 - 2021-02-08 17:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\OO Software
2021-02-08 13:50 - 2021-02-08 13:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2021-02-08 13:00 - 2020-11-11 11:17 - 000204544 _____ (Ray Hinchliffe) C:\Windows\system32\Drivers\SIVX64.sys
2021-02-08 12:51 - 2021-01-15 20:54 - 000000000 ____D C:\Users\Administrator\Desktop\integrity_verification
2021-02-08 12:51 - 2021-01-15 19:51 - 000000000 ____D C:\Users\Administrator\Desktop\tron
2021-02-08 12:44 - 2021-02-08 12:51 - 544388001 _____ (Igor Pavlov) C:\Users\Administrator\Downloads\Tron v11.1.6 (2021-01-15).exe
2021-02-08 12:41 - 2021-02-08 12:41 - 000220600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-02-08 12:28 - 2021-02-08 12:53 - 000001572 _____ C:\Windows\SysWOW64\tmp.reg
2021-02-08 12:28 - 2021-02-08 12:53 - 000000691 _____ C:\Users\Administrator\AppData\Roaming\GetValue.vbs
2021-02-08 12:28 - 2021-02-08 12:53 - 000000035 _____ C:\Users\Administrator\AppData\Roaming\SetValue.bat
2021-02-08 12:28 - 2021-02-08 12:53 - 000000000 _____ C:\Windows\SysWOW64\tmp.txt
2021-02-08 12:22 - 2021-02-08 12:53 - 000000000 ____D C:\Users\Administrator\Downloads\SmitfraudFix
2021-02-08 12:22 - 2009-06-02 11:17 - 000075776 _____ C:\Windows\SysWOW64\WS2Fix.exe
2021-02-08 12:22 - 2008-12-12 01:57 - 000078336 _____ (S!Ri.URZ) C:\Windows\SysWOW64\Agent.OMZ.Fix.exe
2021-02-08 12:22 - 2008-11-29 18:58 - 000082944 _____ (S!Ri.URZ) C:\Windows\SysWOW64\IEDFix.C.exe
2021-02-08 12:22 - 2008-10-01 15:51 - 000087552 _____ (S!Ri.URZ) C:\Windows\SysWOW64\VACFix.exe
2021-02-08 12:22 - 2008-09-20 12:45 - 000080384 _____ (S!Ri.URZ) C:\Windows\SysWOW64\o4Patch.exe
2021-02-08 12:22 - 2008-08-18 12:19 - 000082432 _____ (S!Ri.URZ) C:\Windows\SysWOW64\404Fix.exe
2021-02-08 12:22 - 2008-05-18 21:40 - 000082944 _____ (S!Ri.URZ) C:\Windows\SysWOW64\IEDFix.exe
2021-02-08 12:22 - 2007-09-06 00:22 - 000289144 _____ (S!Ri) C:\Windows\SysWOW64\VCCLSID.exe
2021-02-08 12:22 - 2006-12-01 06:20 - 000079360 _____ (SteelWerX) C:\Windows\SysWOW64\swxcacls.exe
2021-02-08 12:22 - 2006-08-29 19:43 - 000135168 _____ (SteelWerX) C:\Windows\SysWOW64\swreg.exe
2021-02-08 12:22 - 2006-04-27 17:49 - 000288417 _____ (S!Ri) C:\Windows\SysWOW64\SrchSTS.exe
2021-02-08 12:22 - 2006-01-09 10:36 - 000040960 _____ C:\Windows\SysWOW64\swsc.exe
2021-02-08 12:22 - 2004-07-31 18:50 - 000051200 _____ C:\Windows\SysWOW64\dumphive.exe
2021-02-08 12:22 - 2003-06-05 21:13 - 000053248 _____ (hxxp://www.beyondlogic.org) C:\Windows\SysWOW64\Process.exe
2021-02-08 12:13 - 2021-02-08 12:13 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbam
2021-02-08 12:12 - 2021-02-08 12:41 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-02-08 12:12 - 2021-02-08 12:11 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-02-08 12:12 - 2021-02-08 12:11 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-02-07 18:23 - 2021-02-07 18:23 - 000001128 _____ C:\Users\Administrator\Desktop\RubyTale.exe - Verknüpfung.lnk
2021-02-07 10:18 - 2021-02-07 10:18 - 000002141 _____ C:\Users\Administrator\Desktop\Taoists.lnk
2021-02-05 23:57 - 2021-02-06 00:03 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\NosWings
2021-02-05 23:54 - 2021-02-05 23:55 - 000000000 ____D C:\Program Files\dotnet
2021-02-05 23:53 - 2021-02-05 23:53 - 000002106 _____ C:\Users\Administrator\Desktop\NosWings Launcher.exe - Verknüpfung.lnk
2021-02-05 11:34 - 2021-02-05 11:34 - 000131323 _____ C:\Users\Administrator\Downloads\Geschichte_1_BRD_Zusammenbruchgesellschaft_Deutschland 1945.pdf
2021-02-05 08:35 - 2021-02-05 08:35 - 000416427 _____ C:\Users\Administrator\Downloads\01-AB GG-Preis.pdf
2021-02-05 08:35 - 2021-02-05 08:35 - 000121993 _____ C:\Users\Administrator\Downloads\02_ÜA Marktgleichgewicht.pdf
2021-02-05 08:34 - 2021-02-05 08:34 - 000140889 _____ C:\Users\Administrator\Downloads\Lösungen_NachfrageEL_29.01.2021 (1).pdf
2021-02-04 20:52 - 2021-02-04 20:53 - 029352480 _____ (TeamViewer Germany GmbH) C:\Users\Administrator\Downloads\TeamViewer_Setup.exe
2021-02-04 20:25 - 2021-02-04 20:25 - 000000000 ____D C:\Windows\SysWOW64\BTPLConfig
2021-02-04 11:47 - 2021-02-04 12:18 - 000001604 _____ C:\Users\Administrator\Desktop\Neues Textdokument (7).txt
2021-02-04 11:44 - 2021-02-04 11:44 - 000225524 _____ C:\Users\Administrator\Downloads\Einzelunternehmen.zip
2021-02-04 11:44 - 2021-02-04 11:44 - 000225524 _____ C:\Users\Administrator\Desktop\Einzelunternehmen.zip
2021-02-04 11:44 - 2021-02-04 10:44 - 000000000 ____D C:\Users\Administrator\Desktop\Einzelunternehmen
2021-02-04 09:40 - 2021-02-04 09:40 - 000112529 _____ C:\Users\Administrator\Downloads\19_BSV_AG.pdf
2021-02-04 08:42 - 2021-02-04 08:43 - 006455520 _____ (EnigmaSoft Limited) C:\Users\Administrator\Downloads\SpyHunter-Installer.exe
2021-02-04 08:42 - 2021-02-04 08:42 - 002086424 _____ (Malwarebytes) C:\Users\Administrator\Downloads\MBSetup-092170.092170-consumer.exe
2021-02-04 08:27 - 2021-02-04 08:27 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbarw
2021-02-04 08:24 - 2021-02-08 12:25 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-03 21:25 - 2021-02-09 12:15 - 000000000 ____D C:\Windows\ShellNew
2021-02-03 21:23 - 2021-02-03 21:24 - 012298408 _____ (AutoIt Team) C:\Users\Administrator\Downloads\autoit-v3-setup.exe
2021-02-03 21:16 - 2021-02-03 21:16 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Pecado
2021-02-03 18:02 - 2021-02-03 18:02 - 000000000 ____D C:\Users\Administrator\Desktop\Windows
2021-02-03 16:22 - 2021-02-07 18:47 - 000000000 ____D C:\Users\Administrator\Desktop\things
2021-02-03 14:33 - 2021-02-03 14:33 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\dnSpy
2021-02-03 14:28 - 2021-02-03 14:32 - 000003875 _____ C:\Users\Administrator\Desktop\settings.xml
2021-02-03 14:27 - 2021-02-03 14:27 - 001301159 _____ C:\Users\Administrator\Downloads\Extreme.Injector.v3.7.3.-.by.master131.rar
2021-02-03 14:23 - 2021-02-03 11:43 - 001742336 _____ () C:\Users\Administrator\Desktop\EWSF.dll
2021-02-03 14:23 - 2020-02-14 21:36 - 001686016 _____ C:\Users\Administrator\Desktop\Main.dll
2021-02-03 14:22 - 2021-02-03 14:23 - 000000000 ____D C:\Users\Administrator\Desktop\EWSF EMM
2021-02-03 14:22 - 2021-02-03 14:22 - 004461471 _____ C:\Users\Administrator\Downloads\multiDLL injector.rar
2021-02-03 14:12 - 2021-02-03 14:12 - 000001128 _____ C:\Users\Administrator\Desktop\EastMile.exe - Verknüpfung.lnk
2021-02-03 14:06 - 2021-02-03 14:16 - 000000000 ____D C:\Users\Administrator\Desktop\NosByte - Kopie
2021-02-03 14:03 - 2021-02-03 14:03 - 000000000 ____D C:\Users\Administrator\AppData\Local\dnSpy
2021-02-03 14:02 - 2021-02-03 14:03 - 000000000 ____D C:\Users\Administrator\Downloads\dnSpy-net-win64
2021-02-03 14:01 - 2021-02-03 14:02 - 085810042 _____ C:\Users\Administrator\Downloads\dnSpy-net-win64.zip
2021-02-03 13:57 - 2021-02-03 13:57 - 001687914 _____ C:\Users\Administrator\Desktop\EWSF.EWS
2021-02-03 13:53 - 2021-02-08 13:52 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Notepad++
2021-02-03 13:53 - 2021-02-03 14:21 - 000000000 ____D C:\Users\Administrator\Desktop\EWSF NV
2021-02-03 13:53 - 2021-02-03 13:54 - 000000000 ____D C:\Users\Administrator\Desktop\EWSF EM
2021-02-03 13:53 - 2021-02-03 13:53 - 000000000 ____D C:\Program Files\Notepad++
2021-02-03 13:52 - 2021-02-03 13:53 - 002846896 _____ C:\Users\Administrator\Downloads\npp.7.Installer.x64.exe
2021-02-03 13:52 - 2021-02-03 13:52 - 000001586 _____ C:\Users\Administrator\Desktop\EastMile.exe - Verknüpfung (3).lnk
2021-02-03 13:47 - 2021-02-08 22:49 - 000020236 _____ C:\Users\Administrator\Desktop\NT.txt
2021-02-03 13:44 - 2021-02-03 13:44 - 000001218 _____ C:\Users\Administrator\Desktop\EastMile.exe - Verknüpfung (2).lnk
2021-02-03 13:42 - 2021-02-08 16:43 - 000000728 _____ C:\Users\Administrator\Desktop\Manager.exe - Verknüpfung.lnk
2021-02-03 13:37 - 2020-10-10 11:00 - 003492936 _____ (Entwell) C:\Users\Administrator\Desktop\EastMile.exe
2021-02-03 11:40 - 2021-02-09 12:15 - 000000000 ____D C:\Program Files (x86)\Eastmile Client
2021-02-03 11:38 - 2021-02-03 11:38 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Eastmile
2021-02-03 11:27 - 2021-02-03 11:37 - 085181928 _____ (Eastmile) C:\Users\Administrator\Downloads\EastmileSetup.exe
2021-02-03 10:13 - 2021-02-03 10:13 - 000000000 ____D C:\Users\Administrator\Documents\vroid
2021-02-03 10:13 - 2021-02-03 10:13 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\pixiv
2021-02-03 10:10 - 2021-02-03 10:12 - 428566936 _____ (pixiv Inc. ) C:\Users\Administrator\Downloads\VRoidStudio-v0.12.1-win.exe
2021-02-03 08:54 - 2021-02-03 08:54 - 000000000 _____ C:\Users\Administrator\Desktop\Neues Textdokument (6).txt
2021-02-03 08:33 - 2021-02-04 15:14 - 000011500 _____ C:\Users\Administrator\Desktop\Microsoft Excel-Arbeitsblatt (neu).xlsx
2021-02-02 13:22 - 2021-02-02 13:22 - 2966290432 _____ C:\Users\Administrator\Downloads\Unconfirmed 618904.crdownload
2021-02-02 11:28 - 2021-02-02 11:28 - 000142263 _____ C:\Users\Administrator\Downloads\18_+£b Maschinenstd.pdf
2021-02-02 05:28 - 2021-02-02 05:28 - 000000000 ____D C:\Users\Andere\AppData\Local\PeerDistRepub
2021-02-02 02:13 - 2021-02-02 02:13 - 045092380 _____ C:\Users\Andere\Downloads\SpaceHDR#1.zip
2021-02-02 02:05 - 2021-02-02 02:05 - 045133648 _____ C:\Users\Andere\Downloads\dirty_concrete_4k_jpg.zip
2021-02-01 23:01 - 2021-02-01 23:01 - 000000000 ____D C:\Users\Administrator\Documents\xgen
2021-02-01 22:57 - 2021-02-01 22:59 - 000000000 ____D C:\Users\Administrator\Documents\maya
2021-02-01 22:57 - 2021-02-01 22:57 - 000000000 ____D C:\Users\Administrator\AppData\Local\AdSSO
2021-02-01 21:48 - 2021-02-01 21:48 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\.mono
2021-02-01 21:47 - 2021-02-01 21:47 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\miHoYo
2021-02-01 20:42 - 2021-02-01 20:42 - 000000000 ____D C:\Users\Administrator\AppData\Local\miHoYo
2021-02-01 20:41 - 2021-02-07 09:57 - 000000000 ____D C:\Program Files\Genshin Impact
2021-02-01 20:41 - 2021-02-03 08:33 - 000001054 _____ C:\Users\Administrator\Desktop\Genshin Impact.lnk
2021-02-01 20:40 - 2021-02-01 20:41 - 124657792 _____ (miHoYo) C:\Users\Administrator\Downloads\GenshinImpact_install_20210122160343.exe
2021-02-01 18:10 - 2021-02-01 18:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\Ghostrunner
2021-02-01 18:03 - 2021-02-01 18:03 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2021-02-01 18:03 - 2021-02-01 18:03 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-02-01 18:03 - 2021-02-01 18:03 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-02-01 18:02 - 2021-02-01 18:02 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-02-01 18:02 - 2021-02-01 18:02 - 000000000 ____D C:\Program Files\MSBuild
2021-02-01 17:04 - 2020-12-30 03:56 - 000000000 ____D C:\Users\Administrator\Desktop\Ghostrunner.v32091.GOG
2021-02-01 12:23 - 2021-02-01 12:23 - 000483602 _____ C:\Users\Administrator\Downloads\OneDrive_1_1.2.2021.zip
2021-02-01 11:49 - 2021-02-03 18:38 - 000000471 _____ C:\Users\Administrator\Desktop\Neues Textdokument (5).txt
2021-02-01 11:23 - 2021-02-01 12:24 - 000223269 _____ C:\Users\Administrator\Desktop\17 BAB und Kostenträgerzeitblatt.pdf
2021-02-01 11:23 - 2021-02-01 12:24 - 000142263 _____ C:\Users\Administrator\Desktop\18_+£b Maschinenstd.pdf
2021-02-01 11:23 - 2021-02-01 12:24 - 000117624 _____ C:\Users\Administrator\Desktop\16_+ÜbKR.pdf
2021-02-01 11:01 - 2021-02-01 11:01 - 000119668 _____ C:\Users\Administrator\Downloads\SA1_FSJ_ Fa_Kö (1).pdf
2021-02-01 11:00 - 2021-02-01 11:00 - 000132066 _____ C:\Users\Administrator\Downloads\Argumente.pdf
2021-02-01 10:57 - 2021-02-01 10:57 - 000000000 ____D C:\Users\Administrator\Desktop\FSJ
2021-02-01 10:56 - 2021-02-01 10:56 - 000093439 _____ C:\Users\Administrator\Downloads\FSJ.zip
2021-02-01 09:39 - 2021-02-01 09:39 - 000140889 _____ C:\Users\Administrator\Downloads\Lösungen_NachfrageEL_29.01.2021.pdf
2021-02-01 08:10 - 2021-02-02 10:44 - 000000734 _____ C:\Users\Administrator\Desktop\Neues Textdokument (4).txt
2021-02-01 08:10 - 2021-02-01 08:04 - 000020013 _____ C:\Users\Administrator\Desktop\Exercise – Translation.pdf
2021-02-01 08:04 - 2021-02-01 08:04 - 000020013 _____ C:\Users\Administrator\Downloads\Exercise – Translation.pdf
2021-02-01 08:00 - 2021-02-01 08:00 - 015683242 _____ C:\Users\Administrator\Downloads\02 Aufgaben zu den Wahrscheinlichkeitsverteilungen.pdf
2021-01-31 19:07 - 2021-01-31 19:41 - 1063004405 _____ C:\Users\Administrator\Downloads\Ghostrunner.v32091.GOG.part1.rar
2021-01-31 19:07 - 2021-01-31 19:27 - 1063004405 _____ C:\Users\Administrator\Downloads\Ghostrunner.v32091.GOG.part2.rar
2021-01-31 19:07 - 2021-01-31 19:13 - 2540367956 _____ C:\Users\Administrator\Downloads\Ghostrunner.v32091.GOG.part3.rar
2021-01-31 17:01 - 2021-01-31 17:01 - 000150912 _____ C:\Users\Andere\Downloads\Extractinator.fbx
2021-01-31 16:03 - 2021-01-31 16:03 - 000000000 ____D C:\Users\Andere\Documents\xgen
2021-01-31 14:08 - 2021-01-31 14:08 - 000000000 _____ C:\Users\Administrator\Desktop\Neues Textdokument (3).txt
2021-01-31 12:52 - 2021-01-31 12:52 - 000006595 _____ C:\Users\Administrator\Desktop\Stunden.xlsx
2021-01-30 12:01 - 2021-01-30 12:01 - 000000000 ____D C:\Users\Administrator\Downloads\Mount.&.Blade.II.Bannerlord.Steam.Rip-InsaneRamZes
2021-01-30 08:45 - 2021-02-01 18:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\UnrealEngine
2021-01-30 08:45 - 2021-01-30 08:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Goldberg SteamEmu Saves
2021-01-30 08:45 - 2021-01-30 08:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\COVOID20
2021-01-29 23:01 - 2021-01-29 23:01 - 000000000 ____D C:\Users\Andere\Downloads\licenses-da1fa3eec9cfd51cba59
2021-01-29 22:51 - 2021-01-29 22:51 - 000003719 _____ C:\Users\Andere\Downloads\licenses-da1fa3eec9cfd51cba59.zip
2021-01-29 22:50 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\Documents\Allegorithmic
2021-01-29 22:50 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Allegorithmic
2021-01-29 22:50 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\Allegorithmic
2021-01-29 22:34 - 2021-01-29 22:40 - 1546084360 _____ (Allegorithmic ) C:\Users\Andere\Downloads\Substance_Painter-7.1.0-804-msvc14-x64-standard.exe
2021-01-29 15:04 - 2021-01-29 15:31 - 419745637 _____ C:\Users\Administrator\Downloads\COVID.20.Early.Access.zip
2021-01-29 14:33 - 2021-01-29 14:33 - 002048790 _____ C:\Users\Administrator\Downloads\SpeedAutoClicker-v1.6.2.zip
2021-01-29 14:33 - 2021-01-29 14:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\fabi.me
2021-01-29 14:13 - 2021-01-29 14:13 - 000000000 ____D C:\Users\Administrator\AppData\Local\DrvVideo
2021-01-29 12:45 - 2021-01-29 12:45 - 000000000 ____D C:\Users\Administrator\Documents\Benutzerdefinierte Office-Vorlagen
2021-01-29 12:43 - 2021-01-29 12:43 - 000208755 _____ C:\Users\Administrator\Downloads\SA1_FSJ_ Fa_Kö.pdf
2021-01-29 12:35 - 2021-01-29 12:35 - 000093423 _____ C:\Users\Administrator\Downloads\OneDrive_2_29.1.2021.zip
2021-01-29 12:14 - 2021-02-08 14:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-29 12:14 - 2021-01-29 12:14 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-01-29 11:44 - 2021-02-05 12:46 - 000006759 _____ C:\Users\Administrator\Desktop\Neues Textdokument (2).txt
2021-01-29 11:43 - 2021-01-29 11:43 - 000261729 _____ C:\Users\Administrator\Downloads\USA bis 1945_10_Die USA im Zweiten Weltkrieg_AB zum Film.pdf
2021-01-29 11:30 - 2021-02-02 13:16 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\files
2021-01-29 11:30 - 2021-01-29 11:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\AdvinstAnalytics
2021-01-29 11:30 - 2021-01-29 11:30 - 000000000 ____D C:\Program Files (x86)\OInstall
2021-01-29 09:26 - 2021-01-29 09:26 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Shugasu
2021-01-29 09:25 - 2021-01-29 09:25 - 000000222 _____ C:\Users\Administrator\Desktop\Idling to Rule the Gods.url
2021-01-29 09:25 - 2021-01-29 09:25 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-29 09:22 - 2021-01-29 09:22 - 000000000 ____D C:\Users\Administrator\AppData\Local\Steam
2021-01-29 09:20 - 2021-02-09 14:15 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-29 09:19 - 2021-01-29 09:19 - 001573568 _____ C:\Users\Administrator\Downloads\SteamSetup.exe
2021-01-29 09:18 - 2021-01-29 09:18 - 000599902 _____ C:\Users\Administrator\Downloads\OneDrive_1_29.1.2021.zip
2021-01-29 08:04 - 2021-01-29 08:04 - 000199077 _____ C:\Users\Administrator\Downloads\M an Eltern_Verlängerung des Distanzunterrichts.pdf
2021-01-28 21:26 - 2021-01-28 21:30 - 000000000 ____D C:\Users\Administrator\Desktop\COVID-20
2021-01-28 16:16 - 2021-02-03 08:33 - 000002161 _____ C:\Users\Administrator\Desktop\Werewolf Online.lnk
2021-01-28 14:00 - 2021-01-28 14:00 - 000910677 _____ C:\Users\Administrator\Downloads\BWR Förderkurs.zip
2021-01-28 14:00 - 2021-01-28 14:00 - 000000000 ____D C:\Users\Administrator\Desktop\BWR Förderkurs
2021-01-28 13:54 - 2021-01-28 13:54 - 000003944 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2021-01-28 13:44 - 2021-01-28 13:51 - 000000000 ____D C:\Program Files\BlueStacks
2021-01-28 13:40 - 2021-01-28 13:43 - 000000000 ____D C:\Users\Administrator\AppData\Local\BlueStacksSetup
2021-01-28 13:40 - 2021-01-28 13:43 - 000000000 ____D C:\Users\Administrator\AppData\Local\Bluestacks
2021-01-28 13:40 - 2021-01-28 13:40 - 001232960 _____ (BlueStack Systems Inc.) C:\Users\Administrator\Downloads\BlueStacksInstaller_4.260.0.1032_native_917903eb0bb4e81980ee9f78a7c69bbb.exe
2021-01-28 12:09 - 2021-01-28 12:09 - 000058367 _____ C:\Users\Administrator\Downloads\Gesetzestexte Firma.pdf
2021-01-28 10:42 - 2021-01-28 12:09 - 000000000 ____D C:\Users\Administrator\Desktop\Firma
2021-01-28 10:42 - 2021-01-28 10:42 - 000216340 _____ C:\Users\Administrator\Downloads\Handelsregister.zip
2021-01-28 10:42 - 2021-01-28 10:42 - 000000000 ____D C:\Users\Administrator\Desktop\Handelsregister
2021-01-28 10:41 - 2021-01-28 10:42 - 000067024 _____ C:\Users\Administrator\Downloads\Firma.zip
2021-01-28 09:52 - 2021-02-01 14:29 - 000000000 ____D C:\Users\Administrator\AppData\Local\Spotify
2021-01-28 09:52 - 2021-02-01 12:46 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Spotify
2021-01-28 09:52 - 2021-01-28 09:52 - 000001908 _____ C:\Users\Administrator\Desktop\Spotify.lnk
2021-01-28 09:52 - 2021-01-28 09:52 - 000001894 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2021-01-28 09:51 - 2021-01-28 09:51 - 067415024 _____ (Spotify Ltd) C:\Users\Administrator\Downloads\SpotifyFullSetup.exe
2021-01-28 09:51 - 2021-01-28 09:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2021-01-28 09:04 - 2021-01-28 09:04 - 000234351 _____ C:\Users\Administrator\Downloads\OneDrive_1_28.1.2021.zip
2021-01-28 08:29 - 2021-01-28 08:29 - 000112295 _____ C:\Users\Administrator\Downloads\USA bis 1945_9 b_Weltwirtschaftskrise und New Deal_Tafelbild unter Berücksichtigung der Auswirkungen auf Deutschland.pdf
2021-01-28 08:04 - 2021-01-28 09:04 - 000214113 _____ C:\Users\Administrator\Desktop\Angabe_Übung.pdf
2021-01-28 08:04 - 2021-01-28 09:04 - 000019976 _____ C:\Users\Administrator\Desktop\Angabe.xlsx
2021-01-28 07:46 - 2021-01-28 08:16 - 000002625 _____ C:\Users\Administrator\Desktop\Neues Textdokument.txt
2021-01-28 07:46 - 2021-01-28 07:46 - 000090376 _____ C:\Users\Administrator\Downloads\USA bis 1945_9 a_Weltwirtschaftskrise und New Deal_Einstieg_Fragen zum Film.pdf
2021-01-27 22:51 - 2021-01-27 22:51 - 000000000 ____D C:\Users\Administrator\Documents\Virtual Machines
2021-01-27 20:47 - 2021-01-27 22:47 - 968556544 _____ C:\Users\Administrator\Desktop\BlackWindowV2.iso
2021-01-27 20:43 - 2021-01-27 20:43 - 000000000 ____D C:\Windows\pss
2021-01-27 17:21 - 2021-02-03 07:47 - 000000000 __RSD C:\Users\Andere\Documents\McAfee-Tresore
2021-01-27 17:21 - 2021-01-27 17:21 - 000000000 ____D C:\Users\Andere\AppData\Local\McAfee File Lock
2021-01-27 17:17 - 2021-01-27 17:18 - 000000000 ____D C:\Users\Andere\AppData\Roaming\PotPlayerMini64
2021-01-27 17:17 - 2021-01-27 17:17 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Daum
2021-01-27 17:17 - 2021-01-27 17:17 - 000000000 _____ C:\Users\Administrator\Desktop\19.txt
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\PotPlayerMini64
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\NVIDIA
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Daum
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Program Files\DAUM
2021-01-27 17:03 - 2021-02-07 19:27 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\obs-studio
2021-01-27 17:02 - 2021-02-03 08:33 - 000001451 _____ C:\Users\Administrator\Desktop\Opera-Browser.lnk
2021-01-27 17:02 - 2021-01-27 17:03 - 000000000 ____D C:\Program Files\obs-studio
2021-01-27 17:02 - 2021-01-27 17:02 - 075607864 _____ (obsproject.com) C:\Users\Administrator\Downloads\OBS-Studio-26.1.1-Full-Installer-x64.exe
2021-01-27 17:02 - 2021-01-27 17:02 - 000004490 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1611763334
2021-01-27 17:02 - 2021-01-27 17:02 - 000004242 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1611763329
2021-01-27 17:02 - 2021-01-27 17:02 - 000001515 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-01-27 17:02 - 2021-01-27 17:02 - 000000000 ____D C:\Users\Administrator\AppData\Local\Opera Software
2021-01-27 17:01 - 2021-01-27 17:01 - 002405080 _____ (Opera Software) C:\Users\Administrator\Downloads\OperaSetup.exe
2021-01-27 17:01 - 2021-01-27 17:01 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Opera Software
2021-01-27 12:15 - 2021-01-27 15:56 - 000000000 ____D C:\Users\Administrator\.megabasterd7.40
2021-01-27 12:15 - 2021-01-27 12:15 - 000000000 ____D C:\Users\Administrator\.megabasterd_old_backups
2021-01-27 12:12 - 2021-01-27 12:13 - 079910363 _____ C:\Users\Administrator\Downloads\MegaBasterdWINDOWS_7.40_portable.zip
2021-01-27 11:29 - 2021-01-27 11:29 - 000000000 ____D C:\Windows\CSC
2021-01-27 11:25 - 2021-02-09 12:54 - 000000000 ____D C:\Windows\Minidump
2021-01-27 08:41 - 2021-01-27 08:41 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Mechanistry
2021-01-27 08:31 - 2020-05-26 00:11 - 000218960 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2021-01-27 08:30 - 2021-02-09 14:14 - 000000000 __RSD C:\Users\Administrator\Documents\McAfee-Tresore
2021-01-27 08:30 - 2021-01-27 08:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\McAfee File Lock
2021-01-27 08:30 - 2020-05-26 00:12 - 000089096 _____ (McAfee, LLC) C:\Windows\system32\Drivers\McPvDrv.sys
2021-01-27 08:29 - 2021-01-27 08:35 - 738041074 _____ C:\Users\Administrator\Downloads\timberborn.rar
2021-01-27 08:29 - 2021-01-27 08:29 - 000003346 _____ C:\Windows\system32\Tasks\McAfeeLogon
2021-01-27 08:28 - 2021-02-08 21:16 - 000000000 ____D C:\Windows\system32\Tasks\McAfee
2021-01-27 08:28 - 2021-01-27 09:28 - 000003710 _____ C:\Windows\system32\Tasks\McAfee Remediation (Prepare)
2021-01-27 08:27 - 2021-01-27 08:42 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-01-27 08:27 - 2021-01-27 08:31 - 000000000 ____D C:\Program Files\McAfee
2021-01-27 08:27 - 2021-01-27 08:28 - 000000000 ____D C:\Program Files\McAfee.com
2021-01-27 08:27 - 2021-01-27 08:27 - 000000000 ____D C:\Program Files\Common Files\AV
2021-01-27 08:25 - 2021-01-27 08:31 - 000000000 ____D C:\Program Files\Common Files\McAfee
2021-01-27 08:25 - 2021-01-27 08:25 - 071087152 _____ (McAfee, LLC) C:\Users\Administrator\Downloads\McAfee_Installer_serial_zWqVEGfvPnAxblsHhHuOGw2_key_affid_850_akey.exe
2021-01-27 08:25 - 2020-09-14 14:01 - 000579040 _____ (McAfee, LLC) C:\Windows\system32\mfevtps.exe
2021-01-27 08:21 - 2021-02-09 01:30 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\discord
2021-01-27 08:21 - 2021-02-03 08:33 - 000002285 _____ C:\Users\Administrator\Desktop\Discord.lnk
2021-01-27 08:21 - 2021-01-27 08:21 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-01-27 08:20 - 2021-01-27 08:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\Discord
2021-01-27 08:20 - 2021-01-27 08:20 - 068822328 _____ (Discord Inc.) C:\Users\Administrator\Downloads\DiscordSetup.exe
2021-01-27 08:10 - 2021-01-27 08:10 - 000000000 ____D C:\Users\Andere\AppData\Roaming\NVIDIA
2021-01-27 07:19 - 2021-01-26 22:19 - 000000000 ____D C:\Users\Andere\AppData\Local\AdSSO
2021-01-27 07:09 - 2021-02-09 14:15 - 000000000 ____D C:\Program Files\CCleaner
2021-01-27 07:09 - 2021-02-03 20:45 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-27 07:09 - 2021-01-27 07:09 - 030584912 _____ (Piriform Software Ltd) C:\Users\Administrator\Downloads\ccsetup576.exe
2021-01-27 07:09 - 2021-01-27 07:09 - 000002886 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-01-27 07:02 - 2021-01-27 07:02 - 000000000 ____D C:\Users\Administrator\Downloads\C2F98634-0139-4EB2-B26C-821D090559CC
2021-01-27 06:57 - 2021-01-27 06:57 - 000000850 _____ C:\Users\Andere\Desktop\Mem Reduct.lnk
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\VMware
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mem Reduct
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Locktime
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Henry++
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Local\VMware
2021-01-27 06:55 - 2021-01-27 06:55 - 000000000 ____D C:\Users\Andere\AppData\Roaming\ProcessLasso
2021-01-27 06:48 - 2021-01-27 06:48 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Locktime
2021-01-27 06:48 - 2021-01-27 06:48 - 000000000 ____D C:\Program Files\Locktime Software
2021-01-27 06:47 - 2021-02-03 19:34 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\VMware
2021-01-27 06:47 - 2021-02-03 19:34 - 000000000 ____D C:\Users\Administrator\AppData\Local\VMware
2021-01-27 06:47 - 2020-11-18 06:53 - 000110696 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2021-01-27 06:47 - 2020-11-18 06:53 - 000060344 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmkbd.sys
2021-01-27 06:47 - 2020-08-11 09:25 - 000048224 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2021-01-27 06:47 - 2020-08-11 09:25 - 000044128 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2021-01-27 06:47 - 2020-08-11 09:24 - 000105912 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2021-01-27 06:46 - 2021-01-27 06:46 - 000001024 _____ C:\Windows\SysWOW64\%TMP%
2021-01-27 06:46 - 2020-11-18 07:01 - 001305304 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2021-01-27 06:46 - 2020-11-18 06:59 - 000422104 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2021-01-27 06:46 - 2020-11-18 06:59 - 000379440 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2021-01-27 06:46 - 2020-11-18 06:59 - 000119736 _____ (VMware, Inc.) C:\Windows\system32\vnetinst.dll
2021-01-27 06:46 - 2020-11-18 06:59 - 000045664 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2021-01-27 06:46 - 2020-10-01 18:46 - 000085448 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2021-01-27 06:45 - 2021-01-27 06:45 - 001667630 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2021-01-27 06:45 - 2021-01-27 06:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Locktime Software
2021-01-27 06:45 - 2021-01-27 06:45 - 000000000 ____D C:\Program Files\Common Files\VMware
2021-01-27 06:45 - 2021-01-27 06:45 - 000000000 ____D C:\Program Files (x86)\VMware
2021-01-27 06:38 - 2021-01-27 06:38 - 000003106 _____ C:\Windows\system32\Tasks\Process Lasso Management Console (GUI)
2021-01-27 06:38 - 2021-01-27 06:38 - 000003096 _____ C:\Windows\system32\Tasks\Process Lasso Core Engine Only
2021-01-27 06:37 - 2021-01-27 06:39 - 000000000 ____D C:\Program Files\Process Lasso
2021-01-27 06:37 - 2021-01-27 06:38 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\ProcessLasso
2021-01-27 06:37 - 2021-01-27 06:37 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Henry++
2021-01-27 06:36 - 2021-02-03 08:33 - 000000894 _____ C:\Users\Administrator\Desktop\Mem Reduct.lnk
2021-01-27 06:36 - 2021-01-27 06:36 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mem Reduct
2021-01-27 06:36 - 2021-01-27 06:36 - 000000000 ____D C:\Program Files\Mem Reduct
2021-01-27 06:29 - 2021-02-04 08:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2021-01-27 06:24 - 2021-02-01 22:57 - 000000000 ____D C:\Users\Administrator\AppData\Local\Autodesk
2021-01-27 06:24 - 2021-01-27 07:02 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Autodesk
2021-01-27 06:24 - 2021-01-26 23:11 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Autodesk Installer
2021-01-27 06:22 - 2021-02-02 18:45 - 000000000 ____D C:\Users\Andere\AppData\Local\CrashDumps
2021-01-27 06:18 - 2021-01-27 06:18 - 000000424 _____ C:\Users\Andere\Desktop\Dieser PC.lnk
2021-01-27 06:17 - 2021-02-02 01:54 - 000000000 ____D C:\Users\Andere\Documents\maya
2021-01-27 06:17 - 2021-01-29 22:46 - 000000000 ____D C:\Program Files\Allegorithmic
2021-01-27 06:17 - 2021-01-27 06:17 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arnold for Maya 2020
2021-01-27 06:17 - 2021-01-27 06:17 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2021-01-27 06:16 - 2021-01-27 06:16 - 000000000 ____D C:\Program Files (x86)\Autodesk
2021-01-27 06:15 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\D3DSCache
2021-01-27 06:01 - 2021-01-26 23:13 - 000000000 ____D C:\Program Files\Autodesk
2021-01-27 06:00 - 2021-01-27 06:50 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Autodesk Installer
2021-01-27 06:00 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Autodesk
2021-01-27 05:59 - 2021-01-31 18:35 - 000000000 ____D C:\Users\Andere\AppData\Local\Autodesk
2021-01-27 05:59 - 2021-01-27 05:59 - 008699096 _____ (Autodesk, Inc.) C:\Users\Andere\Downloads\Autodesk_Maya_2020_ML_Windows_64bit_di_en-US_setup_webinstall.exe
2021-01-27 05:52 - 2021-01-29 22:27 - 000000000 ____D C:\Users\Andere\AppData\Local\PlaceholderTileLogoFolder
2021-01-27 05:50 - 2021-01-27 06:22 - 000000000 ____D C:\Users\Andere\AppData\Local\StartIsBack
2021-01-27 05:50 - 2021-01-27 05:50 - 000000000 ____D C:\Users\Andere\AppData\Local\CEF
2021-01-27 05:50 - 2021-01-27 05:50 - 000000000 ____D C:\Users\Andere\ansel
2021-01-27 05:49 - 2021-02-04 20:54 - 000000000 ____D C:\Users\Andere
2021-01-27 05:49 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\NVIDIA
2021-01-27 05:49 - 2021-01-27 19:19 - 000000000 ____D C:\Users\Andere\AppData\Local\Packages
2021-01-27 05:49 - 2021-01-27 05:51 - 000000000 ____D C:\Users\Andere\AppData\Local\NVIDIA Corporation
2021-01-27 05:49 - 2021-01-27 05:49 - 000000020 ___SH C:\Users\Andere\ntuser.ini
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ___RD C:\Users\Andere\3D Objects
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Adobe
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ____D C:\Users\Andere\AppData\Local\VirtualStore
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ____D C:\Users\Andere\AppData\Local\ConnectedDevicesPlatform
2021-01-27 05:49 - 2019-11-27 00:11 - 000001580 _____ C:\Users\Andere\Desktop\Ghost Toolbox.lnk
2021-01-27 05:37 - 2021-01-28 09:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2021-01-27 05:37 - 2021-01-27 05:37 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2021-01-27 05:37 - 2021-01-27 05:37 - 000000000 ____D C:\Users\Administrator\ansel
2021-01-27 05:37 - 2021-01-26 22:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2021-01-27 05:35 - 2021-01-27 05:35 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2020-12-31 15:01 - 002797552 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2021-01-27 05:35 - 2020-12-31 15:01 - 002154984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2021-01-27 05:35 - 2020-12-31 15:01 - 001294832 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2021-01-27 05:35 - 2020-12-31 15:01 - 000069608 _____ C:\Windows\system32\FvSDK_x64.dll
2021-01-27 05:35 - 2020-12-31 15:01 - 000058344 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2021-01-27 05:34 - 2021-01-27 05:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-27 05:34 - 2021-01-27 05:34 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2021-01-27 05:34 - 2020-12-31 15:01 - 000169272 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2021-01-27 05:34 - 2020-12-31 15:01 - 000145208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2021-01-27 05:34 - 2020-12-31 15:01 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2021-01-27 05:32 - 2020-12-31 15:01 - 000135408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2021-01-27 05:32 - 2020-12-31 15:01 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2021-01-27 05:32 - 2020-12-31 15:01 - 000067456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2021-01-27 05:32 - 2020-12-31 15:01 - 000050592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys
2021-01-27 05:32 - 2020-12-31 15:01 - 000038640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2021-01-27 05:31 - 2021-02-08 13:51 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-27 05:31 - 2021-01-04 15:49 - 001855192 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-27 05:31 - 2021-01-04 15:49 - 001855192 _____ C:\Windows\system32\vulkaninfo.exe
2021-01-27 05:31 - 2021-01-04 15:49 - 001435864 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-27 05:31 - 2021-01-04 15:49 - 001435864 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-01-27 05:31 - 2021-01-04 15:49 - 000948952 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-27 05:31 - 2021-01-04 15:49 - 000948952 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-01-27 05:31 - 2021-01-04 15:48 - 001454488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-01-27 05:31 - 2021-01-04 15:48 - 001193880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-01-27 05:31 - 2021-01-04 15:48 - 001094880 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-01-27 05:31 - 2021-01-04 15:48 - 001094880 _____ C:\Windows\system32\vulkan-1.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 001512856 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 001165720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 000690072 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-01-27 05:31 - 2021-01-04 15:46 - 000680856 _____ C:\Windows\system32\nvofapi64.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 000673688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 000610712 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 000559000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 000548248 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 008262552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 007393176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 005631896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 004612504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 002731928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 002104216 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 001589144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 000813976 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 000657816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 000447384 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-01-27 05:31 - 2021-01-04 15:44 - 000850840 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-01-27 05:31 - 2021-01-04 15:43 - 007115280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-01-27 05:31 - 2021-01-04 15:43 - 006071032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-01-27 05:31 - 2020-12-31 15:01 - 000084159 _____ C:\Windows\system32\nvinfo.pb
2021-01-27 05:30 - 2021-02-03 22:41 - 000744476 _____ C:\Windows\system32\perfh007.dat
2021-01-27 05:30 - 2021-02-03 22:41 - 000151252 _____ C:\Windows\system32\perfc007.dat
2021-01-27 05:30 - 2021-01-27 05:29 - 000306166 _____ C:\Windows\system32\perfi007.dat
2021-01-27 05:30 - 2021-01-27 05:29 - 000040520 _____ C:\Windows\system32\perfd007.dat
2021-01-27 05:29 - 2021-02-03 18:02 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-27 05:29 - 2021-02-03 18:02 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-27 05:29 - 2021-02-03 18:02 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-27 05:29 - 2021-01-27 05:29 - 000000000 ____D C:\Windows\SysWOW64\de
2021-01-27 05:29 - 2021-01-27 05:29 - 000000000 ____D C:\Windows\system32\de
2021-01-27 05:28 - 2021-02-08 12:54 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2021-01-27 05:26 - 2021-01-27 05:27 - 000000000 ____D C:\Windows\SysWOW64\directx
2021-01-27 05:17 - 2021-02-03 08:33 - 000002414 _____ C:\Users\Administrator\Desktop\Microsoft Teams.lnk
2021-01-27 05:17 - 2021-01-27 05:17 - 000002422 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-27 05:17 - 2021-01-27 05:17 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Teams
2021-01-27 05:16 - 2021-01-27 08:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\SquirrelTemp
2021-01-27 05:15 - 2021-01-27 05:17 - 661510840 _____ (NVIDIA Corporation) C:\Users\Administrator\Downloads\461.09-desktop-win10-64bit-international-dch-whql.exe
2021-01-27 05:13 - 2021-01-27 05:13 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2021-01-27 05:13 - 2007-01-20 03:24 - 000025312 ____R (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
2021-01-27 05:12 - 2021-01-27 05:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-27 05:12 - 2021-01-27 05:12 - 000000000 ____D C:\Program Files (x86)\NETGEAR
2021-01-27 05:12 - 2015-02-11 07:04 - 001255672 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
2021-01-27 05:12 - 2015-02-11 07:04 - 000096600 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2021-01-27 05:12 - 2015-02-11 05:46 - 003900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2021-01-27 05:12 - 2015-02-11 05:46 - 003566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2021-01-27 05:12 - 2010-02-03 20:21 - 000281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
2021-01-27 05:12 - 2010-02-03 20:21 - 000096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll
2021-01-27 05:12 - 2010-02-03 20:21 - 000053299 _____ C:\Windows\SysWOW64\pthreadVC.dll
2021-01-27 05:12 - 2010-02-03 20:21 - 000047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2021-01-27 05:10 - 2021-01-27 05:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2021-01-27 05:00 - 2021-01-27 05:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\StartIsBack
2021-01-27 05:00 - 2021-01-27 05:00 - 000003444 _____ C:\Windows\system32\Tasks\StartIsBack health check
2021-01-27 05:00 - 2021-01-27 05:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\PeerDistRepub
2021-01-27 05:00 - 2021-01-27 05:00 - 000000000 ____D C:\Program Files (x86)\StartIsBack
2021-01-27 04:59 - 2021-02-09 12:06 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2021-01-27 04:59 - 2021-01-27 04:59 - 000000000 ___RD C:\Users\Administrator\3D Objects
2021-01-27 04:59 - 2021-01-27 04:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2021-01-27 04:59 - 2021-01-27 04:59 - 000000000 ____D C:\Program Files\CPUID
2021-01-27 04:58 - 2021-02-09 14:09 - 000000000 ____D C:\Users\Administrator
2021-01-27 04:58 - 2021-01-27 06:07 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2021-01-27 04:58 - 2021-01-27 04:58 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2021-01-27 04:58 - 2019-11-27 00:11 - 000001580 _____ C:\Users\Administrator\Desktop\Ghost Toolbox.lnk
2021-01-27 04:31 - 2021-01-27 04:31 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-01-26 22:27 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\Downloads\D93E01D9-AF6E-32E9-ACA2-61D9E92563C1
2021-01-26 22:27 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\Downloads\C2F98634-0139-4EB2-B26C-821D090559CC
2021-01-26 22:27 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\Downloads\8CB8DFA4-EB0A-427B-9CFC-3FF046DA9115
2021-01-26 22:26 - 2021-01-26 22:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\cache
2021-01-26 22:26 - 2021-01-26 22:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\AutodeskDesktopApp
2021-01-26 22:24 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\cache
2021-01-26 22:24 - 2021-01-26 22:24 - 000000000 ____D C:\Users\Andere\AppData\Local\AutodeskDesktopApp
2021-01-26 22:23 - 2021-01-26 22:23 - 000001906 _____ C:\Users\Andere\Desktop\AutodeskDesktopApp.exe.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-09 14:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-02-09 14:11 - 2020-12-22 05:07 - 000294872 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-09 14:11 - 2020-12-22 05:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-09 14:11 - 2020-12-12 19:54 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-09 14:09 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-02-09 14:03 - 2020-12-22 05:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-02-09 12:46 - 2020-12-21 12:44 - 000000000 ____D C:\Program Files\7-Zip
2021-02-09 12:15 - 2019-12-21 22:02 - 000000000 __SHD C:\AI_RecycleBin
2021-02-09 12:06 - 2020-12-21 12:46 - 000000000 ____D C:\Program Files\WindowsApps
2021-02-09 12:05 - 2020-12-21 12:44 - 000000000 ____D C:\Ghost Toolbox
2021-02-08 22:40 - 2020-11-06 22:32 - 000000000 ____D C:\Users\Administrator\Desktop\NosVoid
2021-02-08 16:53 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-02-08 14:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-02-08 13:54 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-02-08 13:53 - 2020-12-22 05:06 - 000000000 ____D C:\Windows\Panther
2021-02-08 12:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-02-08 00:05 - 2020-12-05 17:34 - 000000000 ___RD C:\Sandbox
2021-02-04 13:04 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-02-04 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-02-03 22:41 - 2020-12-22 05:17 - 001731910 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-03 18:01 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-02-03 14:24 - 2020-12-31 19:24 - 000000000 ____D C:\Users\Administrator\Desktop\NosByte
2021-02-01 18:03 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\MUI
2021-02-01 18:03 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\MUI
2021-02-01 17:31 - 2020-12-04 19:26 - 000000000 ____D C:\GOG Games
2021-01-29 14:33 - 2019-07-05 09:17 - 002232320 _____ (fabi.me) C:\Users\Administrator\Desktop\SpeedAutoClicker.exe
2021-01-27 06:11 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-01-27 05:29 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-27 05:29 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\SysWOW64\winrm
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\SysWOW64\WCN
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\winrm
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\WCN
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\slmgr
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\dsc
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-01-27 05:29 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-01-27 05:17 - 2019-12-07 10:52 - 000000000 ____D C:\Windows\OCR
2021-01-27 05:00 - 2019-12-07 10:18 - 000000000 ____D C:\Windows\Setup
2021-01-27 04:28 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2021-01-24 22:08 - 2019-12-07 10:54 - 000005678 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2021-01-18 01:14 - 2020-12-14 11:29 - 000000000 ____D C:\Users\Andere\Desktop\maya
2021-01-14 20:25 - 2020-07-17 12:43 - 000000000 ___HD C:\$WinREAgent

==================== Files in the root of some directories ========

2021-02-08 12:28 - 2021-02-08 12:53 - 000000691 _____ () C:\Users\Administrator\AppData\Roaming\GetValue.vbs
2021-02-08 12:28 - 2021-02-08 12:53 - 000000035 _____ () C:\Users\Administrator\AppData\Roaming\SetValue.bat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
         
--- --- ---

--- --- ---


[CODE]Additional
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2021 01
Ran by Baal (09-02-2021 14:28:36)
Running from C:\Users\Administrator\Downloads
Windows 10 Pro Version 20H2 19042.685 (X64) (2021-01-27 03:58:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Andere (S-1-5-21-1186616812-1126677590-2245216935-1000 - Administrator - Enabled) => C:\Users\Andere
Baal (S-1-5-21-1186616812-1126677590-2245216935-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1186616812-1126677590-2245216935-503 - Limited - Disabled)
Guest (S-1-5-21-1186616812-1126677590-2245216935-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1186616812-1126677590-2245216935-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Allegorithmic Substance Painter 7.1.0 (HKLM\...\{33C3E9E2-0675-4196-9019-28AB9C5E9BB0}_is1) (Version: 7.1.0 - Allegorithmic)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 8.0.0.46 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{BF7A2FE6-C943-4C1E-A2CA-729AD1474E9B}) (Version: 3.1.15 - Autodesk)
Autodesk Maya 2020 (HKLM\...\{0EBFFCF6-F972-4D40-863F-E673B5C38236}) (Version: 20.4.0.1627 - Autodesk) Hidden
Autodesk Maya 2020 (HKLM\...\{C2F98634-0139-4EB2-B26C-821D090559CC}) (Version: 2020.4.0.1627 - Autodesk, Inc.)
Autodesk Single Sign On Component (HKLM\...\{7F0FE09D-E25D-4C59-A1AA-DB17153FC353}) (Version: 11.3.0.1803 - Autodesk)
Bifrost Extension 2.0.3.0 for Maya 2020 (HKLM\...\{0BAD8879-2A6C-43DC-B8BC-9FE8AD80C75B}) (Version: 2.0.3.0 - Autodesk)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.260.0.1032 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Discord) (Version: 0.0.309 - Discord Inc.)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.6.1.0 - miHoYo Co.,Ltd)
Ghostrunner (HKLM-x32\...\1957528513_is1) (Version: 32091_417 - GOG.com)
Ghostrunner pre-order KATANA DLC (HKLM-x32\...\2009792833_is1) (Version: 32091_417 - GOG.com)
Ghostrunner Winter Pack (HKLM-x32\...\1596358146_is1) (Version: 32091_417 - GOG.com)
IObit Uninstaller 10.2.0.15 (HKLM-x32\...\IObit Uninstaller_is1) (Version: 10.2.0.15 - lrepacks.ru)
Malware Hunter 1.116.0.708 (HKLM-x32\...\Malware Hunter) (Version: 1.116.0.708 - Glarysoft Ltd)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R29 - McAfee, LLC)
Mem Reduct (HKLM\...\memreduct) (Version: 3.3.5 - Henry++)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13628.20274 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29805 (HKLM\...\{29A1747B-007E-4BB0-A4BE-D6B855C2C56D}) (Version: 14.28.29805 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29805 (HKLM\...\{50FF98A9-6C60-4DF2-AE02-C48AED35B59B}) (Version: 14.28.29805 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29805 (HKLM-x32\...\{09A8B65F-2B67-4C5C-8FD8-D3EB60F4121D}) (Version: 14.28.29805 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29805 (HKLM-x32\...\{00DC6825-CBC7-4179-AA10-829FA349A6B9}) (Version: 14.28.29805 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{47C2CCDB-7A04-3797-992B-A84D3E90258F}) (Version: 10.0.60833 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.2 (x64) (HKLM-x32\...\{e25469ba-a07f-4864-afff-d34d3e78a406}) (Version: 5.0.2.29613 - Microsoft Corporation)
MtoA for Maya 2020 (HKU\S-1-5-21-1186616812-1126677590-2245216935-1000\...\MtoA2020) (Version: 4.0.0 - Solid Angle)
NETGEAR WNA3100 wireless USB 2.0 driver (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
NetLimiter 4 (HKLM\...\{D8EB2152-FF07-4BA1-8361-0A64CBCFA58F}) (Version: 4.0.50.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.50.0) (Version: 4.0.50.0 - Locktime Software)
Notepad++ (HKLM\...\Notepad++) (Version: 7 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 210127 - Kakao Corp.)
Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 9.8.2.2 - Bitsum)
Spotify (HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Spotify) (Version: 1.0.96.181.gf6bc1b6b - Spotify AB)
StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 2.9.8 - startisback.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Substance in Maya 2020-2.0.3 (HKLM\...\{47209805-a05c-4af2-b34b-459745022023}_is1) (Version: 2.0.3 - Adobe)
Sweet Paranoia (HKLM\...\Sweet Paranoia) (Version:  - niivu)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 4.0.0.0 - Manuel Hoefs (Zottel))
WebAdvisor von McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.194 - McAfee, LLC)

Packages:
=========
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-27] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1186616812-1126677590-2245216935-500_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2016-09-21] (Notepad++ -> )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers1: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2020-11-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers2: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2020-11-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2020-11-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2020-11-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_8024d97d167d7438\nvshext.dll [2021-01-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2020-11-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-01-27 05:12 - 2015-02-27 05:19 - 000380928 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2021-01-27 05:12 - 2011-06-22 01:04 - 000229376 _____ (Broadcom Corporation) [File not signed] C:\Program Files (x86)\NETGEAR\WNA3100\wps_api.dll
2020-12-04 07:56 - 2021-02-09 12:49 - 000709040 _____ (Glarysoft LTD -> Glarysoft Ltd) [File not signed] C:\Program Files (x86)\Glarysoft\Malware Hunter\Register.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-02-05] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-02-05] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\sharepoint.com -> hxxps://by0813-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-02-08 17:12 - 000089730 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\VMware\VMware Workstation\bin\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Process Lasso\;C:\Program Files\dotnet\
HKU\S-1-5-21-1186616812-1126677590-2245216935-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Local\Microsoft\Windows\Themes\GHOST NOI\DesktopBackground\img0_2560x160330 2021 03.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi 2: VMware Bridge Protocol -> vmware_bridge (enabled) 
Wi-Fi 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet1: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet8: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Wi-Fi: VMware Bridge Protocol -> vmware_bridge (enabled) 
Wi-Fi: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [Microsoft-Windows-Unified-Telemetry-Client] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3056C7F9-756D-480E-A1D8-BCE0AD205217}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A81DA307-C5C1-4FDD-BA40-5487DB3F067F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AB1D3287-0FAA-4E34-8F65-4C3902C42E16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EEE25865-1319-48F6-BAE3-DB97AB986A61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9E6F220A-D7A5-4630-B2F7-236D585086F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95C3A1F1-ED62-48F2-A614-0E0203486BEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA17C29B-AC3F-4CA2-A40D-AC7C7A441D87}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{60CBD4CF-A2ED-44E0-803E-F7801F018DBB}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{19386911-D3F7-4891-87EF-8B2A51351C06}] => (Allow) C:\Users\Administrator\AppData\Local\Programs\Opera\73.0.3856.344\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{39D42345-858E-48B6-BACE-038A29BD3677}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{F3CF5447-04D2-4C1E-8963-F7D5912CE3C7}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{009E662E-AA97-4654-93C1-7DEE03F8E756}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EF886F54-25BA-4AA7-BA5D-E3454C55E9E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3A8B880E-D202-4E92-BE57-509E3950D26E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================

System errors:
=============
Error: (02/09/2021 02:15:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Delivery Optimization" wurde nicht richtig gestartet.

Error: (02/09/2021 02:13:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "GUMHFilters" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (02/09/2021 02:09:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Restart the service.

Error: (02/09/2021 02:09:20 PM) (Source: DCOM) (EventID: 10010) (User: WIN-GPE7CHGD8F4)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/09/2021 02:09:20 PM) (Source: DCOM) (EventID: 10010) (User: WIN-GPE7CHGD8F4)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/09/2021 02:09:20 PM) (Source: DCOM) (EventID: 10010) (User: WIN-GPE7CHGD8F4)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/09/2021 02:09:20 PM) (Source: DCOM) (EventID: 10010) (User: WIN-GPE7CHGD8F4)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/09/2021 02:09:20 PM) (Source: DCOM) (EventID: 10010) (User: WIN-GPE7CHGD8F4)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================

Date: 2021-02-09 14:17:37.5590000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-09 14:17:37.5370000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-09 14:16:41.9880000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-09 14:16:41.9710000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-09 14:16:41.9500000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-09 14:16:41.9330000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-09 14:16:41.9180000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-09 14:16:41.9040000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. H81EM2W08.308 08/25/2014
Motherboard: MEDION H81H3-EM2
Processor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Percentage of memory in use: 32%
Total physical RAM: 8144.43 MB
Available physical RAM: 5493.42 MB
Total Virtual: 16336.43 MB
Available Virtual: 9787.27 MB

==================== Drives ================================

Drive c: (Windows 10 Compact) (Fixed) (Total:868.44 GB) (Free:467.29 GB) NTFS
Drive d: (Games) (Fixed) (Total:59.99 GB) (Free:59.81 GB) NTFS

\\?\Volume{7e0d0ba7-4d45-4f09-bba8-c2a183a9c282}\ () (Fixed) (Total:0.49 GB) (Free:0.18 GB) NTFS
\\?\Volume{052015cb-7a85-4771-87fd-7a4ddba78144}\ () (Fixed) (Total:0.54 GB) (Free:0.06 GB) NTFS
\\?\Volume{5fdf47c6-21ec-44d2-99f2-4bee43d151da}\ () (Fixed) (Total:0.82 GB) (Free:0.42 GB) NTFS
\\?\Volume{47ea8986-068d-4982-a02e-081c6663b764}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
         
--- --- ---

--- --- ---


Hoffe passt so. Sorry für die Umstände aber kenne mich halt nicht aus sonst würde ich versuchen alles selbst lösen :/


Alt 09.02.2021, 13:51   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Bitte nochmal deine Internetverbindung beschreiben. Weil das was da gemeldet wird kann nicht sein. Die Pakete sollten deinen Rechner überhaupt nicht erreichen und somit könnte auch keine Firewall die auf deinem Rechner läuft sowas melden!
__________________
--> Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee

Alt 09.02.2021, 14:22   #7
Baal01
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-02-2021 01
Ran by Baal (administrator) on WIN-GPE7CHGD8F4 (MEDION E2050 2391) (09-02-2021 15:08:05)
Running from C:\Users\Administrator\Downloads
Loaded Profiles: Baal
Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Language: Englisch (Vereinigte Staaten)
Default browser: Opera
Boot Mode: Normal

==================== Processes (All) =================
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Glarysoft LTD -> Glarysoft Ltd) [File not signed] C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe
(Glarysoft LTD -> Glarysoft Ltd) [File not signed] C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\Cloudscan\MHCloudSvc.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\PCBooster.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\QuickSearch.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MemfilesService.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\x64ProcessAssistSvc.exe
(Henry++) [File not signed] C:\Program Files\Mem Reduct\memreduct.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> MalwareBytes) C:\Windows\System32\config\systemprofile\AppData\LocalLow\IGDump\wqqjronxecuhixisskyzijykfxjwjsnf\ig.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ChromiumContainer\delegate.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.9.121.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_9\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\CoreUI\Launch.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> ) C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\explorer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\conhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\csrss.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\svchost.exe <64>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\wininit.exe
(NETGEAR -> ) C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_8024d97d167d7438\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\Administrator\AppData\Local\Programs\Opera\73.0.3856.344\opera.exe <22>
(Opera Software AS -> Opera Software) C:\Users\Administrator\AppData\Local\Programs\Opera\73.0.3856.344\opera_crashreporter.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

==================== Registry (All) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [119000 2020-11-18] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\Administrator\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [MalTray] => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe [982448 2021-02-09] (Glarysoft LTD -> Glarysoft Ltd) [File not signed]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [34816 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Winlogon: [Shell] C:\Windows\explorer.exe [4710976 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [4125256 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:maps;cortana;cortana-language;windowsinsider;windowsinsider-optin;windowsdefender;findmydevice
HKLM\...\Policies\Explorer: [DisableThumbnails] 0
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Administrator\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-27] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [Mem Reduct] => C:\Program Files\Mem Reduct\memreduct.exe [309248 2019-02-10] (Henry++) [File not signed]
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [82336 2019-07-16] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [Discord] => C:\Users\Administrator\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [Opera Browser Assistant] => C:\Users\Administrator\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3366040 2021-01-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [Spotify] => C:\Users\Administrator\AppData\Roaming\Spotify\Spotify.exe [25972968 2021-01-28] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-08] (Valve -> Valve Corporation)
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Policies\Explorer: [DisableThumbnails] 0
HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [184320 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [885248 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\winprint: C:\Windows\System32\spool\prtprocs\x64\winprint.dll [46080 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Appmon: C:\Windows\system32\AppMon.dll [114688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Local Port: C:\Windows\system32\localspl.dll [1278976 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: C:\Windows\system32\FXSMON.DLL [49152 2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Standard TCP/IP Port: C:\Windows\system32\tcpmon.dll [225280 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\USB Monitor: C:\Windows\system32\usbmon.dll [934400 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\WSD Port: C:\Windows\system32\APMon.dll [1485824 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\Windows\system32\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> C:\Windows\system32\themeui.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\Windows\system32\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\Windows\system32\shell32.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\Windows\System32\ie4uinit.exe [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\mscories.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\Windows\SysWOW64\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\Windows\SysWOW64\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\mscories.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{01A30791-40AE-4653-AB2E-FD210019AE88}] -> C:\Windows\system32\mgmtrefreshcredprov.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{1b283861-754f-4022-ad47-a5eaaa618894}] -> C:\Windows\system32\SmartcardCredentialProvider.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{1ee7337f-85ac-45e2-a23c-37c753209769}] -> C:\Windows\system32\SmartcardCredentialProvider.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{2135f72a-90b5-4ed3-a7f1-8bb705ac276a}] -> C:\Windows\system32\credprovslegacy.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{25CBB996-92ED-457e-B28C-4774084BD562}] -> C:\Windows\system32\credprovs.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{27FBDB57-B613-4AF2-9D7E-4FA7A66C21AD}] -> C:\Windows\system32\TrustedSignalCredProv.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{3dd6bec0-8193-4ffe-ae25-e08e39ea4063}] -> C:\Windows\system32\credprovs.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{48B4E58D-2791-456C-9091-D524C6C706F2}] -> C:\Windows\System32\devicengccredprov.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{600e7adb-da3e-41a4-9225-3c0399e88c0c}] -> C:\Windows\system32\cngcredui.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}] -> C:\Windows\system32\credprovs.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{8AF662BF-65A0-4D0A-A540-A338A999D36F}] -> C:\Windows\System32\FaceCredentialProvider.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{8FD7E19C-3BF7-489B-A72C-846AB3678C96}] -> C:\Windows\system32\SmartcardCredentialProvider.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{94596c7e-3744-41ce-893e-bbf09122f76a}] -> C:\Windows\system32\SmartcardCredentialProvider.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{BEC09223-B018-416D-A0AC-523971B639F5}] -> C:\Windows\System32\BioCredProv.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C5D7540A-CD51-453B-B22B-05305BA03F07}] -> C:\Windows\System32\cxcredprov.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> C:\Windows\System32\FaceCredentialProvider.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{cb82ea12-9f71-446d-89e1-8d0924e1256e}] -> C:\Windows\system32\credprovslegacy.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{D6886603-9D2F-4EB2-B667-1971041FA96B}] -> C:\Windows\System32\ngccredprov.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{e74e57b0-6c6d-44d5-9cda-fb2df5ed7435}] -> C:\Windows\system32\certCredProvider.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Windows\system32\wlidcredprov.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A1793B-7873-4046-B2A7-1F318747F427}] -> C:\Windows\system32\fidocredprov.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DDC0EED2-ADBE-40b6-A217-EDE16A79A0DE}] -> C:\Windows\system32\credprovs.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\PLAP Providers: [{5537E283-B1E7-4EF8-9C6E-7AB0AFE5056D}] -> C:\Windows\system32\rasplap.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\system32\wlgpclnt.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{0E28E245-9368-4853-AD84-6DA3BA35BB75}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{169EBF44-942F-4C43-87CE-13C93996EBBE}] -> C:\Windows\system32\AppManagementConfiguration.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> C:\Windows\system32\auditcse.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{17D89FEC-5C44-4972-B12D-241CAEF74509}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{1A6364EB-776B-4120-ADE1-B63A406A76B5}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\system32\fdeploy.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{2A8FDC61-2347-4C87-92F6-B05EB91A201A}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{2BFCC077-22D2-48DE-BDE1-2F618D9B476D}] -> C:\Windows\system32\AppManagementConfiguration.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}] -> 
HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\Windows\System32\dskquota.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{3A0DBA37-F8B2-4356-83DE-3E90BD5C261F}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{42B5FAAE-6536-11d2-AE5A-0000F87571E3}] -> C:\Windows\System32\gpscript.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4B7C3B0F-E993-4E06-A241-3FBE06943684}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4bcd6cde-777b-48b6-9804-43568e23545d}] -> C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\Windows\System32\iedkcs32.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4D2F9B6F-1E52-4711-A382-6A8B1A003DE6}] -> C:\Windows\System32\tsworkspace.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> C:\Windows\system32\WorkFoldersGPExt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{5794DAFD-BE60-433f-88A2-1A31939AC01F}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{6232C319-91AC-4931-9385-E70C2B099F0E}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{6A4C88C6-C502-4f74-8F60-2CB23EDC24E2}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7150F9BF-48AD-4da4-A49C-29EF4A8369BA}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{728EE579-943C-4519-9EF7-AB56765798ED}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{74EE6C03-5363-4554-B161-627540339CAB}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\Windows\system32\dmenrollengine.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7933F41E-56F8-41d6-A31C-4148A711EE93}] -> C:\Windows\System32\srchadmin.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\Windows\System32\iedkcs32.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\system32\scecli.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{8A28E2C5-8D06-49A4-A08C-632DAA493E17}] -> C:\Windows\system32\gpprnext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{91FBB303-0CD5-4055-BF42-E512A681B325}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> C:\Windows\system32\hvsigpext.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{A3F3E39B-5D83-4940-B954-28315B82F0A8}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{AADCED64-746C-4633-A97C-D61349046527}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B087BE9D-ED37-454f-AF9C-04291E351182}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\system32\dot3gpclnt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> C:\Windows\system32\pwlauncher.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BC75B1ED-5833-4858-9BB8-CBF0B166DF9D}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> C:\Windows\system32\pwlauncher.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\Windows\System32\cscobj.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\Windows\system32\appmgmts.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\Windows\System32\iedkcs32.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CFF649BD-601D-4361-AD3D-0FC365DB4DB7}] -> C:\Windows\system32\domgmt.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\Windows\System32\polstore.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{E47248BA-94CC-49c4-BBB5-9EB7F05183D0}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{E4F48E54-F38D-4884-BFB9-D4D2E5729C18}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{E5094040-C46C-4115-B030-04FB2E545B00}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{E62688F0-25FD-4c90-BFF5-F508B9D2E31F}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{F312195E-3D9D-447A-A3F5-08DFFA24735E}] -> C:\Windows\system32\dggpext.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> C:\Windows\system32\auditcse.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{F9C77450-3A41-477E-9310-9ACD617BD9E3}] -> C:\Windows\System32\gpprefcl.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FC491EF1-C4AA-4CE1-B329-414B101DB823}] -> C:\Windows\system32\dggpext.dll [2020-12-19] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
BootExecute: autocheck autochk * 
AlternateShell: cmd.exe
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18ACF0AA-B6A1-4F08-8436-271B0CCB0C1E} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-01-27] (McAfee, Inc. -> McAfee, LLC.)
Task: {20B9EB87-C1CF-4C44-9141-E86132B99C6A} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [993400 2020-10-30] (McAfee, LLC -> McAfee, LLC)
Task: {265F1BFC-573C-4DF5-A8FD-1D10B437C381} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2D2DC7D0-1E13-4CD3-930F-8C7AB677DC9E} - System32\Tasks\GMHAutoScan => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2441136 2021-02-09] (Glarysoft LTD -> Glarysoft Ltd) [File not signed]
Task: {30AFC6CE-2FAB-4A52-9CAB-4745932BF9AA} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [993400 2020-10-30] (McAfee, LLC -> McAfee, LLC)
Task: {3BDA7B93-7CA4-49C2-87AC-DCE6E23BA69A} - System32\Tasks\Opera scheduled Autoupdate 1611763329 => C:\Users\Administrator\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software)
Task: {4B4418FE-4644-4A8D-9CD4-AA3FE95D1105} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993288 2021-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D769CD0-4EDF-489F-AB89-5084EA3817A8} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1627544 2020-07-08] (Bitsum LLC -> Bitsum LLC)
Task: {55812086-D6D1-4973-8D3C-851291442941} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {57848288-2ADE-444C-A084-9C6033711D0C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {600FFD5B-E6E5-42FF-ABC4-817B21AA72D8} - System32\Tasks\Uninstaller_SkipUac_Baal => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6594048 2021-01-06] (IObit) [File not signed]
Task: {639E5A12-04A3-43FB-A850-3ECF3D9FE10F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199272 2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D17C0DA-69ED-4FAE-AE73-134C31473D7D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199272 2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {70FA7427-862F-4482-8DCB-7FA5CEC5C707} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993288 2021-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {84C9F231-8CBB-4256-8921-88A75082CE77} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F05EF4B-55C4-4760-B16B-BD822BFA7BAC} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [1165208 2020-07-08] (Bitsum LLC -> Bitsum LLC)
Task: {9047CA02-5DEB-45D0-951A-716D18F5A796} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2441136 2021-02-09] (Glarysoft LTD -> Glarysoft Ltd) [File not signed]
Task: {92CD423D-1E56-4FD0-9903-76109D260AF9} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.5.132\DADUpdater.exe [4054696 2021-01-18] (McAfee, LLC -> McAfee, LLC)
Task: {94F27786-57AF-4BE2-BF31-B6CA4FF68CC0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {99B00CEC-5B7C-4462-AD1D-77993B6B8C44} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4623976 2020-10-19] (McAfee, LLC -> McAfee, LLC)
Task: {A143C432-668D-46EE-A8FF-FF9516E424C3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B16CCB4B-A293-4665-92D5-C1F6D36386AB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5106A81-119A-426B-981C-F0DE3460A717} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142184 2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B67449F4-31C2-4ED7-BF00-9F9926113981} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142184 2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3BD96AC-480B-47D5-B0D9-C336B19241B3} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [736704 2020-11-03] (McAfee, LLC -> McAfee, LLC)
Task: {C8A2E27B-6506-4CFD-BC47-7396A8A6EA93} - System32\Tasks\Opera scheduled assistant Autoupdate 1611763334 => C:\Users\Administrator\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Administrator\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {DECE4499-7C21-4709-BC5E-276ACF6997FF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {EB5F88E8-8A83-4CE6-BAB5-4D41837F959D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EBFDAC75-528C-4874-A841-41A500D4107C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F298F764-E7A5-494B-A2C9-C12B356BDD9C} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {F61C054E-D337-4DA3-8D18-308E64D3AF3F} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [70984 2020-12-24] (Stanislav Zinukhov -> www.startisback.com)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{07d491a1-f939-4cac-b1b5-cbd0682a4ca2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d60cc1f7-7cd6-4872-8a16-c89a0b00708f}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-01-27] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-11-04] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera: 
=======
OPR Profile: C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable [2021-02-09]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-09]
OPR Extension: (uBlock Origin) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2021-01-27]
StartMenuInternet: (HKU\S-1-5-21-1186616812-1126677590-2245216935-500) OperaStable - "C:\Users\Administrator\AppData\Local\Programs\Opera\Launcher.exe"

==================== Services (All) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AarSvc; C:\Windows\System32\AarSvc.dll [443904 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 AarSvc; C:\Windows\SysWOW64\AarSvc.dll [339456 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 AarSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 AarSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
S3 AJRouter; C:\Windows\System32\AJRouter.dll [26112 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [94720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [85504 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 Appinfo; C:\Windows\System32\appinfo.dll [219648 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [207360 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [160768 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [681472 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 AppVClient; C:\Windows\system32\AppVClient.exe [756552 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [3898368 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 AssignedAccessManagerSvc; C:\Windows\System32\assignedaccessmanagersvc.dll [860160 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [751616 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [1837568 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 autotimesvc; C:\Windows\System32\autotimesvc.dll [114176 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [116736 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1386496 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BcastDVRUserService_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BcastDVRUserService_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [562688 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [887296 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BITS; C:\Windows\System32\qmgr.dll [1481216 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [500224 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BluetoothUserService_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BluetoothUserService_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 BrokerInfrastructure; C:\Windows\System32\psmsrv.dll [247296 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BTAGService; C:\Windows\System32\BTAGService.dll [1021952 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BTAGService; C:\Windows\SysWOW64\BTAGService.dll [733184 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [392192 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [213504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [389632 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 CaptureService; C:\Windows\System32\CaptureService.dll [130048 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 CaptureService_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 CaptureService_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 cbdhsvc; C:\Windows\System32\cbdhsvc.dll [1022976 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 cbdhsvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 cbdhsvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [609792 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [481792 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 CDPUserSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 CDPUserSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [196608 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8902024 2021-01-22] (Microsoft Corporation -> Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [1092392 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 COMSysApp; C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [21312 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [19256 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 ConsentUxUserSvc; C:\Windows\System32\ConsentUxClient.dll [169984 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 ConsentUxUserSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ConsentUxUserSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [988000 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [630096 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc; C:\Windows\system32\CredentialEnrollmentManager.exe [385240 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_b3044; C:\Windows\system32\CredentialEnrollmentManager.exe [385240 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [104960 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 CscService; C:\Windows\System32\cscsvc.dll [756224 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [1334784 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [556544 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\Windows\System32\deviceaccess.dll [240176 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\Windows\SysWOW64\deviceaccess.dll [188000 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 DeviceAssociationService; C:\Windows\system32\das.dll [488960 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [133120 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [486400 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DevicePickerUserSvc; C:\Windows\SysWOW64\Windows.Devices.Picker.dll [345088 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DevicePickerUserSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DevicePickerUserSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [598016 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DevicesFlowUserSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DevicesFlowUserSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [65024 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [400384 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [329728 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [94208 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [203264 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [3815936 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\Windows\System32\DispBroker.Desktop.dll [379392 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DisplayEnhancementService; C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1188352 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [1015808 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [712192 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [58880 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [353280 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 DoSvc; C:\Windows\system32\dosvc.dll [1494528 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [275456 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [175616 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [296960 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 DsSvc; C:\Windows\System32\DsSvc.dll [162816 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [341504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Eaphost; C:\Windows\System32\eapsvc.dll [112640 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 EFS; C:\Windows\system32\efssvc.dll [83456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [160256 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [601088 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1877504 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [414720 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [335360 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [660992 2019-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 fdPHost; C:\Windows\system32\fdPHost.dll [21504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 FDResPub; C:\Windows\system32\fdrespub.dll [35840 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [124416 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2657616 2021-01-27] (Flexera Software LLC -> Flexera)
R2 FontCache; C:\Windows\system32\FntCache.dll [1422336 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [46184 2019-11-08] (Microsoft Corporation -> Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [994816 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-12-31] (NVIDIA Corporation -> NVIDIA)
S2 gpsvc; C:\Windows\System32\gpsvc.dll [1306624 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [106496 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 hidserv; C:\Windows\system32\hidserv.dll [36352 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [29696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [66360 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [237568 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [1051136 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 InstallService; C:\Windows\system32\InstallService.dll [2428416 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 InstallService; C:\Windows\SysWOW64\InstallService.dll [1836544 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [836096 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [66048 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 KeyIso; C:\Windows\system32\keyiso.dll [94208 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [66560 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [375296 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [301568 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [294912 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 lfsvc; C:\Windows\System32\lfsvc.dll [48640 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [51200 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [284160 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 lmhosts; C:\Windows\System32\lmhsvc.dll [26112 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 LSM; C:\Windows\System32\lsm.dll [842752 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [302592 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 MapsBroker; C:\Windows\System32\moshost.dll [94720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-08] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2021-02-05] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_9\McApExe.exe [779592 2020-11-04] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.9.121.0\\McCSPServiceHost.exe [2785184 2020-11-04] (McAfee, LLC -> McAfee, LLC)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [91136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MessagingService_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MessagingService_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2020-09-14] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2020-09-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2020-09-14] (McAfee, Inc. -> McAfee, LLC)
S3 MixedRealityOpenXRSvc; C:\Windows\System32\MixedRealityRuntime.dll [134248 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\Windows\SysWOW64\MixedRealityRuntime.dll [104808 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1589976 2020-10-30] (McAfee, LLC -> McAfee, LLC)
R2 mpssvc; C:\Windows\system32\mpssvc.dll [1104896 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [148480 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [160256 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 msiserver; C:\Windows\system32\msiexec.exe /V [69632 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe /V [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [454144 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [171520 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [382464 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [92672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\netlogon.dll [867328 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [671232 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [287232 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [860672 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [309760 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139256 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [770048 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [924672 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [388608 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [309664 2019-07-16] (Locktime Software s.r.o. -> Locktime Software)
R2 nsi; C:\Windows\system32\nsisvc.dll [34304 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [351232 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 OneSyncSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 OneSyncSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [352768 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 p2psvc; C:\Windows\system32\p2psvc.dll [439808 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 PcaSvc; C:\Windows\System32\pcasvc.dll [872776 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1970176 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4215368 2020-10-19] (McAfee, LLC -> McAfee, LLC)
S3 perceptionsimulation; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [105984 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 PhoneSvc; C:\Windows\System32\PhoneService.dll [955392 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [195584 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 PimIndexMaintenanceSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 PimIndexMaintenanceSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1532928 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [133120 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [352768 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [463360 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [178176 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [181760 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\Windows\SysWOW64\PrintWorkflowService.dll [138752 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 PrintWorkflowUserSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 PrintWorkflowUserSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [487936 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [281088 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [287232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [228864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [111616 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 RasMan; C:\Windows\System32\rasmans.dll [971776 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [520192 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [403456 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [166912 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [152576 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [84480 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [1334784 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [59464 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [293376 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [205312 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [863744 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [196608 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [153600 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [32768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [988064 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1222656 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 SENS; C:\Windows\System32\sens.dll [77824 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1263104 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [466432 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [181760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [515072 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [425472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [329504 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [617984 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [306688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [259584 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [193536 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [224768 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [32568 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [29712 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [625664 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [16896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [875520 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 Spooler; C:\Windows\System32\spoolsv.exe [799232 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [4629320 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [242688 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [384512 2019-10-15] (Microsoft Windows -> )
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [211968 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [5871560 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [5430992 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1672992 2018-05-22] (Valve -> Valve Corporation)
S3 stisvc; C:\Windows\System32\wiaservc.dll [687616 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 StorSvc; C:\Windows\system32\storsvc.dll [1091584 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 svsvc; C:\Windows\system32\svsvc.dll [14336 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 swprv; C:\Windows\System32\swprv.dll [463872 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1006592 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [251904 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 TabletInputService; C:\Windows\System32\TabSvc.dll [235520 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [251904 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [1128960 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [70656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [325632 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [179712 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1531904 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [1240064 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [114688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 TroubleshootingSvc; C:\Windows\system32\MitigationClient.dll [417792 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [156480 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [97792 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 tzautoupdate; C:\Windows\SysWOW64\tzautoupdate.dll [73216 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UdkUserSvc; C:\Windows\System32\windowsudk.shellcommon.dll [2102784 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 UdkUserSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 UdkUserSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 UevAgentService; C:\Windows\system32\AgentService.exe [1201152 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [396800 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1191936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [968704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UnistoreSvc_b3044; C:\Windows\System32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 UnistoreSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 upnphost; C:\Windows\System32\upnphost.dll [471552 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [328192 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1554432 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 UserDataSvc_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 UserDataSvc_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1488896 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 UsoSvc; C:\Windows\system32\usosvc.dll [567296 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [383224 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [371200 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [675328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [99376 2020-11-18] (VMware, Inc. -> VMware, Inc.)
S3 vmicguestinterface; C:\Windows\System32\icsvc.dll [292152 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\icsvc.dll [292152 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\icsvc.dll [292152 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [304640 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\icsvc.dll [292152 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\icsvc.dll [292152 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [292152 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [304640 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 VMnetDHCP; C:\Windows\SysWOW64\vmnetdhcp.exe [379440 2020-11-18] (VMware, Inc. -> VMware, Inc.)
R2 VMUSBArbService; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [973360 2020-10-01] (VMware, Inc. -> VMware, Inc.)
R2 VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [422104 2020-11-18] (VMware, Inc. -> VMware, Inc.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15221296 2020-11-18] (VMware, Inc. -> )
R3 VSS; C:\Windows\system32\vssvc.exe [1473024 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 W32Time; C:\Windows\system32\w32time.dll [479744 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [407552 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [441856 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [65536 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1583616 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [883200 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [994304 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [483328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [105472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [88064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [105472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [88064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WebClient; C:\Windows\System32\webclnt.dll [231936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WebClient; C:\Windows\SysWOW64\webclnt.dll [190976 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 Wecsvc; C:\Windows\system32\wecsvc.dll [205312 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [28672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [127488 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [246272 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [675840 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [87040 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [1047432 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [788168 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [243712 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 WinRM; C:\Windows\system32\WsmSvc.dll [2772992 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2306048 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [939448 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 wisvc; C:\Windows\SysWOW64\flightsettings.dll [751496 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 WlanSvc; C:\Windows\System32\wlansvc.dll [2648576 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 wlidsvc; C:\Windows\system32\wlidsvc.dll [2242048 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1253376 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WManSvc; C:\Windows\system32\Windows.Management.Service.dll [941568 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [209920 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [954880 2019-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [2193736 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1909248 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [87040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 WpnService; C:\Windows\system32\WpnService.dll [244736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [85504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 WpnUserService_b3044; C:\Windows\system32\svchost.exe [57360 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WpnUserService_b3044; C:\Windows\SysWOW64\svchost.exe [47016 2020-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [331312 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [941568 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [716288 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-19] (NETGEAR -> )
S3 wuauserv; C:\Windows\system32\wuaueng.dll [3388928 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [1516544 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1046528 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1267712 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [72704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1293824 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_8024d97d167d7438\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_8024d97d167d7438\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
         
Ich weiß nicht wieso aber die logs sind sehr groß geworden die nächsten Teile kommen jetzt. Ich hoffe mal du wolltest dass ich nochmal scanne aber diesmal nur internet anhake.

Alt 09.02.2021, 14:23   #8
Baal01
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Code:
ATTFilter
===================== Drivers (All) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [266240 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 3ware; C:\Windows\System32\drivers\3ware.sys [107320 2019-12-07] (Microsoft Windows -> LSI)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [809280 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [139792 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [14336 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [18432 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [16384 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Acx01000; C:\Windows\System32\drivers\Acx01000.sys [415232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [1135416 2019-12-07] (Microsoft Windows -> PMC-Sierra)
R1 AFD; C:\Windows\system32\drivers\afd.sys [647480 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [41984 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [292864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [18432 2019-12-07] (Microsoft Windows -> Advanced Micro Devices, Inc)
S3 amdi2c; C:\Windows\System32\drivers\amdi2c.sys [45568 2019-12-07] (Microsoft Windows -> Advanced Micro Devices, Inc)
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [207160 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [211256 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [83256 2019-12-07] (Microsoft Windows -> Advanced Micro Devices)
S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259384 2019-12-07] (Microsoft Windows -> AMD Technologies Inc.)
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [26936 2019-12-07] (Microsoft Windows -> Advanced Micro Devices)
S3 AppID; C:\Windows\System32\drivers\appid.sys [208696 2020-12-19] (Microsoft Windows -> Microsoft Windows)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 AppvStrm; C:\Windows\system32\drivers\AppvStrm.sys [138272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 AppvVemgr; C:\Windows\system32\drivers\AppvVemgr.sys [174608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 AppvVfs; C:\Windows\system32\drivers\AppvVfs.sys [154936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [131896 2019-12-07] (Microsoft Windows -> PMC-Sierra, Inc.)
S3 AsyncMac; C:\Windows\System32\drivers\asyncmac.sys [31232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 atapi; C:\Windows\System32\drivers\atapi.sys [30024 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533816 2019-12-07] (Microsoft Windows -> QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [78136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 BasicDisplay; C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys [68608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 BasicRender; C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys [38912 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [41272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2019-12-07] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
R3 BCMH43XX; C:\Windows\system32\DRIVERS\bcmwlhigh664.sys [1255672 2015-02-11] (Broadcom Corporation -> Broadcom Corporation)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 bindflt; C:\Windows\system32\drivers\bindflt.sys [149320 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [117760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [113664 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [106496 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [45568 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [1554944 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [110592 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [43832 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [44032 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 CAD; C:\Windows\System32\drivers\CAD.sys [66576 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [100864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 cdrom; C:\Windows\System32\drivers\cdrom.sys [174080 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [75704 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [319800 2019-12-07] (Microsoft Windows -> Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1853752 2019-12-07] (Microsoft Windows -> Chelsio Communications)
R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [91136 2019-12-07] (Microsoft Windows -> )
S3 circlass; C:\Windows\System32\drivers\circlass.sys [52224 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [491520 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [409408 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [36864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [733984 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [40968 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys [41984 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 condrv; C:\Windows\System32\drivers\condrv.sys [58168 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 CSC; C:\Windows\System32\drivers\csc.sys [580608 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S1 dam; C:\Windows\System32\drivers\dam.sys [97080 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [152064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 disk; C:\Windows\System32\drivers\disk.sys [98856 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [59192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [16136 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [3778888 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 E1G60; C:\Windows\System32\drivers\E1G6032E.sys [147584 2019-12-07] (Microsoft Windows -> Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3418936 2019-12-07] (Microsoft Windows -> QLogic Corporation)
S0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [95032 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [124728 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [15872 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2021-02-08] (Malwarebytes Corporation -> Malwarebytes)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [415032 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [425272 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 fcvsc; C:\Windows\System32\drivers\fcvsc.sys [34304 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 fdc; C:\Windows\System32\drivers\fdc.sys [34816 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [59392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [94736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [40448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [28672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [430392 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [68408 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [33592 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [800072 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [23864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [183112 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 GUMHFilters; C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [41232 2020-11-23] (Glarysoft LTD -> Glarysoft Ltd)
S1 GUSBootStartup; C:\Windows\System32\drivers\GUSBootStartup.sys [28936 2021-02-09] (Glarysoft LTD -> Glarysoft Ltd)
R2 hcmon; C:\Windows\system32\DRIVERS\hcmon.sys [85448 2020-10-01] (VMware, Inc. -> VMware, Inc.)
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [430080 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [132608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [39440 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [120320 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [57344 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [55824 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [48640 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hidspi; C:\Windows\System32\drivers\hidspi.sys [66560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [44032 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64312 2019-12-07] (Microsoft Windows -> Hewlett-Packard Company)
S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [1567032 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [35128 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [95048 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [30208 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [33096 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [27448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HyperVideo; C:\Windows\System32\drivers\HyperVideo.sys [41784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [118272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36352 2019-12-07] (Microsoft Windows -> Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [91136 2019-12-07] (Microsoft Windows -> Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [171520 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [38128 2019-12-07] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [113152 2019-12-07] (Microsoft Windows -> Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [884752 2019-12-07] (Microsoft Windows -> Intel Corporation)
S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412176 2019-12-07] (Microsoft Windows -> Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [558904 2019-12-07] (Microsoft Windows -> Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [47104 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 intelide; C:\Windows\System32\drivers\intelide.sys [19776 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [418800 2020-12-19] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 intelpmax; C:\Windows\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 intelppm; C:\Windows\System32\drivers\intelppm.sys [230728 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [57360 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [90112 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [117560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [225280 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [59704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [22840 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [298808 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [172344 2019-12-07] (Microsoft Windows -> Avago Technologies)
R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [71480 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [46592 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 kdnic; C:\Windows\System32\drivers\kdnic.sys [33296 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [147272 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [180040 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [29696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 lltdio; C:\Windows\System32\drivers\lltdio.sys [72704 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108856 2019-12-07] (Microsoft Windows -> LSI Corporation)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [124216 2019-12-07] (Microsoft Windows -> LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [135992 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82744 2019-12-07] (Microsoft Windows -> LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [140288 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [537608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [64016 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220600 2021-02-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-02-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198248 2021-02-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-02-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-02-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [142440 2021-02-09] (Malwarebytes Inc -> Malwarebytes)
S3 MbbCx; C:\Windows\System32\drivers\MbbCx.sys [386048 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [89096 2020-05-26] (McAfee, LLC -> McAfee, LLC)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59704 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [81720 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [105480 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 megasr; C:\Windows\System32\drivers\megasr.sys [575800 2019-12-07] (Microsoft Windows -> LSI Corporation, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [531896 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [385464 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85944 2020-09-22] (Microsoft Windows Early Launch Anti-Malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522168 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [1019832 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [603072 2020-09-17] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [107968 2020-09-17] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116664 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252344 2020-09-22] (McAfee, Inc. -> McAfee, LLC)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [1131320 2019-12-07] (Microsoft Windows -> Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [53248 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [47104 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 monitor; C:\Windows\System32\drivers\monitor.sys [80896 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [67600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [35328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [110392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [80896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [157696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [573752 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [259888 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [127488 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [44048 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [56120 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [12288 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [20280 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [34816 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [78848 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 MsQuic; C:\Windows\System32\drivers\msquic.sys [322376 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [380744 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 MsSecFlt; C:\Windows\System32\drivers\mssecflt.sys [293176 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [47928 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [12288 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [17920 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [133136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63800 2019-12-07] (Microsoft Windows -> Marvell Semiconductor, Inc.)
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [733696 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [146232 2019-12-07] (Microsoft Windows -> Mellanox)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1478464 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [54272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [135168 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [28672 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 Ndisuio; C:\Windows\System32\drivers\ndisuio.sys [70656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [206848 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [206848 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 NDKPing; C:\Windows\System32\drivers\NDKPing.sys [72720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 ndproxy; C:\Windows\System32\DRIVERS\NDProxy.sys [93696 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [131584 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [213504 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\drivers\netbios.sys [64312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [341504 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [250176 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [178944 2019-07-16] (Locktime Software s.r.o. -> Locktime Software)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [87568 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [27648 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [48640 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [2850632 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [7680 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [168464 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 NVHDA; C:\Windows\system32\drivers\nvhda64v.sys [135408 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_8024d97d167d7438\nvlddmkm.sys [39101848 2021-01-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvModuleTracker; C:\Windows\System32\drivers\NvModuleTracker.sys [50592 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150328 2019-12-07] (Microsoft Windows -> NVIDIA Corporation)
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [166200 2019-12-07] (Microsoft Windows -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [67456 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Parport; C:\Windows\System32\drivers\parport.sys [109056 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [182584 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [469320 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 pciide; C:\Windows\System32\drivers\pciide.sys [16704 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [127800 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [57656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 pdc; C:\Windows\System32\drivers\pdc.sys [159048 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [822784 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58680 2019-12-07] (Microsoft Windows -> Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [68408 2019-12-07] (Microsoft Windows -> Avago Technologies)
S3 PktMon; C:\Windows\System32\drivers\PktMon.sys [104760 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 pmem; C:\Windows\System32\drivers\pmem.sys [138040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 PNPMEM; C:\Windows\System32\drivers\pnpmem.sys [17408 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 portcfg; C:\Windows\System32\drivers\portcfg.sys [27136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [101888 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 Processor; C:\Windows\System32\drivers\processr.sys [216376 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 Psched; C:\Windows\System32\drivers\pacer.sys [161608 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [53248 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [42296 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [20480 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [118784 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [110080 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 RasPppoe; C:\Windows\System32\drivers\raspppoe.sys [87552 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [86016 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [461128 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [28672 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [174080 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [31560 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [297784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [1999160 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [990008 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [213504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [115712 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 rspndr; C:\Windows\System32\drivers\rspndr.sys [89088 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [694272 2019-12-07] (Microsoft Windows -> Realtek)
R3 RtlWlanu_OldIC; C:\Windows\System32\drivers\rtwlanu_oldIC.sys [3814400 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [18960 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [116752 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [44032 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [158736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [25312 2007-01-20] (NETGEAR -> Windows (R) Codename Longhorn DDK provider)
S3 sdbus; C:\Windows\System32\drivers\sdbus.sys [305472 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [35128 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [103736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [86328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [173072 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Serenum; C:\Windows\System32\drivers\serenum.sys [27648 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Serial; C:\Windows\System32\drivers\serial.sys [90624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [29184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [19456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [88080 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44856 2019-12-07] (Microsoft Windows -> Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81720 2019-12-07] (Microsoft Windows -> Silicon Integrated Systems)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [204544 2020-11-11] (RH Software Ltd -> Ray Hinchliffe)
S0 SmartSAMD; C:\Windows\System32\drivers\SmartSAMD.sys [209720 2019-12-07] (Microsoft Windows -> Microsemi Corportation)
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [172544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 spaceparser; C:\Windows\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [678200 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [90936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [87352 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [782848 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [315392 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31032 2019-12-07] (Microsoft Windows -> Promise Technology, Inc.)
R0 storahci; C:\Windows\System32\drivers\storahci.sys [185672 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [54280 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [155976 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [92984 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [60744 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [44048 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys [18952 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [67072 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2990408 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 Tcpip6; C:\Windows\System32\drivers\tcpip.sys [2990408 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [54784 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [117560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 Telemetry; C:\Windows\System32\drivers\IntelTA.sys [26608 2020-12-19] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [41272 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 TPM; C:\Windows\System32\drivers\tpm.sys [255296 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [66560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [37888 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [134656 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 tunnel; C:\Windows\System32\drivers\tunnel.sys [129024 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [79376 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [160256 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [188416 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UcmUcsiCx0101; C:\Windows\System32\Drivers\UcmUcsiCx.sys [113152 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 Ucx01000; C:\Windows\System32\drivers\ucx01000.sys [259896 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [52736 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [344064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 UEFI; C:\Windows\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys [34104 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 UevAgentDriver; C:\Windows\system32\drivers\UevAgentDriver.sys [41488 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [321040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys [110608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [168264 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 umbus; C:\Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys [58368 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UmPass; C:\Windows\System32\drivers\umpass.sys [15360 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsChipidea; C:\Windows\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys [32056 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [76304 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys [29496 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [202752 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 usbaudio2; C:\Windows\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [185664 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [107520 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [86544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [528184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [647992 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [35328 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 usbser; C:\Windows\System32\drivers\usbser.sys [81408 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [135480 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [39424 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [602440 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [67384 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [347448 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [820552 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 vhf; C:\Windows\System32\drivers\vhf.sys [47616 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 Vid; C:\Windows\System32\drivers\Vid.sys [639288 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 VirtualRender; C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [160072 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [36664 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 vmci; C:\Windows\System32\drivers\vmci.sys [116544 2020-08-11] (VMware, Inc. -> VMware, Inc.)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [19768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 vmkbd3; C:\Windows\system32\DRIVERS\vmkbd.sys [60344 2020-11-18] (VMware, Inc. -> VMware, Inc.)
R3 VMnetAdapter; C:\Windows\system32\DRIVERS\vmnetadapter.sys [47712 2020-11-18] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [68544 2020-11-18] (VMware, Inc. -> VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\DRIVERS\vmnetuserif.sys [45664 2020-11-18] (VMware, Inc. -> VMware, Inc.)
S3 vmusb; C:\Windows\System32\drivers\vmusb.sys [69648 2020-10-01] (VMware, Inc. -> VMware, Inc.)
R2 vmx86; C:\Windows\system32\DRIVERS\vmx86.sys [110696 2020-11-18] (VMware, Inc. -> VMware, Inc.)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [90432 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [389432 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [429880 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16696 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 vpci; C:\Windows\System32\drivers\vpci.sys [89400 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [166712 2019-12-07] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [54592 2020-08-12] (VMware, Inc. -> VMware, Inc.)
S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305464 2019-12-07] (Microsoft Windows -> VIA Corporation)
R3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [29184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [77824 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 vwifimp; C:\Windows\System32\drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [31232 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [93184 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [93184 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [202552 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [93184 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [827704 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [951808 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [23560 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 WFPLWFS; C:\Windows\System32\drivers\wfplwfs.sys [180032 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [39736 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [76984 2019-12-07] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18920 2019-12-07] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [36152 2019-12-07] (Microsoft Windows -> Mellanox)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [259584 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WINUSB; C:\Windows\System32\drivers\WinUSB.SYS [107008 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [73016 2019-12-07] (Microsoft Windows -> Mellanox)
S3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [19456 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [233800 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [32568 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [25088 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [136192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [324608 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [48640 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
U3 cbdhsvc_59ed3; no ImagePath
U4 Sense; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
         

Alt 09.02.2021, 14:25   #9
Baal01
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Code:
ATTFilter
==================== One month (created) (All) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error Reading file: "C:\Users\Administrator\Downloads\timberborn.rar"
2021-02-09 14:12 - 2021-02-09 14:12 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-02-09 14:11 - 2021-02-09 14:11 - 000198248 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-02-09 14:11 - 2021-02-09 14:11 - 000142440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-02-09 14:08 - 2021-02-09 15:08 - 000130153 _____ C:\Users\Administrator\Downloads\FRST.txt
2021-02-09 14:08 - 2021-02-09 15:08 - 000130153 _____ C:\Users\Administrator\Downloads\FRST.txt
2021-02-09 14:06 - 2021-02-09 15:08 - 000000000 ____D C:\FRST
2021-02-09 14:05 - 2021-02-09 14:05 - 002297344 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2021-02-09 14:05 - 2021-02-09 14:05 - 002297344 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2021-02-09 14:04 - 2021-02-09 14:04 - 000000000 ___HD C:\$GlaryQuarantine
2021-02-09 13:00 - 2021-02-09 13:00 - 000003826 _____ C:\Windows\system32\Tasks\GMHAutoScan
2021-02-09 12:44 - 2021-02-09 14:13 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\GlarySoft
2021-02-09 12:44 - 2021-02-09 14:13 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\GlarySoft
2021-02-09 12:43 - 2021-02-09 12:43 - 000028936 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUSBootStartup.sys
2021-02-09 12:43 - 2021-02-09 12:43 - 000003060 _____ C:\Windows\system32\Tasks\GMHSkipUAC
2021-02-09 12:43 - 2021-02-09 12:43 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2021-02-09 12:26 - 2021-02-09 12:26 - 000000000 ___HD C:\Users\Administrator\MicrosoftEdgeBackups
2021-02-09 12:26 - 2021-02-09 12:26 - 000000000 ___HD C:\Users\Administrator\MicrosoftEdgeBackups
2021-02-09 12:11 - 2021-02-09 12:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2021-02-09 12:11 - 2021-02-09 12:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2021-02-09 12:11 - 2021-02-09 12:11 - 000002950 _____ C:\Windows\system32\Tasks\Uninstaller_SkipUac_Baal
2021-02-09 12:11 - 2021-02-09 12:11 - 000001338 _____ C:\Users\Administrator\Desktop\IObit Uninstaller.lnk
2021-02-09 12:11 - 2021-02-09 12:11 - 000001338 _____ C:\Users\Administrator\Desktop\IObit Uninstaller.lnk
2021-02-09 12:11 - 2021-02-09 12:11 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\IObit
2021-02-09 12:11 - 2021-02-09 12:11 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\IObit
2021-02-09 12:11 - 2021-02-09 12:11 - 000000000 ____D C:\Program Files (x86)\IObit
2021-02-09 12:07 - 2021-02-09 12:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2021-02-09 12:07 - 2021-02-09 12:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2021-02-08 22:38 - 2021-02-08 22:39 - 000000000 ____D C:\Users\Administrator\Desktop\NosVipClient
2021-02-08 22:38 - 2021-02-08 22:39 - 000000000 ____D C:\Users\Administrator\Desktop\NosVipClient
2021-02-08 21:45 - 2021-02-08 22:38 - 272431467 _____ C:\Users\Administrator\Downloads\NosVipClient.zip
2021-02-08 21:45 - 2021-02-08 22:38 - 272431467 _____ C:\Users\Administrator\Downloads\NosVipClient.zip
2021-02-08 17:12 - 2021-02-08 17:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\OO Software
2021-02-08 17:12 - 2021-02-08 17:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\OO Software
2021-02-08 13:50 - 2021-02-08 13:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2021-02-08 13:50 - 2021-02-08 13:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2021-02-08 13:00 - 2020-11-11 11:17 - 000204544 _____ (Ray Hinchliffe) C:\Windows\system32\Drivers\SIVX64.sys
2021-02-08 12:51 - 2021-01-15 20:54 - 000000000 ____D C:\Users\Administrator\Desktop\integrity_verification
2021-02-08 12:51 - 2021-01-15 20:54 - 000000000 ____D C:\Users\Administrator\Desktop\integrity_verification
2021-02-08 12:51 - 2021-01-15 19:51 - 000000000 ____D C:\Users\Administrator\Desktop\tron
2021-02-08 12:51 - 2021-01-15 19:51 - 000000000 ____D C:\Users\Administrator\Desktop\tron
2021-02-08 12:44 - 2021-02-08 12:51 - 544388001 _____ (Igor Pavlov) C:\Users\Administrator\Downloads\Tron v11.1.6 (2021-01-15).exe
2021-02-08 12:44 - 2021-02-08 12:51 - 544388001 _____ (Igor Pavlov) C:\Users\Administrator\Downloads\Tron v11.1.6 (2021-01-15).exe
2021-02-08 12:41 - 2021-02-08 12:41 - 000220600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-02-08 12:28 - 2021-02-08 12:53 - 000001572 _____ C:\Windows\SysWOW64\tmp.reg
2021-02-08 12:28 - 2021-02-08 12:53 - 000000691 _____ C:\Users\Administrator\AppData\Roaming\GetValue.vbs
2021-02-08 12:28 - 2021-02-08 12:53 - 000000691 _____ C:\Users\Administrator\AppData\Roaming\GetValue.vbs
2021-02-08 12:28 - 2021-02-08 12:53 - 000000035 _____ C:\Users\Administrator\AppData\Roaming\SetValue.bat
2021-02-08 12:28 - 2021-02-08 12:53 - 000000035 _____ C:\Users\Administrator\AppData\Roaming\SetValue.bat
2021-02-08 12:28 - 2021-02-08 12:53 - 000000000 _____ C:\Windows\SysWOW64\tmp.txt
2021-02-08 12:22 - 2021-02-08 12:53 - 000000000 ____D C:\Users\Administrator\Downloads\SmitfraudFix
2021-02-08 12:22 - 2021-02-08 12:53 - 000000000 ____D C:\Users\Administrator\Downloads\SmitfraudFix
2021-02-08 12:22 - 2009-06-02 11:17 - 000075776 _____ C:\Windows\SysWOW64\WS2Fix.exe
2021-02-08 12:22 - 2008-12-12 01:57 - 000078336 _____ (S!Ri.URZ) C:\Windows\SysWOW64\Agent.OMZ.Fix.exe
2021-02-08 12:22 - 2008-11-29 18:58 - 000082944 _____ (S!Ri.URZ) C:\Windows\SysWOW64\IEDFix.C.exe
2021-02-08 12:22 - 2008-10-01 15:51 - 000087552 _____ (S!Ri.URZ) C:\Windows\SysWOW64\VACFix.exe
2021-02-08 12:22 - 2008-09-20 12:45 - 000080384 _____ (S!Ri.URZ) C:\Windows\SysWOW64\o4Patch.exe
2021-02-08 12:22 - 2008-08-18 12:19 - 000082432 _____ (S!Ri.URZ) C:\Windows\SysWOW64\404Fix.exe
2021-02-08 12:22 - 2008-05-18 21:40 - 000082944 _____ (S!Ri.URZ) C:\Windows\SysWOW64\IEDFix.exe
2021-02-08 12:22 - 2007-09-06 00:22 - 000289144 _____ (S!Ri) C:\Windows\SysWOW64\VCCLSID.exe
2021-02-08 12:22 - 2006-12-01 06:20 - 000079360 _____ (SteelWerX) C:\Windows\SysWOW64\swxcacls.exe
2021-02-08 12:22 - 2006-08-29 19:43 - 000135168 _____ (SteelWerX) C:\Windows\SysWOW64\swreg.exe
2021-02-08 12:22 - 2006-04-27 17:49 - 000288417 _____ (S!Ri) C:\Windows\SysWOW64\SrchSTS.exe
2021-02-08 12:22 - 2006-01-09 10:36 - 000040960 _____ C:\Windows\SysWOW64\swsc.exe
2021-02-08 12:22 - 2004-07-31 18:50 - 000051200 _____ C:\Windows\SysWOW64\dumphive.exe
2021-02-08 12:22 - 2003-06-05 21:13 - 000053248 _____ (hxxp://www.beyondlogic.org) C:\Windows\SysWOW64\Process.exe
2021-02-08 12:13 - 2021-02-08 12:13 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbam
2021-02-08 12:13 - 2021-02-08 12:13 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbam
2021-02-08 12:12 - 2021-02-08 12:41 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-02-08 12:12 - 2021-02-08 12:11 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-02-08 12:12 - 2021-02-08 12:11 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-02-07 18:23 - 2021-02-07 18:23 - 000001128 _____ C:\Users\Administrator\Desktop\RubyTale.exe - Verknüpfung.lnk
2021-02-07 18:23 - 2021-02-07 18:23 - 000001128 _____ C:\Users\Administrator\Desktop\RubyTale.exe - Verknüpfung.lnk
2021-02-07 10:18 - 2021-02-07 10:18 - 000002141 _____ C:\Users\Administrator\Desktop\Taoists.lnk
2021-02-07 10:18 - 2021-02-07 10:18 - 000002141 _____ C:\Users\Administrator\Desktop\Taoists.lnk
2021-02-05 23:57 - 2021-02-06 00:03 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\NosWings
2021-02-05 23:57 - 2021-02-06 00:03 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\NosWings
2021-02-05 23:54 - 2021-02-05 23:55 - 000000000 ____D C:\Program Files\dotnet
2021-02-05 23:53 - 2021-02-05 23:54 - 055131120 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\windowsdesktop-runtime-5.0.2-win-x64.exe
2021-02-05 23:53 - 2021-02-05 23:54 - 055131120 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\windowsdesktop-runtime-5.0.2-win-x64.exe
2021-02-05 23:53 - 2021-02-05 23:53 - 000002106 _____ C:\Users\Administrator\Desktop\NosWings Launcher.exe - Verknüpfung.lnk
2021-02-05 23:53 - 2021-02-05 23:53 - 000002106 _____ C:\Users\Administrator\Desktop\NosWings Launcher.exe - Verknüpfung.lnk
2021-02-05 14:49 - 2021-02-05 15:02 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2021-02-05 14:49 - 2021-02-05 15:02 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2021-02-05 14:47 - 2021-02-05 14:55 - 000000000 ____D C:\Program Files\Avast Software
2021-02-05 14:47 - 2021-02-05 14:47 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-02-05 14:46 - 2021-02-05 14:46 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-02-05 14:46 - 2021-02-05 14:45 - 062017541 _____ C:\Users\Administrator\Desktop\Avast Cleanup Premium.rar
2021-02-05 14:46 - 2021-02-05 14:45 - 062017541 _____ C:\Users\Administrator\Desktop\Avast Cleanup Premium.rar
2021-02-05 14:46 - 2021-01-15 04:24 - 000000000 ____D C:\Users\Administrator\Desktop\Avast Cleanup Premium
2021-02-05 14:46 - 2021-01-15 04:24 - 000000000 ____D C:\Users\Administrator\Desktop\Avast Cleanup Premium
2021-02-05 14:44 - 2021-02-05 14:45 - 062017541 _____ C:\Users\Administrator\Downloads\Avast Cleanup Premium.rar
2021-02-05 14:44 - 2021-02-05 14:45 - 062017541 _____ C:\Users\Administrator\Downloads\Avast Cleanup Premium.rar
2021-02-05 14:44 - 2021-02-05 14:44 - 000104892 _____ C:\Users\Administrator\Downloads\Avast Premier 2021 (Premium).rar
2021-02-05 14:44 - 2021-02-05 14:44 - 000104892 _____ C:\Users\Administrator\Downloads\Avast Premier 2021 (Premium).rar
2021-02-05 14:44 - 2021-02-05 14:44 - 000104892 _____ C:\Users\Administrator\Desktop\Avast Premier 2021 (Premium).rar
2021-02-05 14:44 - 2021-02-05 14:44 - 000104892 _____ C:\Users\Administrator\Desktop\Avast Premier 2021 (Premium).rar
2021-02-05 11:34 - 2021-02-05 11:34 - 000131323 _____ C:\Users\Administrator\Downloads\Geschichte_1_BRD_Zusammenbruchgesellschaft_Deutschland 1945.pdf
2021-02-05 11:34 - 2021-02-05 11:34 - 000131323 _____ C:\Users\Administrator\Downloads\Geschichte_1_BRD_Zusammenbruchgesellschaft_Deutschland 1945.pdf
2021-02-05 08:35 - 2021-02-05 08:35 - 000416427 _____ C:\Users\Administrator\Downloads\01-AB GG-Preis.pdf
2021-02-05 08:35 - 2021-02-05 08:35 - 000416427 _____ C:\Users\Administrator\Downloads\01-AB GG-Preis.pdf
2021-02-05 08:35 - 2021-02-05 08:35 - 000121993 _____ C:\Users\Administrator\Downloads\02_ÜA Marktgleichgewicht.pdf
2021-02-05 08:35 - 2021-02-05 08:35 - 000121993 _____ C:\Users\Administrator\Downloads\02_ÜA Marktgleichgewicht.pdf
2021-02-05 08:34 - 2021-02-05 08:34 - 000140889 _____ C:\Users\Administrator\Downloads\Lösungen_NachfrageEL_29.01.2021 (1).pdf
2021-02-05 08:34 - 2021-02-05 08:34 - 000140889 _____ C:\Users\Administrator\Downloads\Lösungen_NachfrageEL_29.01.2021 (1).pdf
2021-02-04 20:52 - 2021-02-04 20:53 - 029352480 _____ (TeamViewer Germany GmbH) C:\Users\Administrator\Downloads\TeamViewer_Setup.exe
2021-02-04 20:52 - 2021-02-04 20:53 - 029352480 _____ (TeamViewer Germany GmbH) C:\Users\Administrator\Downloads\TeamViewer_Setup.exe
2021-02-04 20:25 - 2021-02-04 20:25 - 000000000 ____D C:\Windows\SysWOW64\BTPLConfig
2021-02-04 11:47 - 2021-02-04 12:18 - 000001604 _____ C:\Users\Administrator\Desktop\Neues Textdokument (7).txt
2021-02-04 11:47 - 2021-02-04 12:18 - 000001604 _____ C:\Users\Administrator\Desktop\Neues Textdokument (7).txt
2021-02-04 11:44 - 2021-02-04 11:44 - 000225524 _____ C:\Users\Administrator\Downloads\Einzelunternehmen.zip
2021-02-04 11:44 - 2021-02-04 11:44 - 000225524 _____ C:\Users\Administrator\Downloads\Einzelunternehmen.zip
2021-02-04 11:44 - 2021-02-04 11:44 - 000225524 _____ C:\Users\Administrator\Desktop\Einzelunternehmen.zip
2021-02-04 11:44 - 2021-02-04 11:44 - 000225524 _____ C:\Users\Administrator\Desktop\Einzelunternehmen.zip
2021-02-04 11:44 - 2021-02-04 10:44 - 000000000 ____D C:\Users\Administrator\Desktop\Einzelunternehmen
2021-02-04 11:44 - 2021-02-04 10:44 - 000000000 ____D C:\Users\Administrator\Desktop\Einzelunternehmen
2021-02-04 09:40 - 2021-02-04 09:40 - 000112529 _____ C:\Users\Administrator\Downloads\19_BSV_AG.pdf
2021-02-04 09:40 - 2021-02-04 09:40 - 000112529 _____ C:\Users\Administrator\Downloads\19_BSV_AG.pdf
2021-02-04 08:42 - 2021-02-04 08:43 - 006455520 _____ (EnigmaSoft Limited) C:\Users\Administrator\Downloads\SpyHunter-Installer.exe
2021-02-04 08:42 - 2021-02-04 08:43 - 006455520 _____ (EnigmaSoft Limited) C:\Users\Administrator\Downloads\SpyHunter-Installer.exe
2021-02-04 08:42 - 2021-02-04 08:42 - 002086424 _____ (Malwarebytes) C:\Users\Administrator\Downloads\MBSetup-092170.092170-consumer.exe
2021-02-04 08:42 - 2021-02-04 08:42 - 002086424 _____ (Malwarebytes) C:\Users\Administrator\Downloads\MBSetup-092170.092170-consumer.exe
2021-02-04 08:31 - 2021-02-04 08:32 - 135062968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-02-04 08:30 - 2021-02-04 08:31 - 036696584 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Windows-KB890830-x64-V5.85.exe
2021-02-04 08:30 - 2021-02-04 08:31 - 036696584 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Windows-KB890830-x64-V5.85.exe
2021-02-04 08:27 - 2021-02-04 08:27 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbarw
2021-02-04 08:27 - 2021-02-04 08:27 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbarw
2021-02-04 08:24 - 2021-02-08 12:25 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-03 21:25 - 2021-02-09 12:15 - 000000000 ____D C:\Windows\ShellNew
2021-02-03 21:23 - 2021-02-03 21:24 - 012298408 _____ (AutoIt Team) C:\Users\Administrator\Downloads\autoit-v3-setup.exe
2021-02-03 21:23 - 2021-02-03 21:24 - 012298408 _____ (AutoIt Team) C:\Users\Administrator\Downloads\autoit-v3-setup.exe
2021-02-03 21:16 - 2021-02-03 21:16 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Pecado
2021-02-03 21:16 - 2021-02-03 21:16 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Pecado
2021-02-03 18:02 - 2021-02-03 18:02 - 000000000 ____D C:\Users\Administrator\Desktop\Windows
2021-02-03 18:02 - 2021-02-03 18:02 - 000000000 ____D C:\Users\Administrator\Desktop\Windows
2021-02-03 16:22 - 2021-02-07 18:47 - 000000000 ____D C:\Users\Administrator\Desktop\things
2021-02-03 16:22 - 2021-02-07 18:47 - 000000000 ____D C:\Users\Administrator\Desktop\things
2021-02-03 14:33 - 2021-02-03 14:33 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\dnSpy
2021-02-03 14:33 - 2021-02-03 14:33 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\dnSpy
2021-02-03 14:28 - 2021-02-03 14:32 - 000003875 _____ C:\Users\Administrator\Desktop\settings.xml
2021-02-03 14:28 - 2021-02-03 14:32 - 000003875 _____ C:\Users\Administrator\Desktop\settings.xml
2021-02-03 14:27 - 2021-02-03 14:27 - 001301159 _____ C:\Users\Administrator\Downloads\Extreme.Injector.v3.7.3.-.by.master131.rar
2021-02-03 14:27 - 2021-02-03 14:27 - 001301159 _____ C:\Users\Administrator\Downloads\Extreme.Injector.v3.7.3.-.by.master131.rar
2021-02-03 14:26 - 2021-02-03 14:26 - 007186992 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\vcredist_x64 (1).exe
2021-02-03 14:26 - 2021-02-03 14:26 - 007186992 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\vcredist_x64 (1).exe
2021-02-03 14:25 - 2021-02-03 14:26 - 005673816 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\vcredist_x64.exe
2021-02-03 14:25 - 2021-02-03 14:26 - 005673816 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\vcredist_x64.exe
2021-02-03 14:23 - 2021-02-03 11:43 - 001742336 _____ () C:\Users\Administrator\Desktop\EWSF.dll
2021-02-03 14:23 - 2021-02-03 11:43 - 001742336 _____ () C:\Users\Administrator\Desktop\EWSF.dll
2021-02-03 14:23 - 2020-02-14 21:36 - 001686016 _____ C:\Users\Administrator\Desktop\Main.dll
2021-02-03 14:23 - 2020-02-14 21:36 - 001686016 _____ C:\Users\Administrator\Desktop\Main.dll
2021-02-03 14:22 - 2021-02-03 14:23 - 000000000 ____D C:\Users\Administrator\Desktop\EWSF EMM
2021-02-03 14:22 - 2021-02-03 14:23 - 000000000 ____D C:\Users\Administrator\Desktop\EWSF EMM
2021-02-03 14:22 - 2021-02-03 14:22 - 004461471 _____ C:\Users\Administrator\Downloads\multiDLL injector.rar
2021-02-03 14:22 - 2021-02-03 14:22 - 004461471 _____ C:\Users\Administrator\Downloads\multiDLL injector.rar
2021-02-03 14:12 - 2021-02-03 14:12 - 000001128 _____ C:\Users\Administrator\Desktop\EastMile.exe - Verknüpfung.lnk
2021-02-03 14:12 - 2021-02-03 14:12 - 000001128 _____ C:\Users\Administrator\Desktop\EastMile.exe - Verknüpfung.lnk
2021-02-03 14:06 - 2021-02-03 14:16 - 000000000 ____D C:\Users\Administrator\Desktop\NosByte - Kopie
2021-02-03 14:06 - 2021-02-03 14:16 - 000000000 ____D C:\Users\Administrator\Desktop\NosByte - Kopie
2021-02-03 14:03 - 2021-02-03 14:03 - 000000000 ____D C:\Users\Administrator\AppData\Local\dnSpy
2021-02-03 14:03 - 2021-02-03 14:03 - 000000000 ____D C:\Users\Administrator\AppData\Local\dnSpy
2021-02-03 14:02 - 2021-02-03 14:03 - 000000000 ____D C:\Users\Administrator\Downloads\dnSpy-net-win64
2021-02-03 14:02 - 2021-02-03 14:03 - 000000000 ____D C:\Users\Administrator\Downloads\dnSpy-net-win64
2021-02-03 14:01 - 2021-02-03 14:02 - 085810042 _____ C:\Users\Administrator\Downloads\dnSpy-net-win64.zip
2021-02-03 14:01 - 2021-02-03 14:02 - 085810042 _____ C:\Users\Administrator\Downloads\dnSpy-net-win64.zip
2021-02-03 13:57 - 2021-02-03 13:57 - 001687914 _____ C:\Users\Administrator\Desktop\EWSF.EWS
2021-02-03 13:57 - 2021-02-03 13:57 - 001687914 _____ C:\Users\Administrator\Desktop\EWSF.EWS
2021-02-03 13:53 - 2021-02-09 14:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Notepad++
2021-02-03 13:53 - 2021-02-09 14:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Notepad++
2021-02-03 13:53 - 2021-02-03 14:21 - 000000000 ____D C:\Users\Administrator\Desktop\EWSF NV
2021-02-03 13:53 - 2021-02-03 14:21 - 000000000 ____D C:\Users\Administrator\Desktop\EWSF NV
2021-02-03 13:53 - 2021-02-03 13:54 - 000000000 ____D C:\Users\Administrator\Desktop\EWSF EM
2021-02-03 13:53 - 2021-02-03 13:54 - 000000000 ____D C:\Users\Administrator\Desktop\EWSF EM
2021-02-03 13:53 - 2021-02-03 13:53 - 000000000 ____D C:\Program Files\Notepad++
2021-02-03 13:52 - 2021-02-03 13:53 - 002846896 _____ C:\Users\Administrator\Downloads\npp.7.Installer.x64.exe
2021-02-03 13:52 - 2021-02-03 13:53 - 002846896 _____ C:\Users\Administrator\Downloads\npp.7.Installer.x64.exe
2021-02-03 13:52 - 2021-02-03 13:52 - 000001586 _____ C:\Users\Administrator\Desktop\EastMile.exe - Verknüpfung (3).lnk
2021-02-03 13:52 - 2021-02-03 13:52 - 000001586 _____ C:\Users\Administrator\Desktop\EastMile.exe - Verknüpfung (3).lnk
2021-02-03 13:47 - 2021-02-08 22:49 - 000020236 _____ C:\Users\Administrator\Desktop\NT.txt
2021-02-03 13:47 - 2021-02-08 22:49 - 000020236 _____ C:\Users\Administrator\Desktop\NT.txt
2021-02-03 13:44 - 2021-02-03 13:44 - 000001218 _____ C:\Users\Administrator\Desktop\EastMile.exe - Verknüpfung (2).lnk
2021-02-03 13:44 - 2021-02-03 13:44 - 000001218 _____ C:\Users\Administrator\Desktop\EastMile.exe - Verknüpfung (2).lnk
2021-02-03 13:42 - 2021-02-08 16:43 - 000000728 _____ C:\Users\Administrator\Desktop\Manager.exe - Verknüpfung.lnk
2021-02-03 13:42 - 2021-02-08 16:43 - 000000728 _____ C:\Users\Administrator\Desktop\Manager.exe - Verknüpfung.lnk
2021-02-03 13:37 - 2020-10-10 11:00 - 003492936 _____ (Entwell) C:\Users\Administrator\Desktop\EastMile.exe
2021-02-03 13:37 - 2020-10-10 11:00 - 003492936 _____ (Entwell) C:\Users\Administrator\Desktop\EastMile.exe
2021-02-03 11:40 - 2021-02-09 12:15 - 000000000 ____D C:\Program Files (x86)\Eastmile Client
2021-02-03 11:38 - 2021-02-03 11:38 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Eastmile
2021-02-03 11:38 - 2021-02-03 11:38 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Eastmile
2021-02-03 11:27 - 2021-02-03 11:37 - 085181928 _____ (Eastmile) C:\Users\Administrator\Downloads\EastmileSetup.exe
2021-02-03 11:27 - 2021-02-03 11:37 - 085181928 _____ (Eastmile) C:\Users\Administrator\Downloads\EastmileSetup.exe
2021-02-03 10:13 - 2021-02-03 10:13 - 000000000 ____D C:\Users\Administrator\Documents\vroid
2021-02-03 10:13 - 2021-02-03 10:13 - 000000000 ____D C:\Users\Administrator\Documents\vroid
2021-02-03 10:13 - 2021-02-03 10:13 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\pixiv
2021-02-03 10:13 - 2021-02-03 10:13 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\pixiv
2021-02-03 10:10 - 2021-02-03 10:12 - 428566936 _____ (pixiv Inc. ) C:\Users\Administrator\Downloads\VRoidStudio-v0.12.1-win.exe
2021-02-03 10:10 - 2021-02-03 10:12 - 428566936 _____ (pixiv Inc. ) C:\Users\Administrator\Downloads\VRoidStudio-v0.12.1-win.exe
2021-02-03 08:54 - 2021-02-03 08:54 - 000000000 _____ C:\Users\Administrator\Desktop\Neues Textdokument (6).txt
2021-02-03 08:54 - 2021-02-03 08:54 - 000000000 _____ C:\Users\Administrator\Desktop\Neues Textdokument (6).txt
2021-02-03 08:33 - 2021-02-04 15:14 - 000011500 _____ C:\Users\Administrator\Desktop\Microsoft Excel-Arbeitsblatt (neu).xlsx
2021-02-03 08:33 - 2021-02-04 15:14 - 000011500 _____ C:\Users\Administrator\Desktop\Microsoft Excel-Arbeitsblatt (neu).xlsx
2021-02-02 13:22 - 2021-02-02 13:22 - 2966290432 _____ C:\Users\Administrator\Downloads\Unconfirmed 618904.crdownload
2021-02-02 13:22 - 2021-02-02 13:22 - 2966290432 _____ C:\Users\Administrator\Downloads\Unconfirmed 618904.crdownload
2021-02-02 11:28 - 2021-02-02 11:28 - 000142263 _____ C:\Users\Administrator\Downloads\18_+£b Maschinenstd.pdf
2021-02-02 11:28 - 2021-02-02 11:28 - 000142263 _____ C:\Users\Administrator\Downloads\18_+£b Maschinenstd.pdf
2021-02-02 05:28 - 2021-02-02 05:28 - 000000000 ____D C:\Users\Andere\AppData\Local\PeerDistRepub
2021-02-02 05:28 - 2021-02-02 05:28 - 000000000 ____D C:\Users\Andere\AppData\Local\PeerDistRepub
2021-02-02 02:13 - 2021-02-02 02:13 - 045092380 _____ C:\Users\Andere\Downloads\SpaceHDR#1.zip
2021-02-02 02:13 - 2021-02-02 02:13 - 045092380 _____ C:\Users\Andere\Downloads\SpaceHDR#1.zip
2021-02-02 02:05 - 2021-02-02 02:05 - 045133648 _____ C:\Users\Andere\Downloads\dirty_concrete_4k_jpg.zip
2021-02-02 02:05 - 2021-02-02 02:05 - 045133648 _____ C:\Users\Andere\Downloads\dirty_concrete_4k_jpg.zip
2021-02-01 23:01 - 2021-02-01 23:01 - 000000000 ____D C:\Users\Administrator\Documents\xgen
2021-02-01 23:01 - 2021-02-01 23:01 - 000000000 ____D C:\Users\Administrator\Documents\xgen
2021-02-01 22:57 - 2021-02-01 22:59 - 000000000 ____D C:\Users\Administrator\Documents\maya
2021-02-01 22:57 - 2021-02-01 22:59 - 000000000 ____D C:\Users\Administrator\Documents\maya
2021-02-01 22:57 - 2021-02-01 22:57 - 000000000 ____D C:\Users\Administrator\AppData\Local\AdSSO
2021-02-01 22:57 - 2021-02-01 22:57 - 000000000 ____D C:\Users\Administrator\AppData\Local\AdSSO
2021-02-01 21:48 - 2021-02-01 21:48 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\.mono
2021-02-01 21:48 - 2021-02-01 21:48 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\.mono
2021-02-01 21:47 - 2021-02-01 21:47 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\miHoYo
2021-02-01 21:47 - 2021-02-01 21:47 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\miHoYo
2021-02-01 20:42 - 2021-02-01 20:42 - 000000000 ____D C:\Users\Administrator\AppData\Local\miHoYo
2021-02-01 20:42 - 2021-02-01 20:42 - 000000000 ____D C:\Users\Administrator\AppData\Local\miHoYo
2021-02-01 20:41 - 2021-02-07 09:57 - 000000000 ____D C:\Program Files\Genshin Impact
2021-02-01 20:41 - 2021-02-03 08:33 - 000001054 _____ C:\Users\Administrator\Desktop\Genshin Impact.lnk
2021-02-01 20:41 - 2021-02-03 08:33 - 000001054 _____ C:\Users\Administrator\Desktop\Genshin Impact.lnk
2021-02-01 20:40 - 2021-02-01 20:41 - 124657792 _____ (miHoYo) C:\Users\Administrator\Downloads\GenshinImpact_install_20210122160343.exe
2021-02-01 20:40 - 2021-02-01 20:41 - 124657792 _____ (miHoYo) C:\Users\Administrator\Downloads\GenshinImpact_install_20210122160343.exe
2021-02-01 18:10 - 2021-02-01 18:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\Ghostrunner
2021-02-01 18:10 - 2021-02-01 18:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\Ghostrunner
2021-02-01 18:03 - 2021-02-01 18:03 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2021-02-01 18:03 - 2021-02-01 18:03 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-02-01 18:03 - 2021-02-01 18:03 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-02-01 18:02 - 2021-02-01 18:02 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-02-01 18:02 - 2021-02-01 18:02 - 000000000 ____D C:\Program Files\MSBuild
2021-02-01 18:01 - 2019-12-03 14:04 - 000781384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2021-02-01 18:01 - 2019-12-03 14:04 - 000105544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2021-02-01 18:01 - 2019-12-03 14:04 - 000037864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2021-02-01 18:01 - 2019-11-08 14:44 - 001168968 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2021-02-01 18:01 - 2019-11-08 14:44 - 000127056 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2021-02-01 18:01 - 2019-11-08 14:44 - 000038072 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2021-02-01 17:04 - 2020-12-30 03:56 - 000000000 ____D C:\Users\Administrator\Desktop\Ghostrunner.v32091.GOG
2021-02-01 17:04 - 2020-12-30 03:56 - 000000000 ____D C:\Users\Administrator\Desktop\Ghostrunner.v32091.GOG
2021-02-01 12:23 - 2021-02-01 12:23 - 000483602 _____ C:\Users\Administrator\Downloads\OneDrive_1_1.2.2021.zip
2021-02-01 12:23 - 2021-02-01 12:23 - 000483602 _____ C:\Users\Administrator\Downloads\OneDrive_1_1.2.2021.zip
2021-02-01 11:49 - 2021-02-03 18:38 - 000000471 _____ C:\Users\Administrator\Desktop\Neues Textdokument (5).txt
2021-02-01 11:49 - 2021-02-03 18:38 - 000000471 _____ C:\Users\Administrator\Desktop\Neues Textdokument (5).txt
2021-02-01 11:23 - 2021-02-01 12:24 - 000223269 _____ C:\Users\Administrator\Desktop\17 BAB und Kostenträgerzeitblatt.pdf
2021-02-01 11:23 - 2021-02-01 12:24 - 000223269 _____ C:\Users\Administrator\Desktop\17 BAB und Kostenträgerzeitblatt.pdf
2021-02-01 11:23 - 2021-02-01 12:24 - 000142263 _____ C:\Users\Administrator\Desktop\18_+£b Maschinenstd.pdf
2021-02-01 11:23 - 2021-02-01 12:24 - 000142263 _____ C:\Users\Administrator\Desktop\18_+£b Maschinenstd.pdf
2021-02-01 11:23 - 2021-02-01 12:24 - 000117624 _____ C:\Users\Administrator\Desktop\16_+ÜbKR.pdf
2021-02-01 11:23 - 2021-02-01 12:24 - 000117624 _____ C:\Users\Administrator\Desktop\16_+ÜbKR.pdf
2021-02-01 11:01 - 2021-02-01 11:01 - 000119668 _____ C:\Users\Administrator\Downloads\SA1_FSJ_ Fa_Kö (1).pdf
2021-02-01 11:01 - 2021-02-01 11:01 - 000119668 _____ C:\Users\Administrator\Downloads\SA1_FSJ_ Fa_Kö (1).pdf
2021-02-01 11:00 - 2021-02-01 11:00 - 000132066 _____ C:\Users\Administrator\Downloads\Argumente.pdf
2021-02-01 11:00 - 2021-02-01 11:00 - 000132066 _____ C:\Users\Administrator\Downloads\Argumente.pdf
2021-02-01 10:57 - 2021-02-01 10:57 - 000000000 ____D C:\Users\Administrator\Desktop\FSJ
2021-02-01 10:57 - 2021-02-01 10:57 - 000000000 ____D C:\Users\Administrator\Desktop\FSJ
2021-02-01 10:56 - 2021-02-01 10:56 - 000093439 _____ C:\Users\Administrator\Downloads\FSJ.zip
2021-02-01 10:56 - 2021-02-01 10:56 - 000093439 _____ C:\Users\Administrator\Downloads\FSJ.zip
2021-02-01 09:39 - 2021-02-01 09:39 - 000140889 _____ C:\Users\Administrator\Downloads\Lösungen_NachfrageEL_29.01.2021.pdf
2021-02-01 09:39 - 2021-02-01 09:39 - 000140889 _____ C:\Users\Administrator\Downloads\Lösungen_NachfrageEL_29.01.2021.pdf
2021-02-01 08:10 - 2021-02-02 10:44 - 000000734 _____ C:\Users\Administrator\Desktop\Neues Textdokument (4).txt
2021-02-01 08:10 - 2021-02-02 10:44 - 000000734 _____ C:\Users\Administrator\Desktop\Neues Textdokument (4).txt
2021-02-01 08:10 - 2021-02-01 08:04 - 000020013 _____ C:\Users\Administrator\Desktop\Exercise – Translation.pdf
2021-02-01 08:10 - 2021-02-01 08:04 - 000020013 _____ C:\Users\Administrator\Desktop\Exercise – Translation.pdf
2021-02-01 08:04 - 2021-02-01 08:04 - 000020013 _____ C:\Users\Administrator\Downloads\Exercise – Translation.pdf
2021-02-01 08:04 - 2021-02-01 08:04 - 000020013 _____ C:\Users\Administrator\Downloads\Exercise – Translation.pdf
2021-02-01 08:00 - 2021-02-01 08:00 - 015683242 _____ C:\Users\Administrator\Downloads\02 Aufgaben zu den Wahrscheinlichkeitsverteilungen.pdf
2021-02-01 08:00 - 2021-02-01 08:00 - 015683242 _____ C:\Users\Administrator\Downloads\02 Aufgaben zu den Wahrscheinlichkeitsverteilungen.pdf
2021-01-31 19:07 - 2021-01-31 19:41 - 1063004405 _____ C:\Users\Administrator\Downloads\Ghostrunner.v32091.GOG.part1.rar
2021-01-31 19:07 - 2021-01-31 19:41 - 1063004405 _____ C:\Users\Administrator\Downloads\Ghostrunner.v32091.GOG.part1.rar
2021-01-31 19:07 - 2021-01-31 19:27 - 1063004405 _____ C:\Users\Administrator\Downloads\Ghostrunner.v32091.GOG.part2.rar
2021-01-31 19:07 - 2021-01-31 19:27 - 1063004405 _____ C:\Users\Administrator\Downloads\Ghostrunner.v32091.GOG.part2.rar
2021-01-31 19:07 - 2021-01-31 19:13 - 2540367956 _____ C:\Users\Administrator\Downloads\Ghostrunner.v32091.GOG.part3.rar
2021-01-31 19:07 - 2021-01-31 19:13 - 2540367956 _____ C:\Users\Administrator\Downloads\Ghostrunner.v32091.GOG.part3.rar
2021-01-31 17:01 - 2021-01-31 17:01 - 000150912 _____ C:\Users\Andere\Downloads\Extractinator.fbx
2021-01-31 17:01 - 2021-01-31 17:01 - 000150912 _____ C:\Users\Andere\Downloads\Extractinator.fbx
2021-01-31 16:03 - 2021-01-31 16:03 - 000000000 ____D C:\Users\Andere\Documents\xgen
2021-01-31 16:03 - 2021-01-31 16:03 - 000000000 ____D C:\Users\Andere\Documents\xgen
2021-01-31 14:08 - 2021-01-31 14:08 - 000000000 _____ C:\Users\Administrator\Desktop\Neues Textdokument (3).txt
2021-01-31 14:08 - 2021-01-31 14:08 - 000000000 _____ C:\Users\Administrator\Desktop\Neues Textdokument (3).txt
2021-01-31 12:52 - 2021-01-31 12:52 - 000006595 _____ C:\Users\Administrator\Desktop\Stunden.xlsx
2021-01-31 12:52 - 2021-01-31 12:52 - 000006595 _____ C:\Users\Administrator\Desktop\Stunden.xlsx
2021-01-30 12:01 - 2021-01-30 12:01 - 000000000 ____D C:\Users\Administrator\Downloads\Mount.&.Blade.II.Bannerlord.Steam.Rip-InsaneRamZes
2021-01-30 09:07 - 2021-01-30 09:07 - 001944574 _____ C:\Users\Administrator\Downloads\Mount.and.Blade.II.Bannerlord.e1.5.6.Early.Access.torrent
2021-01-30 09:07 - 2021-01-30 09:07 - 001944574 _____ C:\Users\Administrator\Downloads\Mount.and.Blade.II.Bannerlord.e1.5.6.Early.Access.torrent
2021-01-30 08:45 - 2021-02-01 18:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\UnrealEngine
2021-01-30 08:45 - 2021-02-01 18:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\UnrealEngine
2021-01-30 08:45 - 2021-01-30 08:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Goldberg SteamEmu Saves
2021-01-30 08:45 - 2021-01-30 08:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Goldberg SteamEmu Saves
2021-01-30 08:45 - 2021-01-30 08:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\COVOID20
2021-01-30 08:45 - 2021-01-30 08:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\COVOID20
2021-01-29 23:01 - 2021-01-29 23:01 - 000000000 ____D C:\Users\Andere\Downloads\licenses-da1fa3eec9cfd51cba59
2021-01-29 23:01 - 2021-01-29 23:01 - 000000000 ____D C:\Users\Andere\Downloads\licenses-da1fa3eec9cfd51cba59
2021-01-29 22:51 - 2021-01-29 22:51 - 000003719 _____ C:\Users\Andere\Downloads\licenses-da1fa3eec9cfd51cba59.zip
2021-01-29 22:51 - 2021-01-29 22:51 - 000003719 _____ C:\Users\Andere\Downloads\licenses-da1fa3eec9cfd51cba59.zip
2021-01-29 22:50 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\Documents\Allegorithmic
2021-01-29 22:50 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\Documents\Allegorithmic
2021-01-29 22:50 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Allegorithmic
2021-01-29 22:50 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Allegorithmic
2021-01-29 22:50 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\Allegorithmic
2021-01-29 22:50 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\Allegorithmic
2021-01-29 22:34 - 2021-01-29 22:40 - 1546084360 _____ (Allegorithmic ) C:\Users\Andere\Downloads\Substance_Painter-7.1.0-804-msvc14-x64-standard.exe
2021-01-29 22:34 - 2021-01-29 22:40 - 1546084360 _____ (Allegorithmic ) C:\Users\Andere\Downloads\Substance_Painter-7.1.0-804-msvc14-x64-standard.exe
2021-01-29 15:04 - 2021-01-29 15:31 - 419745637 _____ C:\Users\Administrator\Downloads\COVID.20.Early.Access.zip
2021-01-29 15:04 - 2021-01-29 15:31 - 419745637 _____ C:\Users\Administrator\Downloads\COVID.20.Early.Access.zip
2021-01-29 14:33 - 2021-01-29 14:33 - 002048790 _____ C:\Users\Administrator\Downloads\SpeedAutoClicker-v1.6.2.zip
2021-01-29 14:33 - 2021-01-29 14:33 - 002048790 _____ C:\Users\Administrator\Downloads\SpeedAutoClicker-v1.6.2.zip
2021-01-29 14:33 - 2021-01-29 14:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\fabi.me
2021-01-29 14:33 - 2021-01-29 14:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\fabi.me
2021-01-29 14:13 - 2021-01-29 14:13 - 000000000 ____D C:\Users\Administrator\AppData\Local\DrvVideo
2021-01-29 14:13 - 2021-01-29 14:13 - 000000000 ____D C:\Users\Administrator\AppData\Local\DrvVideo
2021-01-29 12:45 - 2021-01-29 12:45 - 000000000 ____D C:\Users\Administrator\Documents\Benutzerdefinierte Office-Vorlagen
2021-01-29 12:45 - 2021-01-29 12:45 - 000000000 ____D C:\Users\Administrator\Documents\Benutzerdefinierte Office-Vorlagen
2021-01-29 12:43 - 2021-01-29 12:43 - 000208755 _____ C:\Users\Administrator\Downloads\SA1_FSJ_ Fa_Kö.pdf
2021-01-29 12:43 - 2021-01-29 12:43 - 000208755 _____ C:\Users\Administrator\Downloads\SA1_FSJ_ Fa_Kö.pdf
2021-01-29 12:35 - 2021-01-29 12:35 - 000093423 _____ C:\Users\Administrator\Downloads\OneDrive_2_29.1.2021.zip
2021-01-29 12:35 - 2021-01-29 12:35 - 000093423 _____ C:\Users\Administrator\Downloads\OneDrive_2_29.1.2021.zip
2021-01-29 12:14 - 2021-02-08 14:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-29 12:14 - 2021-01-29 12:14 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-01-29 11:44 - 2021-02-05 12:46 - 000006759 _____ C:\Users\Administrator\Desktop\Neues Textdokument (2).txt
2021-01-29 11:44 - 2021-02-05 12:46 - 000006759 _____ C:\Users\Administrator\Desktop\Neues Textdokument (2).txt
2021-01-29 11:43 - 2021-01-29 11:43 - 000261729 _____ C:\Users\Administrator\Downloads\USA bis 1945_10_Die USA im Zweiten Weltkrieg_AB zum Film.pdf
2021-01-29 11:43 - 2021-01-29 11:43 - 000261729 _____ C:\Users\Administrator\Downloads\USA bis 1945_10_Die USA im Zweiten Weltkrieg_AB zum Film.pdf
2021-01-29 11:30 - 2021-02-02 13:16 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\files
2021-01-29 11:30 - 2021-02-02 13:16 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\files
2021-01-29 11:30 - 2021-01-29 11:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\AdvinstAnalytics
2021-01-29 11:30 - 2021-01-29 11:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\AdvinstAnalytics
2021-01-29 11:30 - 2021-01-29 11:30 - 000000000 ____D C:\Program Files (x86)\OInstall
2021-01-29 09:26 - 2021-01-29 09:26 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Shugasu
2021-01-29 09:26 - 2021-01-29 09:26 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Shugasu
2021-01-29 09:25 - 2021-01-29 09:25 - 000000222 _____ C:\Users\Administrator\Desktop\Idling to Rule the Gods.url
2021-01-29 09:25 - 2021-01-29 09:25 - 000000222 _____ C:\Users\Administrator\Desktop\Idling to Rule the Gods.url
2021-01-29 09:25 - 2021-01-29 09:25 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-29 09:25 - 2021-01-29 09:25 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-29 09:22 - 2021-01-29 09:22 - 000000000 ____D C:\Users\Administrator\AppData\Local\Steam
2021-01-29 09:22 - 2021-01-29 09:22 - 000000000 ____D C:\Users\Administrator\AppData\Local\Steam
2021-01-29 09:20 - 2021-02-09 14:15 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-29 09:19 - 2021-01-29 09:19 - 001573568 _____ C:\Users\Administrator\Downloads\SteamSetup.exe
2021-01-29 09:19 - 2021-01-29 09:19 - 001573568 _____ C:\Users\Administrator\Downloads\SteamSetup.exe
2021-01-29 09:18 - 2021-01-29 09:18 - 000599902 _____ C:\Users\Administrator\Downloads\OneDrive_1_29.1.2021.zip
2021-01-29 09:18 - 2021-01-29 09:18 - 000599902 _____ C:\Users\Administrator\Downloads\OneDrive_1_29.1.2021.zip
2021-01-29 08:04 - 2021-01-29 08:04 - 000199077 _____ C:\Users\Administrator\Downloads\M an Eltern_Verlängerung des Distanzunterrichts.pdf
2021-01-29 08:04 - 2021-01-29 08:04 - 000199077 _____ C:\Users\Administrator\Downloads\M an Eltern_Verlängerung des Distanzunterrichts.pdf
2021-01-28 21:26 - 2021-01-28 21:30 - 000000000 ____D C:\Users\Administrator\Desktop\COVID-20
2021-01-28 21:26 - 2021-01-28 21:30 - 000000000 ____D C:\Users\Administrator\Desktop\COVID-20
2021-01-28 16:19 - 2021-01-28 16:19 - 000000000 ____D C:\Users\Administrator\Documents\My Cheat Tables
2021-01-28 16:19 - 2021-01-28 16:19 - 000000000 ____D C:\Users\Administrator\Documents\My Cheat Tables
2021-01-28 16:18 - 2021-02-07 10:44 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
2021-01-28 16:16 - 2021-02-03 08:33 - 000002161 _____ C:\Users\Administrator\Desktop\Werewolf Online.lnk
2021-01-28 16:16 - 2021-02-03 08:33 - 000002161 _____ C:\Users\Administrator\Desktop\Werewolf Online.lnk
2021-01-28 14:00 - 2021-01-28 14:00 - 000910677 _____ C:\Users\Administrator\Downloads\BWR Förderkurs.zip
2021-01-28 14:00 - 2021-01-28 14:00 - 000910677 _____ C:\Users\Administrator\Downloads\BWR Förderkurs.zip
2021-01-28 14:00 - 2021-01-28 14:00 - 000000000 ____D C:\Users\Administrator\Desktop\BWR Förderkurs
2021-01-28 14:00 - 2021-01-28 14:00 - 000000000 ____D C:\Users\Administrator\Desktop\BWR Förderkurs
2021-01-28 13:54 - 2021-01-28 13:54 - 000003944 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2021-01-28 13:44 - 2021-01-28 13:51 - 000000000 ____D C:\Program Files\BlueStacks
2021-01-28 13:40 - 2021-01-28 13:43 - 000000000 ____D C:\Users\Administrator\AppData\Local\BlueStacksSetup
2021-01-28 13:40 - 2021-01-28 13:43 - 000000000 ____D C:\Users\Administrator\AppData\Local\BlueStacksSetup
2021-01-28 13:40 - 2021-01-28 13:43 - 000000000 ____D C:\Users\Administrator\AppData\Local\Bluestacks
2021-01-28 13:40 - 2021-01-28 13:43 - 000000000 ____D C:\Users\Administrator\AppData\Local\Bluestacks
2021-01-28 13:40 - 2021-01-28 13:40 - 001232960 _____ (BlueStack Systems Inc.) C:\Users\Administrator\Downloads\BlueStacksInstaller_4.260.0.1032_native_917903eb0bb4e81980ee9f78a7c69bbb.exe
2021-01-28 13:40 - 2021-01-28 13:40 - 001232960 _____ (BlueStack Systems Inc.) C:\Users\Administrator\Downloads\BlueStacksInstaller_4.260.0.1032_native_917903eb0bb4e81980ee9f78a7c69bbb.exe
2021-01-28 12:09 - 2021-01-28 12:09 - 000058367 _____ C:\Users\Administrator\Downloads\Gesetzestexte Firma.pdf
2021-01-28 12:09 - 2021-01-28 12:09 - 000058367 _____ C:\Users\Administrator\Downloads\Gesetzestexte Firma.pdf
2021-01-28 10:42 - 2021-01-28 12:09 - 000000000 ____D C:\Users\Administrator\Desktop\Firma
2021-01-28 10:42 - 2021-01-28 12:09 - 000000000 ____D C:\Users\Administrator\Desktop\Firma
2021-01-28 10:42 - 2021-01-28 10:42 - 070841471 _____ C:\Users\Administrator\Downloads\F11W2.zip
2021-01-28 10:42 - 2021-01-28 10:42 - 070841471 _____ C:\Users\Administrator\Downloads\F11W2.zip
2021-01-28 10:42 - 2021-01-28 10:42 - 000216340 _____ C:\Users\Administrator\Downloads\Handelsregister.zip
2021-01-28 10:42 - 2021-01-28 10:42 - 000216340 _____ C:\Users\Administrator\Downloads\Handelsregister.zip
2021-01-28 10:42 - 2021-01-28 10:42 - 000000000 ____D C:\Users\Administrator\Desktop\Handelsregister
2021-01-28 10:42 - 2021-01-28 10:42 - 000000000 ____D C:\Users\Administrator\Desktop\Handelsregister
2021-01-28 10:41 - 2021-01-28 10:42 - 000067024 _____ C:\Users\Administrator\Downloads\Firma.zip
2021-01-28 10:41 - 2021-01-28 10:42 - 000067024 _____ C:\Users\Administrator\Downloads\Firma.zip
2021-01-28 09:52 - 2021-02-01 14:29 - 000000000 ____D C:\Users\Administrator\AppData\Local\Spotify
2021-01-28 09:52 - 2021-02-01 14:29 - 000000000 ____D C:\Users\Administrator\AppData\Local\Spotify
2021-01-28 09:52 - 2021-02-01 12:46 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Spotify
2021-01-28 09:52 - 2021-02-01 12:46 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Spotify
2021-01-28 09:52 - 2021-01-28 09:52 - 000001908 _____ C:\Users\Administrator\Desktop\Spotify.lnk
2021-01-28 09:52 - 2021-01-28 09:52 - 000001908 _____ C:\Users\Administrator\Desktop\Spotify.lnk
2021-01-28 09:52 - 2021-01-28 09:52 - 000001894 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2021-01-28 09:52 - 2021-01-28 09:52 - 000001894 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2021-01-28 09:51 - 2021-01-28 09:51 - 067415024 _____ (Spotify Ltd) C:\Users\Administrator\Downloads\SpotifyFullSetup.exe
2021-01-28 09:51 - 2021-01-28 09:51 - 067415024 _____ (Spotify Ltd) C:\Users\Administrator\Downloads\SpotifyFullSetup.exe
2021-01-28 09:51 - 2021-01-28 09:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2021-01-28 09:51 - 2021-01-28 09:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2021-01-28 09:04 - 2021-01-28 09:04 - 000234351 _____ C:\Users\Administrator\Downloads\OneDrive_1_28.1.2021.zip
2021-01-28 09:04 - 2021-01-28 09:04 - 000234351 _____ C:\Users\Administrator\Downloads\OneDrive_1_28.1.2021.zip
2021-01-28 08:29 - 2021-01-28 08:29 - 000112295 _____ C:\Users\Administrator\Downloads\USA bis 1945_9 b_Weltwirtschaftskrise und New Deal_Tafelbild unter Berücksichtigung der Auswirkungen auf Deutschland.pdf
2021-01-28 08:29 - 2021-01-28 08:29 - 000112295 _____ C:\Users\Administrator\Downloads\USA bis 1945_9 b_Weltwirtschaftskrise und New Deal_Tafelbild unter Berücksichtigung der Auswirkungen auf Deutschland.pdf
2021-01-28 08:04 - 2021-01-28 09:04 - 000214113 _____ C:\Users\Administrator\Desktop\Angabe_Übung.pdf
2021-01-28 08:04 - 2021-01-28 09:04 - 000214113 _____ C:\Users\Administrator\Desktop\Angabe_Übung.pdf
2021-01-28 08:04 - 2021-01-28 09:04 - 000019976 _____ C:\Users\Administrator\Desktop\Angabe.xlsx
2021-01-28 08:04 - 2021-01-28 09:04 - 000019976 _____ C:\Users\Administrator\Desktop\Angabe.xlsx
2021-01-28 07:46 - 2021-01-28 08:16 - 000002625 _____ C:\Users\Administrator\Desktop\Neues Textdokument.txt
2021-01-28 07:46 - 2021-01-28 08:16 - 000002625 _____ C:\Users\Administrator\Desktop\Neues Textdokument.txt
2021-01-28 07:46 - 2021-01-28 07:46 - 000090376 _____ C:\Users\Administrator\Downloads\USA bis 1945_9 a_Weltwirtschaftskrise und New Deal_Einstieg_Fragen zum Film.pdf
2021-01-28 07:46 - 2021-01-28 07:46 - 000090376 _____ C:\Users\Administrator\Downloads\USA bis 1945_9 a_Weltwirtschaftskrise und New Deal_Einstieg_Fragen zum Film.pdf
2021-01-27 22:51 - 2021-01-27 22:51 - 000000000 ____D C:\Users\Administrator\Documents\Virtual Machines
2021-01-27 22:51 - 2021-01-27 22:51 - 000000000 ____D C:\Users\Administrator\Documents\Virtual Machines
2021-01-27 20:47 - 2021-01-27 22:47 - 968556544 _____ C:\Users\Administrator\Desktop\BlackWindowV2.iso
2021-01-27 20:47 - 2021-01-27 22:47 - 968556544 _____ C:\Users\Administrator\Desktop\BlackWindowV2.iso
2021-01-27 20:43 - 2021-01-27 20:43 - 000000000 ____D C:\Windows\pss
2021-01-27 17:21 - 2021-02-03 07:47 - 000000000 __RSD C:\Users\Andere\Documents\McAfee-Tresore
2021-01-27 17:21 - 2021-02-03 07:47 - 000000000 __RSD C:\Users\Andere\Documents\McAfee-Tresore
2021-01-27 17:21 - 2021-01-27 17:21 - 000000000 ____D C:\Users\Andere\AppData\Local\McAfee File Lock
2021-01-27 17:21 - 2021-01-27 17:21 - 000000000 ____D C:\Users\Andere\AppData\Local\McAfee File Lock
2021-01-27 17:17 - 2021-01-27 17:18 - 000000000 ____D C:\Users\Andere\AppData\Roaming\PotPlayerMini64
2021-01-27 17:17 - 2021-01-27 17:18 - 000000000 ____D C:\Users\Andere\AppData\Roaming\PotPlayerMini64
2021-01-27 17:17 - 2021-01-27 17:17 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Daum
2021-01-27 17:17 - 2021-01-27 17:17 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Daum
2021-01-27 17:17 - 2021-01-27 17:17 - 000000000 _____ C:\Users\Administrator\Desktop\19.txt
2021-01-27 17:17 - 2021-01-27 17:17 - 000000000 _____ C:\Users\Administrator\Desktop\19.txt
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\PotPlayerMini64
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\PotPlayerMini64
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\NVIDIA
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\NVIDIA
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Daum
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Daum
2021-01-27 17:15 - 2021-01-27 17:15 - 000000000 ____D C:\Program Files\DAUM
2021-01-27 17:03 - 2021-02-07 19:27 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\obs-studio
2021-01-27 17:03 - 2021-02-07 19:27 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\obs-studio
2021-01-27 17:02 - 2021-02-03 08:33 - 000001451 _____ C:\Users\Administrator\Desktop\Opera-Browser.lnk
2021-01-27 17:02 - 2021-02-03 08:33 - 000001451 _____ C:\Users\Administrator\Desktop\Opera-Browser.lnk
2021-01-27 17:02 - 2021-01-27 17:03 - 000000000 ____D C:\Program Files\obs-studio
2021-01-27 17:02 - 2021-01-27 17:02 - 075607864 _____ (obsproject.com) C:\Users\Administrator\Downloads\OBS-Studio-26.1.1-Full-Installer-x64.exe
2021-01-27 17:02 - 2021-01-27 17:02 - 075607864 _____ (obsproject.com) C:\Users\Administrator\Downloads\OBS-Studio-26.1.1-Full-Installer-x64.exe
2021-01-27 17:02 - 2021-01-27 17:02 - 000004490 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1611763334
2021-01-27 17:02 - 2021-01-27 17:02 - 000004242 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1611763329
2021-01-27 17:02 - 2021-01-27 17:02 - 000001515 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-01-27 17:02 - 2021-01-27 17:02 - 000001515 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-01-27 17:02 - 2021-01-27 17:02 - 000000000 ____D C:\Users\Administrator\AppData\Local\Opera Software
2021-01-27 17:02 - 2021-01-27 17:02 - 000000000 ____D C:\Users\Administrator\AppData\Local\Opera Software
2021-01-27 17:01 - 2021-01-27 17:01 - 002405080 _____ (Opera Software) C:\Users\Administrator\Downloads\OperaSetup.exe
2021-01-27 17:01 - 2021-01-27 17:01 - 002405080 _____ (Opera Software) C:\Users\Administrator\Downloads\OperaSetup.exe
2021-01-27 17:01 - 2021-01-27 17:01 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Opera Software
2021-01-27 17:01 - 2021-01-27 17:01 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Opera Software
2021-01-27 12:15 - 2021-01-27 15:56 - 000000000 ____D C:\Users\Administrator\.megabasterd7.40
2021-01-27 12:15 - 2021-01-27 15:56 - 000000000 ____D C:\Users\Administrator\.megabasterd7.40
2021-01-27 12:15 - 2021-01-27 12:15 - 000000000 ____D C:\Users\Administrator\.megabasterd_old_backups
2021-01-27 12:15 - 2021-01-27 12:15 - 000000000 ____D C:\Users\Administrator\.megabasterd_old_backups
2021-01-27 12:12 - 2021-01-27 12:13 - 079910363 _____ C:\Users\Administrator\Downloads\MegaBasterdWINDOWS_7.40_portable.zip
2021-01-27 12:12 - 2021-01-27 12:13 - 079910363 _____ C:\Users\Administrator\Downloads\MegaBasterdWINDOWS_7.40_portable.zip
2021-01-27 11:29 - 2021-01-27 11:29 - 000000000 ____D C:\Windows\CSC
2021-01-27 11:25 - 2021-02-09 12:54 - 000000000 ____D C:\Windows\Minidump
2021-01-27 08:47 - 2021-01-27 08:47 - 000112991 _____ C:\Users\Administrator\Downloads\Godfall.torrent
2021-01-27 08:47 - 2021-01-27 08:47 - 000112991 _____ C:\Users\Administrator\Downloads\Godfall.torrent
2021-01-27 08:41 - 2021-01-27 08:41 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Mechanistry
2021-01-27 08:41 - 2021-01-27 08:41 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Mechanistry
2021-01-27 08:31 - 2020-05-26 00:11 - 000218960 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2021-01-27 08:30 - 2021-02-09 14:14 - 000000000 __RSD C:\Users\Administrator\Documents\McAfee-Tresore
2021-01-27 08:30 - 2021-02-09 14:14 - 000000000 __RSD C:\Users\Administrator\Documents\McAfee-Tresore
2021-01-27 08:30 - 2021-01-27 08:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\McAfee File Lock
2021-01-27 08:30 - 2021-01-27 08:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\McAfee File Lock
2021-01-27 08:30 - 2020-05-26 00:12 - 000089096 _____ (McAfee, LLC) C:\Windows\system32\Drivers\McPvDrv.sys
2021-01-27 08:29 - 2021-01-27 08:35 - 738041074 _____ C:\Users\Administrator\Downloads\timberborn.rar
2021-01-27 08:29 - 2021-01-27 08:29 - 000003346 _____ C:\Windows\system32\Tasks\McAfeeLogon
2021-01-27 08:28 - 2021-02-08 21:16 - 000000000 ____D C:\Windows\system32\Tasks\McAfee
2021-01-27 08:28 - 2021-01-27 09:28 - 000003710 _____ C:\Windows\system32\Tasks\McAfee Remediation (Prepare)
2021-01-27 08:27 - 2021-01-27 08:42 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-01-27 08:27 - 2021-01-27 08:31 - 000000000 ____D C:\Program Files\McAfee
2021-01-27 08:27 - 2021-01-27 08:28 - 000000000 ____D C:\Program Files\McAfee.com
2021-01-27 08:27 - 2021-01-27 08:27 - 000000000 ____D C:\Program Files\Common Files\AV
2021-01-27 08:25 - 2021-01-27 08:31 - 000000000 ____D C:\Program Files\Common Files\McAfee
2021-01-27 08:25 - 2021-01-27 08:25 - 071087152 _____ (McAfee, LLC) C:\Users\Administrator\Downloads\McAfee_Installer_serial_zWqVEGfvPnAxblsHhHuOGw2_key_affid_850_akey.exe
2021-01-27 08:25 - 2021-01-27 08:25 - 071087152 _____ (McAfee, LLC) C:\Users\Administrator\Downloads\McAfee_Installer_serial_zWqVEGfvPnAxblsHhHuOGw2_key_affid_850_akey.exe
2021-01-27 08:25 - 2020-09-14 14:01 - 000579040 _____ (McAfee, LLC) C:\Windows\system32\mfevtps.exe
2021-01-27 08:23 - 2021-01-27 08:23 - 000265753 _____ C:\Users\Administrator\Downloads\HITMAN 2.torrent
2021-01-27 08:23 - 2021-01-27 08:23 - 000265753 _____ C:\Users\Administrator\Downloads\HITMAN 2.torrent
2021-01-27 08:21 - 2021-02-09 01:30 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\discord
2021-01-27 08:21 - 2021-02-09 01:30 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\discord
2021-01-27 08:21 - 2021-02-03 08:33 - 000002285 _____ C:\Users\Administrator\Desktop\Discord.lnk
2021-01-27 08:21 - 2021-02-03 08:33 - 000002285 _____ C:\Users\Administrator\Desktop\Discord.lnk
2021-01-27 08:21 - 2021-01-27 08:21 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-01-27 08:21 - 2021-01-27 08:21 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-01-27 08:20 - 2021-01-27 08:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\Discord
2021-01-27 08:20 - 2021-01-27 08:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\Discord
2021-01-27 08:20 - 2021-01-27 08:20 - 068822328 _____ (Discord Inc.) C:\Users\Administrator\Downloads\DiscordSetup.exe
2021-01-27 08:20 - 2021-01-27 08:20 - 068822328 _____ (Discord Inc.) C:\Users\Administrator\Downloads\DiscordSetup.exe
2021-01-27 08:10 - 2021-01-27 08:10 - 000000000 ____D C:\Users\Andere\AppData\Roaming\NVIDIA
2021-01-27 08:10 - 2021-01-27 08:10 - 000000000 ____D C:\Users\Andere\AppData\Roaming\NVIDIA
2021-01-27 07:19 - 2021-01-26 22:19 - 000000000 ____D C:\Users\Andere\AppData\Local\AdSSO
2021-01-27 07:19 - 2021-01-26 22:19 - 000000000 ____D C:\Users\Andere\AppData\Local\AdSSO
2021-01-27 07:09 - 2021-02-09 14:15 - 000000000 ____D C:\Program Files\CCleaner
2021-01-27 07:09 - 2021-02-03 20:45 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-27 07:09 - 2021-01-27 07:09 - 030584912 _____ (Piriform Software Ltd) C:\Users\Administrator\Downloads\ccsetup576.exe
2021-01-27 07:09 - 2021-01-27 07:09 - 030584912 _____ (Piriform Software Ltd) C:\Users\Administrator\Downloads\ccsetup576.exe
2021-01-27 07:09 - 2021-01-27 07:09 - 000002886 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-01-27 07:02 - 2021-01-27 07:02 - 000000000 ____D C:\Users\Administrator\Downloads\C2F98634-0139-4EB2-B26C-821D090559CC
2021-01-27 07:02 - 2021-01-27 07:02 - 000000000 ____D C:\Users\Administrator\Downloads\C2F98634-0139-4EB2-B26C-821D090559CC
2021-01-27 06:57 - 2021-01-27 06:57 - 000000850 _____ C:\Users\Andere\Desktop\Mem Reduct.lnk
2021-01-27 06:57 - 2021-01-27 06:57 - 000000850 _____ C:\Users\Andere\Desktop\Mem Reduct.lnk
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\VMware
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\VMware
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mem Reduct
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mem Reduct
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Locktime
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Locktime
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Henry++
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Henry++
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Local\VMware
2021-01-27 06:57 - 2021-01-27 06:57 - 000000000 ____D C:\Users\Andere\AppData\Local\VMware
2021-01-27 06:55 - 2021-01-27 06:55 - 000000000 ____D C:\Users\Andere\AppData\Roaming\ProcessLasso
2021-01-27 06:55 - 2021-01-27 06:55 - 000000000 ____D C:\Users\Andere\AppData\Roaming\ProcessLasso
2021-01-27 06:48 - 2021-01-27 06:48 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Locktime
2021-01-27 06:48 - 2021-01-27 06:48 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Locktime
2021-01-27 06:48 - 2021-01-27 06:48 - 000000000 ____D C:\Program Files\Locktime Software
2021-01-27 06:47 - 2021-02-03 19:34 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\VMware
2021-01-27 06:47 - 2021-02-03 19:34 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\VMware
2021-01-27 06:47 - 2021-02-03 19:34 - 000000000 ____D C:\Users\Administrator\AppData\Local\VMware
2021-01-27 06:47 - 2021-02-03 19:34 - 000000000 ____D C:\Users\Administrator\AppData\Local\VMware
2021-01-27 06:47 - 2020-11-18 06:53 - 000110696 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2021-01-27 06:47 - 2020-11-18 06:53 - 000060344 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmkbd.sys
2021-01-27 06:47 - 2020-08-11 09:25 - 000048224 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2021-01-27 06:47 - 2020-08-11 09:25 - 000044128 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2021-01-27 06:47 - 2020-08-11 09:24 - 000105912 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2021-01-27 06:46 - 2021-01-27 06:46 - 000001024 _____ C:\Windows\SysWOW64\%TMP%
2021-01-27 06:46 - 2020-11-18 07:01 - 001305304 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2021-01-27 06:46 - 2020-11-18 06:59 - 000422104 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2021-01-27 06:46 - 2020-11-18 06:59 - 000379440 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2021-01-27 06:46 - 2020-11-18 06:59 - 000119736 _____ (VMware, Inc.) C:\Windows\system32\vnetinst.dll
2021-01-27 06:46 - 2020-11-18 06:59 - 000045664 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2021-01-27 06:46 - 2020-10-01 18:46 - 000085448 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2021-01-27 06:45 - 2021-01-27 06:45 - 001667630 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2021-01-27 06:45 - 2021-01-27 06:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Locktime Software
2021-01-27 06:45 - 2021-01-27 06:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Locktime Software
2021-01-27 06:45 - 2021-01-27 06:45 - 000000000 ____D C:\Program Files\Common Files\VMware
2021-01-27 06:45 - 2021-01-27 06:45 - 000000000 ____D C:\Program Files (x86)\VMware
2021-01-27 06:38 - 2021-01-27 06:38 - 000003106 _____ C:\Windows\system32\Tasks\Process Lasso Management Console (GUI)
2021-01-27 06:38 - 2021-01-27 06:38 - 000003096 _____ C:\Windows\system32\Tasks\Process Lasso Core Engine Only
2021-01-27 06:37 - 2021-01-27 06:39 - 000000000 ____D C:\Program Files\Process Lasso
2021-01-27 06:37 - 2021-01-27 06:38 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\ProcessLasso
2021-01-27 06:37 - 2021-01-27 06:38 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\ProcessLasso
2021-01-27 06:37 - 2021-01-27 06:37 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Henry++
2021-01-27 06:37 - 2021-01-27 06:37 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Henry++
2021-01-27 06:36 - 2021-02-03 08:33 - 000000894 _____ C:\Users\Administrator\Desktop\Mem Reduct.lnk
2021-01-27 06:36 - 2021-02-03 08:33 - 000000894 _____ C:\Users\Administrator\Desktop\Mem Reduct.lnk
2021-01-27 06:36 - 2021-01-27 06:36 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mem Reduct
2021-01-27 06:36 - 2021-01-27 06:36 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mem Reduct
2021-01-27 06:36 - 2021-01-27 06:36 - 000000000 ____D C:\Program Files\Mem Reduct
2021-01-27 06:29 - 2021-02-04 08:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2021-01-27 06:29 - 2021-02-04 08:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2021-01-27 06:24 - 2021-02-01 22:57 - 000000000 ____D C:\Users\Administrator\AppData\Local\Autodesk
2021-01-27 06:24 - 2021-02-01 22:57 - 000000000 ____D C:\Users\Administrator\AppData\Local\Autodesk
2021-01-27 06:24 - 2021-01-27 07:02 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Autodesk
2021-01-27 06:24 - 2021-01-27 07:02 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Autodesk
2021-01-27 06:24 - 2021-01-26 23:11 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Autodesk Installer
2021-01-27 06:24 - 2021-01-26 23:11 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Autodesk Installer
2021-01-27 06:22 - 2021-02-02 18:45 - 000000000 ____D C:\Users\Andere\AppData\Local\CrashDumps
2021-01-27 06:22 - 2021-02-02 18:45 - 000000000 ____D C:\Users\Andere\AppData\Local\CrashDumps
2021-01-27 06:18 - 2021-01-27 06:18 - 000000424 _____ C:\Users\Andere\Desktop\Dieser PC.lnk
2021-01-27 06:18 - 2021-01-27 06:18 - 000000424 _____ C:\Users\Andere\Desktop\Dieser PC.lnk
2021-01-27 06:17 - 2021-02-02 01:54 - 000000000 ____D C:\Users\Andere\Documents\maya
2021-01-27 06:17 - 2021-02-02 01:54 - 000000000 ____D C:\Users\Andere\Documents\maya
2021-01-27 06:17 - 2021-01-29 22:46 - 000000000 ____D C:\Program Files\Allegorithmic
2021-01-27 06:17 - 2021-01-27 06:17 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arnold for Maya 2020
2021-01-27 06:17 - 2021-01-27 06:17 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arnold for Maya 2020
2021-01-27 06:17 - 2021-01-27 06:17 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2021-01-27 06:16 - 2021-01-27 06:16 - 000000000 ____D C:\Program Files (x86)\Autodesk
2021-01-27 06:15 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\D3DSCache
2021-01-27 06:15 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\D3DSCache
2021-01-27 06:01 - 2021-01-26 23:13 - 000000000 ____D C:\Program Files\Autodesk
2021-01-27 06:00 - 2021-01-27 06:50 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Autodesk Installer
2021-01-27 06:00 - 2021-01-27 06:50 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Autodesk Installer
2021-01-27 06:00 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Autodesk
2021-01-27 06:00 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Autodesk
2021-01-27 05:59 - 2021-01-31 18:35 - 000000000 ____D C:\Users\Andere\AppData\Local\Autodesk
2021-01-27 05:59 - 2021-01-31 18:35 - 000000000 ____D C:\Users\Andere\AppData\Local\Autodesk
2021-01-27 05:59 - 2021-01-27 05:59 - 008699096 _____ (Autodesk, Inc.) C:\Users\Andere\Downloads\Autodesk_Maya_2020_ML_Windows_64bit_di_en-US_setup_webinstall.exe
2021-01-27 05:59 - 2021-01-27 05:59 - 008699096 _____ (Autodesk, Inc.) C:\Users\Andere\Downloads\Autodesk_Maya_2020_ML_Windows_64bit_di_en-US_setup_webinstall.exe
2021-01-27 05:52 - 2021-01-29 22:27 - 000000000 ____D C:\Users\Andere\AppData\Local\PlaceholderTileLogoFolder
2021-01-27 05:52 - 2021-01-29 22:27 - 000000000 ____D C:\Users\Andere\AppData\Local\PlaceholderTileLogoFolder
2021-01-27 05:50 - 2021-01-27 06:22 - 000000000 ____D C:\Users\Andere\AppData\Local\StartIsBack
2021-01-27 05:50 - 2021-01-27 06:22 - 000000000 ____D C:\Users\Andere\AppData\Local\StartIsBack
2021-01-27 05:50 - 2021-01-27 05:50 - 000000000 ____D C:\Users\Andere\AppData\Local\CEF
2021-01-27 05:50 - 2021-01-27 05:50 - 000000000 ____D C:\Users\Andere\AppData\Local\CEF
2021-01-27 05:50 - 2021-01-27 05:50 - 000000000 ____D C:\Users\Andere\ansel
2021-01-27 05:50 - 2021-01-27 05:50 - 000000000 ____D C:\Users\Andere\ansel
2021-01-27 05:49 - 2021-02-04 20:54 - 000000000 ____D C:\Users\Andere
2021-01-27 05:49 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\NVIDIA
2021-01-27 05:49 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\NVIDIA
2021-01-27 05:49 - 2021-01-27 19:19 - 000000000 ____D C:\Users\Andere\AppData\Local\Packages
2021-01-27 05:49 - 2021-01-27 19:19 - 000000000 ____D C:\Users\Andere\AppData\Local\Packages
2021-01-27 05:49 - 2021-01-27 05:51 - 000000000 ____D C:\Users\Andere\AppData\Local\NVIDIA Corporation
2021-01-27 05:49 - 2021-01-27 05:51 - 000000000 ____D C:\Users\Andere\AppData\Local\NVIDIA Corporation
2021-01-27 05:49 - 2021-01-27 05:49 - 000000020 ___SH C:\Users\Andere\ntuser.ini
2021-01-27 05:49 - 2021-01-27 05:49 - 000000020 ___SH C:\Users\Andere\ntuser.ini
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ___RD C:\Users\Andere\3D Objects
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ___RD C:\Users\Andere\3D Objects
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Adobe
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ____D C:\Users\Andere\AppData\Roaming\Adobe
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ____D C:\Users\Andere\AppData\Local\VirtualStore
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ____D C:\Users\Andere\AppData\Local\VirtualStore
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ____D C:\Users\Andere\AppData\Local\ConnectedDevicesPlatform
2021-01-27 05:49 - 2021-01-27 05:49 - 000000000 ____D C:\Users\Andere\AppData\Local\ConnectedDevicesPlatform
2021-01-27 05:49 - 2019-11-27 00:11 - 000001580 _____ C:\Users\Andere\Desktop\Ghost Toolbox.lnk
2021-01-27 05:49 - 2019-11-27 00:11 - 000001580 _____ C:\Users\Andere\Desktop\Ghost Toolbox.lnk
2021-01-27 05:37 - 2021-01-28 09:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2021-01-27 05:37 - 2021-01-28 09:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2021-01-27 05:37 - 2021-01-27 05:37 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2021-01-27 05:37 - 2021-01-27 05:37 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2021-01-27 05:37 - 2021-01-27 05:37 - 000000000 ____D C:\Users\Administrator\ansel
2021-01-27 05:37 - 2021-01-27 05:37 - 000000000 ____D C:\Users\Administrator\ansel
2021-01-27 05:37 - 2021-01-26 22:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2021-01-27 05:37 - 2021-01-26 22:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2021-01-27 05:35 - 2021-01-27 05:35 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2021-01-27 05:35 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-27 05:35 - 2020-12-31 15:01 - 002797552 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2021-01-27 05:35 - 2020-12-31 15:01 - 002154984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2021-01-27 05:35 - 2020-12-31 15:01 - 001294832 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2021-01-27 05:35 - 2020-12-31 15:01 - 000069608 _____ C:\Windows\system32\FvSDK_x64.dll
2021-01-27 05:35 - 2020-12-31 15:01 - 000058344 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2021-01-27 05:34 - 2021-01-27 05:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-27 05:34 - 2021-01-27 05:34 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2021-01-27 05:34 - 2020-12-31 15:01 - 000169272 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2021-01-27 05:34 - 2020-12-31 15:01 - 000145208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2021-01-27 05:34 - 2020-12-31 15:01 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2021-01-27 05:32 - 2020-12-31 15:01 - 001804784 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2021-01-27 05:32 - 2020-12-31 15:01 - 000135408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2021-01-27 05:32 - 2020-12-31 15:01 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2021-01-27 05:32 - 2020-12-31 15:01 - 000067456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2021-01-27 05:32 - 2020-12-31 15:01 - 000050592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys
2021-01-27 05:32 - 2020-12-31 15:01 - 000038640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2021-01-27 05:31 - 2021-02-08 13:51 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-27 05:31 - 2021-01-04 15:49 - 001855192 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-27 05:31 - 2021-01-04 15:49 - 001855192 _____ C:\Windows\system32\vulkaninfo.exe
2021-01-27 05:31 - 2021-01-04 15:49 - 001435864 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-27 05:31 - 2021-01-04 15:49 - 001435864 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-01-27 05:31 - 2021-01-04 15:49 - 000948952 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-27 05:31 - 2021-01-04 15:49 - 000948952 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-01-27 05:31 - 2021-01-04 15:48 - 001454488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-01-27 05:31 - 2021-01-04 15:48 - 001193880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-01-27 05:31 - 2021-01-04 15:48 - 001094880 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-01-27 05:31 - 2021-01-04 15:48 - 001094880 _____ C:\Windows\system32\vulkan-1.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 001512856 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 001165720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 000690072 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-01-27 05:31 - 2021-01-04 15:46 - 000680856 _____ C:\Windows\system32\nvofapi64.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 000673688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 000610712 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 000559000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-01-27 05:31 - 2021-01-04 15:46 - 000548248 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 008262552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 007393176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 005631896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 004612504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 002731928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 002104216 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 001589144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 000813976 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 000657816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-01-27 05:31 - 2021-01-04 15:45 - 000447384 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-01-27 05:31 - 2021-01-04 15:44 - 000850840 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-01-27 05:31 - 2021-01-04 15:43 - 007115280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-01-27 05:31 - 2021-01-04 15:43 - 006071032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-01-27 05:31 - 2020-12-31 15:01 - 000084159 _____ C:\Windows\system32\nvinfo.pb
2021-01-27 05:30 - 2021-02-03 22:41 - 000744476 _____ C:\Windows\system32\perfh007.dat
2021-01-27 05:30 - 2021-02-03 22:41 - 000151252 _____ C:\Windows\system32\perfc007.dat
2021-01-27 05:30 - 2021-01-27 05:29 - 000306166 _____ C:\Windows\system32\perfi007.dat
2021-01-27 05:30 - 2021-01-27 05:29 - 000040520 _____ C:\Windows\system32\perfd007.dat
2021-01-27 05:29 - 2021-02-03 18:02 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-27 05:29 - 2021-02-03 18:02 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-27 05:29 - 2021-02-03 18:02 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-27 05:29 - 2021-01-27 05:29 - 000000000 ____D C:\Windows\SysWOW64\de
2021-01-27 05:29 - 2021-01-27 05:29 - 000000000 ____D C:\Windows\system32\de
2021-01-27 05:28 - 2021-02-08 12:54 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2021-01-27 05:28 - 2021-02-08 12:54 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2021-01-27 05:27 - 2010-06-02 13:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2021-01-27 05:27 - 2010-06-02 13:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2021-01-27 05:27 - 2010-06-02 13:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2021-01-27 05:27 - 2010-06-02 13:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2021-01-27 05:27 - 2010-06-02 13:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2021-01-27 05:27 - 2010-06-02 13:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2021-01-27 05:27 - 2010-05-26 20:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2021-01-27 05:27 - 2010-05-26 20:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2021-01-27 05:27 - 2010-05-26 20:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2021-01-27 05:27 - 2010-05-26 20:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2021-01-27 05:27 - 2010-05-26 20:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2021-01-27 05:27 - 2010-05-26 20:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2021-01-27 05:27 - 2010-05-26 20:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2021-01-27 05:27 - 2010-05-26 20:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2021-01-27 05:27 - 2010-05-26 20:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2021-01-27 05:27 - 2010-05-26 20:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2021-01-27 05:27 - 2010-02-04 19:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2021-01-27 05:27 - 2010-02-04 19:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2021-01-27 05:27 - 2010-02-04 19:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2021-01-27 05:27 - 2010-02-04 19:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2021-01-27 05:27 - 2010-02-04 19:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2021-01-27 05:27 - 2010-02-04 19:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2021-01-27 05:27 - 2010-02-04 19:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2021-01-27 05:27 - 2010-02-04 19:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2021-01-27 05:27 - 2009-09-05 02:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2021-01-27 05:27 - 2009-09-05 02:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2021-01-27 05:27 - 2009-09-05 02:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2021-01-27 05:27 - 2009-09-05 02:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2021-01-27 05:27 - 2009-09-05 02:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2021-01-27 05:27 - 2009-09-05 02:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2021-01-27 05:27 - 2009-09-05 02:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2021-01-27 05:27 - 2009-09-05 02:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2021-01-27 05:27 - 2009-09-05 02:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2021-01-27 05:27 - 2009-09-05 02:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2021-01-27 05:27 - 2009-09-05 02:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2021-01-27 05:27 - 2009-09-05 02:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2021-01-27 05:27 - 2009-09-05 02:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2021-01-27 05:27 - 2009-09-05 02:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2021-01-27 05:27 - 2009-09-05 02:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2021-01-27 05:27 - 2009-09-05 02:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2021-01-27 05:27 - 2009-03-16 23:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2021-01-27 05:27 - 2009-03-16 23:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2021-01-27 05:27 - 2009-03-16 23:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2021-01-27 05:27 - 2009-03-16 23:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2021-01-27 05:27 - 2009-03-16 23:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2021-01-27 05:27 - 2009-03-16 23:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2021-01-27 05:27 - 2009-03-10 00:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2021-01-27 05:27 - 2009-03-10 00:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2021-01-27 05:27 - 2009-03-10 00:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2021-01-27 05:27 - 2009-03-10 00:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2021-01-27 05:27 - 2009-03-10 00:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2021-01-27 05:27 - 2009-03-10 00:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2021-01-27 05:27 - 2008-10-27 19:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2021-01-27 05:27 - 2008-10-27 19:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2021-01-27 05:27 - 2008-10-27 19:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2021-01-27 05:27 - 2008-10-27 19:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2021-01-27 05:27 - 2008-10-27 19:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2021-01-27 05:27 - 2008-10-27 19:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2021-01-27 05:27 - 2008-10-27 19:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2021-01-27 05:27 - 2008-10-27 19:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2021-01-27 05:27 - 2008-10-10 13:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2021-01-27 05:27 - 2008-10-10 13:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2021-01-27 05:27 - 2008-10-10 13:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2021-01-27 05:27 - 2008-10-10 13:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2021-01-27 05:27 - 2008-10-10 13:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2021-01-27 05:27 - 2008-10-10 13:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2021-01-27 05:27 - 2008-07-31 19:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2021-01-27 05:27 - 2008-07-31 19:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2021-01-27 05:27 - 2008-07-31 19:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2021-01-27 05:27 - 2008-07-31 19:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2021-01-27 05:27 - 2008-07-31 19:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2021-01-27 05:27 - 2008-07-31 19:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2021-01-27 05:27 - 2008-07-10 20:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2021-01-27 05:27 - 2008-07-10 20:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2021-01-27 05:27 - 2008-07-10 20:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2021-01-27 05:27 - 2008-07-10 20:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2021-01-27 05:27 - 2008-07-10 20:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2021-01-27 05:27 - 2008-07-10 20:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2021-01-27 05:27 - 2008-05-30 23:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2021-01-27 05:27 - 2008-05-30 23:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2021-01-27 05:27 - 2008-05-30 23:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2021-01-27 05:27 - 2008-05-30 23:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2021-01-27 05:27 - 2008-05-30 23:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2021-01-27 05:27 - 2008-05-30 23:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2021-01-27 05:27 - 2008-05-30 23:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2021-01-27 05:27 - 2008-05-30 23:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2021-01-27 05:27 - 2008-05-30 23:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2021-01-27 05:27 - 2008-05-30 23:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2021-01-27 05:27 - 2008-05-30 23:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2021-01-27 05:27 - 2008-05-30 23:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2021-01-27 05:27 - 2008-05-30 23:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2021-01-27 05:27 - 2008-05-30 23:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2021-01-27 05:27 - 2008-03-06 01:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2021-01-27 05:27 - 2008-03-06 01:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2021-01-27 05:27 - 2008-03-06 01:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2021-01-27 05:27 - 2008-03-06 01:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2021-01-27 05:27 - 2008-03-06 01:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2021-01-27 05:27 - 2008-03-06 01:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2021-01-27 05:27 - 2008-03-06 00:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2021-01-27 05:27 - 2008-03-06 00:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2021-01-27 05:27 - 2008-03-06 00:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2021-01-27 05:27 - 2008-03-06 00:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2021-01-27 05:27 - 2008-02-06 08:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2021-01-27 05:27 - 2008-02-06 08:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2021-01-27 05:27 - 2007-10-22 12:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2021-01-27 05:27 - 2007-10-22 12:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2021-01-27 05:27 - 2007-10-22 12:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2021-01-27 05:27 - 2007-10-22 12:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2021-01-27 05:27 - 2007-10-13 00:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2021-01-27 05:27 - 2007-10-13 00:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2021-01-27 05:27 - 2007-10-13 00:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2021-01-27 05:27 - 2007-10-13 00:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2021-01-27 05:27 - 2007-10-02 18:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2021-01-27 05:27 - 2007-10-02 18:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2021-01-27 05:27 - 2007-07-20 09:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2021-01-27 05:27 - 2007-07-20 09:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2021-01-27 05:27 - 2007-07-20 03:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2021-01-27 05:27 - 2007-07-20 03:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2021-01-27 05:27 - 2007-07-20 03:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2021-01-27 05:27 - 2007-07-20 03:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2021-01-27 05:27 - 2007-07-20 03:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2021-01-27 05:27 - 2007-07-20 03:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2021-01-27 05:27 - 2007-06-21 05:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2021-01-27 05:27 - 2007-06-21 05:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2021-01-27 05:27 - 2007-05-17 01:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2021-01-27 05:27 - 2007-05-17 01:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2021-01-27 05:27 - 2007-05-17 01:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2021-01-27 05:27 - 2007-05-17 01:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2021-01-27 05:27 - 2007-05-17 01:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2021-01-27 05:27 - 2007-05-17 01:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2021-01-27 05:27 - 2007-04-05 03:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2021-01-27 05:27 - 2007-04-05 03:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2021-01-27 05:27 - 2007-04-05 03:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2021-01-27 05:27 - 2007-04-05 03:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2021-01-27 05:27 - 2007-03-16 01:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2021-01-27 05:27 - 2007-03-16 01:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2021-01-27 05:27 - 2007-03-13 01:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2021-01-27 05:27 - 2007-03-13 01:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2021-01-27 05:27 - 2007-03-13 01:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2021-01-27 05:27 - 2007-03-13 01:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2021-01-27 05:27 - 2007-03-05 21:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2021-01-27 05:27 - 2007-03-05 21:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2021-01-27 05:27 - 2007-01-25 00:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2021-01-27 05:27 - 2007-01-25 00:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2021-01-27 05:27 - 2006-12-08 21:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2021-01-27 05:27 - 2006-12-08 21:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2021-01-27 05:27 - 2006-11-29 22:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2021-01-27 05:27 - 2006-11-29 22:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2021-01-27 05:27 - 2006-11-29 22:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2021-01-27 05:27 - 2006-11-29 22:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2021-01-27 05:27 - 2006-09-29 01:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2021-01-27 05:27 - 2006-09-29 01:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2021-01-27 05:27 - 2006-09-29 01:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2021-01-27 05:27 - 2006-09-29 01:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2021-01-27 05:27 - 2006-07-28 18:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2021-01-27 05:27 - 2006-07-28 18:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2021-01-27 05:27 - 2006-07-28 18:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2021-01-27 05:27 - 2006-07-28 18:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2021-01-27 05:27 - 2006-05-31 16:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2021-01-27 05:27 - 2006-05-31 16:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2021-01-27 05:27 - 2006-03-31 21:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2021-01-27 05:27 - 2006-03-31 21:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2021-01-27 05:27 - 2006-03-31 21:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2021-01-27 05:27 - 2006-03-31 21:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2021-01-27 05:27 - 2006-03-31 21:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2021-01-27 05:27 - 2006-03-31 21:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2021-01-27 05:27 - 2006-02-03 17:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2021-01-27 05:27 - 2006-02-03 17:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2021-01-27 05:27 - 2006-02-03 17:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2021-01-27 05:27 - 2006-02-03 17:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2021-01-27 05:27 - 2006-02-03 17:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2021-01-27 05:27 - 2006-02-03 17:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2021-01-27 05:27 - 2005-12-06 03:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2021-01-27 05:27 - 2005-12-06 03:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2021-01-27 05:27 - 2005-07-23 04:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2021-01-27 05:27 - 2005-07-23 04:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2021-01-27 05:27 - 2005-05-27 00:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2021-01-27 05:27 - 2005-05-27 00:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2021-01-27 05:27 - 2005-03-19 02:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2021-01-27 05:27 - 2005-03-19 02:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2021-01-27 05:26 - 2021-01-27 05:27 - 000000000 ____D C:\Windows\SysWOW64\directx
2021-01-27 05:26 - 2005-02-06 04:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2021-01-27 05:26 - 2005-02-06 04:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2021-01-27 05:17 - 2021-02-03 08:33 - 000002414 _____ C:\Users\Administrator\Desktop\Microsoft Teams.lnk
2021-01-27 05:17 - 2021-02-03 08:33 - 000002414 _____ C:\Users\Administrator\Desktop\Microsoft Teams.lnk
2021-01-27 05:17 - 2021-01-27 05:17 - 000002422 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-27 05:17 - 2021-01-27 05:17 - 000002422 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-27 05:17 - 2021-01-27 05:17 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Teams
2021-01-27 05:17 - 2021-01-27 05:17 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Teams
2021-01-27 05:16 - 2021-01-27 08:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\SquirrelTemp
2021-01-27 05:16 - 2021-01-27 08:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\SquirrelTemp
2021-01-27 05:15 - 2021-01-27 05:17 - 661510840 _____ (NVIDIA Corporation) C:\Users\Administrator\Downloads\461.09-desktop-win10-64bit-international-dch-whql.exe
2021-01-27 05:15 - 2021-01-27 05:17 - 661510840 _____ (NVIDIA Corporation) C:\Users\Administrator\Downloads\461.09-desktop-win10-64bit-international-dch-whql.exe
2021-01-27 05:15 - 2021-01-27 05:16 - 114460440 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Teams_windows_x64.exe
2021-01-27 05:15 - 2021-01-27 05:16 - 114460440 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Teams_windows_x64.exe
2021-01-27 05:15 - 2019-12-07 01:36 - 011602432 _____ (Microsoft Corporation) C:\Windows\system32\prm0007.dll
2021-01-27 05:15 - 2019-12-07 01:35 - 012039168 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2021-01-27 05:15 - 2019-12-07 01:28 - 002091008 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0007.dll
2021-01-27 05:15 - 2019-12-07 01:20 - 002010624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0007.dll
2021-01-27 05:13 - 2021-01-27 05:13 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2021-01-27 05:13 - 2007-01-20 03:24 - 000025312 ____R (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
2021-01-27 05:12 - 2021-01-27 05:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-27 05:12 - 2021-01-27 05:12 - 000000000 ____D C:\Program Files (x86)\NETGEAR
2021-01-27 05:12 - 2015-02-11 07:04 - 001255672 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
2021-01-27 05:12 - 2015-02-11 07:04 - 000096600 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2021-01-27 05:12 - 2015-02-11 05:46 - 003900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2021-01-27 05:12 - 2015-02-11 05:46 - 003566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2021-01-27 05:12 - 2010-02-03 20:21 - 000281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
2021-01-27 05:12 - 2010-02-03 20:21 - 000096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll
2021-01-27 05:12 - 2010-02-03 20:21 - 000053299 _____ C:\Windows\SysWOW64\pthreadVC.dll
2021-01-27 05:12 - 2010-02-03 20:21 - 000047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2021-01-27 05:12 - 2009-07-15 13:21 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2021-01-27 05:10 - 2021-01-27 05:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2021-01-27 05:10 - 2021-01-27 05:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2021-01-27 05:00 - 2021-01-27 05:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\StartIsBack
2021-01-27 05:00 - 2021-01-27 05:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\StartIsBack
2021-01-27 05:00 - 2021-01-27 05:00 - 000003444 _____ C:\Windows\system32\Tasks\StartIsBack health check
2021-01-27 05:00 - 2021-01-27 05:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\PeerDistRepub
2021-01-27 05:00 - 2021-01-27 05:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\PeerDistRepub
2021-01-27 05:00 - 2021-01-27 05:00 - 000000000 ____D C:\Program Files (x86)\StartIsBack
2021-01-27 04:59 - 2021-02-09 12:06 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2021-01-27 04:59 - 2021-02-09 12:06 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2021-01-27 04:59 - 2021-01-27 04:59 - 000000000 ___RD C:\Users\Administrator\3D Objects
2021-01-27 04:59 - 2021-01-27 04:59 - 000000000 ___RD C:\Users\Administrator\3D Objects
2021-01-27 04:59 - 2021-01-27 04:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2021-01-27 04:59 - 2021-01-27 04:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2021-01-27 04:59 - 2021-01-27 04:59 - 000000000 ____D C:\Program Files\CPUID
2021-01-27 04:58 - 2021-02-09 14:09 - 000000000 ____D C:\Users\Administrator
2021-01-27 04:58 - 2021-01-27 06:07 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2021-01-27 04:58 - 2021-01-27 06:07 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2021-01-27 04:58 - 2021-01-27 04:58 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2021-01-27 04:58 - 2021-01-27 04:58 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2021-01-27 04:58 - 2019-11-27 00:11 - 000001580 _____ C:\Users\Administrator\Desktop\Ghost Toolbox.lnk
2021-01-27 04:58 - 2019-11-27 00:11 - 000001580 _____ C:\Users\Administrator\Desktop\Ghost Toolbox.lnk
2021-01-27 04:31 - 2021-01-27 04:31 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-01-26 22:27 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\Downloads\D93E01D9-AF6E-32E9-ACA2-61D9E92563C1
2021-01-26 22:27 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\Downloads\D93E01D9-AF6E-32E9-ACA2-61D9E92563C1
2021-01-26 22:27 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\Downloads\C2F98634-0139-4EB2-B26C-821D090559CC
2021-01-26 22:27 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\Downloads\C2F98634-0139-4EB2-B26C-821D090559CC
2021-01-26 22:27 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\Downloads\8CB8DFA4-EB0A-427B-9CFC-3FF046DA9115
2021-01-26 22:27 - 2021-01-26 22:27 - 000000000 ____D C:\Users\Andere\Downloads\8CB8DFA4-EB0A-427B-9CFC-3FF046DA9115
2021-01-26 22:26 - 2021-01-26 22:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\cache
2021-01-26 22:26 - 2021-01-26 22:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\cache
2021-01-26 22:26 - 2021-01-26 22:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\AutodeskDesktopApp
2021-01-26 22:26 - 2021-01-26 22:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\AutodeskDesktopApp
2021-01-26 22:24 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\cache
2021-01-26 22:24 - 2021-01-29 22:50 - 000000000 ____D C:\Users\Andere\AppData\Local\cache
2021-01-26 22:24 - 2021-01-26 22:24 - 000000000 ____D C:\Users\Andere\AppData\Local\AutodeskDesktopApp
2021-01-26 22:24 - 2021-01-26 22:24 - 000000000 ____D C:\Users\Andere\AppData\Local\AutodeskDesktopApp
2021-01-26 22:23 - 2021-01-26 22:23 - 000001906 _____ C:\Users\Andere\Desktop\AutodeskDesktopApp.exe.lnk
2021-01-26 22:23 - 2021-01-26 22:23 - 000001906 _____ C:\Users\Andere\Desktop\AutodeskDesktopApp.exe.lnk
2021-01-24 23:47 - 2021-01-24 23:50 - 164933584 _____ C:\Users\Andere\Desktop\sena1.mp4
2021-01-24 23:47 - 2021-01-24 23:50 - 164933584 _____ C:\Users\Andere\Desktop\sena1.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-09 15:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-02-09 14:11 - 2020-12-22 05:07 - 000294872 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-09 14:11 - 2020-12-22 05:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-09 14:11 - 2020-12-12 19:54 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-09 14:09 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-02-09 14:03 - 2020-12-22 05:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-02-09 12:46 - 2020-12-21 12:44 - 000000000 ____D C:\Program Files\7-Zip
2021-02-09 12:15 - 2019-12-21 22:02 - 000000000 __SHD C:\AI_RecycleBin
2021-02-09 12:06 - 2020-12-21 12:46 - 000000000 ____D C:\Program Files\WindowsApps
2021-02-09 12:05 - 2020-12-21 12:44 - 000000000 ____D C:\Ghost Toolbox
2021-02-08 22:40 - 2020-11-06 22:32 - 000000000 ____D C:\Users\Administrator\Desktop\NosVoid
2021-02-08 22:40 - 2020-11-06 22:32 - 000000000 ____D C:\Users\Administrator\Desktop\NosVoid
2021-02-08 16:53 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-02-08 14:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-02-08 13:54 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-02-08 13:53 - 2020-12-22 05:06 - 000000000 ____D C:\Windows\Panther
2021-02-08 12:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-02-08 00:05 - 2020-12-05 17:34 - 000000000 ___RD C:\Sandbox
2021-02-04 13:04 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-02-04 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-02-03 22:41 - 2020-12-22 05:17 - 001731910 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-03 18:01 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-02-03 14:24 - 2020-12-31 19:24 - 000000000 ____D C:\Users\Administrator\Desktop\NosByte
2021-02-03 14:24 - 2020-12-31 19:24 - 000000000 ____D C:\Users\Administrator\Desktop\NosByte
2021-02-01 18:03 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\MUI
2021-02-01 18:03 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\MUI
2021-02-01 17:31 - 2020-12-04 19:26 - 000000000 ____D C:\GOG Games
2021-01-29 14:33 - 2019-07-05 09:17 - 002232320 _____ (fabi.me) C:\Users\Administrator\Desktop\SpeedAutoClicker.exe
2021-01-29 14:33 - 2019-07-05 09:17 - 002232320 _____ (fabi.me) C:\Users\Administrator\Desktop\SpeedAutoClicker.exe
2021-01-27 06:11 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-01-27 05:29 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-27 05:29 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\SysWOW64\winrm
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\SysWOW64\WCN
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\winrm
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\WCN
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\slmgr
2021-01-27 05:29 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\dsc
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2021-01-27 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-01-27 05:29 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-01-27 05:17 - 2019-12-07 10:52 - 000000000 ____D C:\Windows\OCR
2021-01-27 05:00 - 2019-12-07 10:18 - 000000000 ____D C:\Windows\Setup
2021-01-27 04:28 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2021-01-24 22:08 - 2019-12-07 10:54 - 000005678 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2021-01-18 01:14 - 2020-12-14 11:29 - 000000000 ____D C:\Users\Andere\Desktop\maya
2021-01-18 01:14 - 2020-12-14 11:29 - 000000000 ____D C:\Users\Andere\Desktop\maya
2021-01-14 20:25 - 2020-07-17 12:43 - 000000000 ___HD C:\$WinREAgent

==================== Files in the root of some directories ========

2021-02-08 12:28 - 2021-02-08 12:53 - 000000691 _____ () C:\Users\Administrator\AppData\Roaming\GetValue.vbs
2021-02-08 12:28 - 2021-02-08 12:53 - 000000035 _____ () C:\Users\Administrator\AppData\Roaming\SetValue.bat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
         

Alt 09.02.2021, 17:22   #10
Baal01
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2021 01
Ran by Baal (09-02-2021 15:09:22)
Running from C:\Users\Administrator\Downloads
Windows 10 Pro Version 20H2 19042.685 (X64) (2021-01-27 03:58:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Andere (S-1-5-21-1186616812-1126677590-2245216935-1000 - Administrator - Enabled) => C:\Users\Andere
Baal (S-1-5-21-1186616812-1126677590-2245216935-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1186616812-1126677590-2245216935-503 - Limited - Disabled)
Guest (S-1-5-21-1186616812-1126677590-2245216935-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1186616812-1126677590-2245216935-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Allegorithmic Substance Painter 7.1.0 (HKLM\...\{33C3E9E2-0675-4196-9019-28AB9C5E9BB0}_is1) (Version: 7.1.0 - Allegorithmic)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 8.0.0.46 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{BF7A2FE6-C943-4C1E-A2CA-729AD1474E9B}) (Version: 3.1.15 - Autodesk)
Autodesk Maya 2020 (HKLM\...\{0EBFFCF6-F972-4D40-863F-E673B5C38236}) (Version: 20.4.0.1627 - Autodesk) Hidden
Autodesk Maya 2020 (HKLM\...\{C2F98634-0139-4EB2-B26C-821D090559CC}) (Version: 2020.4.0.1627 - Autodesk, Inc.)
Autodesk Single Sign On Component (HKLM\...\{7F0FE09D-E25D-4C59-A1AA-DB17153FC353}) (Version: 11.3.0.1803 - Autodesk)
Bifrost Extension 2.0.3.0 for Maya 2020 (HKLM\...\{0BAD8879-2A6C-43DC-B8BC-9FE8AD80C75B}) (Version: 2.0.3.0 - Autodesk)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.260.0.1032 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Discord) (Version: 0.0.309 - Discord Inc.)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.6.1.0 - miHoYo Co.,Ltd)
Ghostrunner (HKLM-x32\...\1957528513_is1) (Version: 32091_417 - GOG.com)
Ghostrunner pre-order KATANA DLC (HKLM-x32\...\2009792833_is1) (Version: 32091_417 - GOG.com)
Ghostrunner Winter Pack (HKLM-x32\...\1596358146_is1) (Version: 32091_417 - GOG.com)
IObit Uninstaller 10.2.0.15 (HKLM-x32\...\IObit Uninstaller_is1) (Version: 10.2.0.15 - lrepacks.ru)
Malware Hunter 1.116.0.708 (HKLM-x32\...\Malware Hunter) (Version: 1.116.0.708 - Glarysoft Ltd)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R29 - McAfee, LLC)
Mem Reduct (HKLM\...\memreduct) (Version: 3.3.5 - Henry++)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13628.20274 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29805 (HKLM\...\{29A1747B-007E-4BB0-A4BE-D6B855C2C56D}) (Version: 14.28.29805 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29805 (HKLM\...\{50FF98A9-6C60-4DF2-AE02-C48AED35B59B}) (Version: 14.28.29805 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29805 (HKLM-x32\...\{09A8B65F-2B67-4C5C-8FD8-D3EB60F4121D}) (Version: 14.28.29805 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29805 (HKLM-x32\...\{00DC6825-CBC7-4179-AA10-829FA349A6B9}) (Version: 14.28.29805 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{47C2CCDB-7A04-3797-992B-A84D3E90258F}) (Version: 10.0.60833 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.2 (x64) (HKLM-x32\...\{e25469ba-a07f-4864-afff-d34d3e78a406}) (Version: 5.0.2.29613 - Microsoft Corporation)
MtoA for Maya 2020 (HKU\S-1-5-21-1186616812-1126677590-2245216935-1000\...\MtoA2020) (Version: 4.0.0 - Solid Angle)
NETGEAR WNA3100 wireless USB 2.0 driver (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
NetLimiter 4 (HKLM\...\{D8EB2152-FF07-4BA1-8361-0A64CBCFA58F}) (Version: 4.0.50.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.50.0) (Version: 4.0.50.0 - Locktime Software)
Notepad++ (HKLM\...\Notepad++) (Version: 7 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 210127 - Kakao Corp.)
Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 9.8.2.2 - Bitsum)
Spotify (HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\Spotify) (Version: 1.0.96.181.gf6bc1b6b - Spotify AB)
StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 2.9.8 - startisback.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Substance in Maya 2020-2.0.3 (HKLM\...\{47209805-a05c-4af2-b34b-459745022023}_is1) (Version: 2.0.3 - Adobe)
Sweet Paranoia (HKLM\...\Sweet Paranoia) (Version:  - niivu)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 4.0.0.0 - Manuel Hoefs (Zottel))
WebAdvisor von McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.194 - McAfee, LLC)

Packages:
=========
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-27] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1186616812-1126677590-2245216935-500_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2016-09-21] (Notepad++ -> )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers1: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2020-11-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers2: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2020-11-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2020-11-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2020-11-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_8024d97d167d7438\nvshext.dll [2021-01-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2020-11-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-01-27 05:12 - 2015-02-27 05:19 - 000380928 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2021-01-27 05:12 - 2011-06-22 01:04 - 000229376 _____ (Broadcom Corporation) [File not signed] C:\Program Files (x86)\NETGEAR\WNA3100\wps_api.dll
2020-12-04 07:56 - 2021-02-09 12:49 - 000709040 _____ (Glarysoft LTD -> Glarysoft Ltd) [File not signed] C:\Program Files (x86)\Glarysoft\Malware Hunter\Register.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-02-05] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-02-05] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-01] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\sharepoint.com -> hxxps://by0813-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-02-09 15:00 - 000000741 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\VMware\VMware Workstation\bin\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Process Lasso\;C:\Program Files\dotnet\
HKU\S-1-5-21-1186616812-1126677590-2245216935-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Local\Microsoft\Windows\Themes\GHOST NOI\DesktopBackground\img0_2560x160330 2021 03.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi 2: VMware Bridge Protocol -> vmware_bridge (enabled) 
Wi-Fi 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet1: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet8: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 
Wi-Fi: VMware Bridge Protocol -> vmware_bridge (enabled) 
Wi-Fi: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1186616812-1126677590-2245216935-500\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [Microsoft-Windows-Unified-Telemetry-Client] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3056C7F9-756D-480E-A1D8-BCE0AD205217}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A81DA307-C5C1-4FDD-BA40-5487DB3F067F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AB1D3287-0FAA-4E34-8F65-4C3902C42E16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EEE25865-1319-48F6-BAE3-DB97AB986A61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9E6F220A-D7A5-4630-B2F7-236D585086F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95C3A1F1-ED62-48F2-A614-0E0203486BEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA17C29B-AC3F-4CA2-A40D-AC7C7A441D87}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{60CBD4CF-A2ED-44E0-803E-F7801F018DBB}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{19386911-D3F7-4891-87EF-8B2A51351C06}] => (Allow) C:\Users\Administrator\AppData\Local\Programs\Opera\73.0.3856.344\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{39D42345-858E-48B6-BACE-038A29BD3677}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{F3CF5447-04D2-4C1E-8963-F7D5912CE3C7}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{009E662E-AA97-4654-93C1-7DEE03F8E756}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EF886F54-25BA-4AA7-BA5D-E3454C55E9E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3A8B880E-D202-4E92-BE57-509E3950D26E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================

System errors:
=============
Error: (02/09/2021 02:15:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Delivery Optimization" wurde nicht richtig gestartet.

Error: (02/09/2021 02:13:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "GUMHFilters" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (02/09/2021 02:09:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Restart the service.

Error: (02/09/2021 02:09:20 PM) (Source: DCOM) (EventID: 10010) (User: WIN-GPE7CHGD8F4)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/09/2021 02:09:20 PM) (Source: DCOM) (EventID: 10010) (User: WIN-GPE7CHGD8F4)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/09/2021 02:09:20 PM) (Source: DCOM) (EventID: 10010) (User: WIN-GPE7CHGD8F4)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/09/2021 02:09:20 PM) (Source: DCOM) (EventID: 10010) (User: WIN-GPE7CHGD8F4)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/09/2021 02:09:20 PM) (Source: DCOM) (EventID: 10010) (User: WIN-GPE7CHGD8F4)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================

Date: 2021-02-09 14:17:37.5590000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-09 14:17:37.5370000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-09 14:16:41.9880000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-09 14:16:41.9710000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-09 14:16:41.9500000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-09 14:16:41.9330000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-09 14:16:41.9180000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-09 14:16:41.9040000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. H81EM2W08.308 08/25/2014
Motherboard: MEDION H81H3-EM2
Processor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Percentage of memory in use: 38%
Total physical RAM: 8144.43 MB
Available physical RAM: 5024.66 MB
Total Virtual: 16336.43 MB
Available Virtual: 8659.22 MB

==================== Drives ================================

Drive c: (Windows 10 Compact) (Fixed) (Total:868.44 GB) (Free:467.25 GB) NTFS
Drive d: (Games) (Fixed) (Total:59.99 GB) (Free:59.81 GB) NTFS

\\?\Volume{7e0d0ba7-4d45-4f09-bba8-c2a183a9c282}\ () (Fixed) (Total:0.49 GB) (Free:0.18 GB) NTFS
\\?\Volume{052015cb-7a85-4771-87fd-7a4ddba78144}\ () (Fixed) (Total:0.54 GB) (Free:0.06 GB) NTFS
\\?\Volume{5fdf47c6-21ec-44d2-99f2-4bee43d151da}\ () (Fixed) (Total:0.82 GB) (Free:0.42 GB) NTFS
\\?\Volume{47ea8986-068d-4982-a02e-081c6663b764}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
         
hoffe passt so

Hab mich bissl umgeschaut und scheint nicht wirklich was gefährliches zu sein da es viele Meldungen von anderen Leuten gab denke kann also geschlossen werden. Mich wundert nur dass es ebend passiert ist nachdem mich paar Sachen installiert habe und daraufhin ebend zugespammt wurde damit. Also kann geschlossen werden wie auch immer das funktioniert trotzdem danke für die Antwort.

Alt 09.02.2021, 21:15   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Offensichtlich hast du meine Frage übersehen. Unten nochmal.

Auch wenn ne Personal Firewall und sowas wie McAfee Schrottsoware ist, kann das nicht normal sein, dass Verbindungsanfragen direkt aus dem Internet deinen Rechner erreichen!

Entweder liegt er ein dicker Konfigfehler vor, oder McAfee ist schrottiger als befürchtet.


Zitat:
Zitat von cosinus Beitrag anzeigen
Bitte nochmal deine Internetverbindung beschreiben. Weil das was da gemeldet wird kann nicht sein. Die Pakete sollten deinen Rechner überhaupt nicht erreichen und somit könnte auch keine Firewall die auf deinem Rechner läuft sowas melden!

Alt 10.02.2021, 10:13   #12
Baal01
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Hab die Frage nicht übersehen aber dachte dass ich nochmal FRST benutzen soll diesmal aber nur Internet anhaken was genau meinst du mit Internetverbindung beschreiben.

Alt 10.02.2021, 10:16   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Lies doch bitte meine Postings richtig.
Ich schrieb da was von sperrangelweit offenem Router, denn eigentlich können solche Pakete, die McAfee da meldet deinen Rechner garnicht erreichen.
Mal kurz beschreiben was du für ne Internetverbindung und welchen Router du hast und wer da schon was geändert hat. Das sollte doch möglich sein.

Alt 10.02.2021, 10:23   #14
Baal01
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



SSID: FRITZ!Box 7362 SL
Protokoll: Wi-Fi 4 (802.11n)
Sicherheitstyp: WPA2-Personal
Netzfrequenzbereich: 2,4 GHz
Netzwerkkanal: 11
IPv4-Adresse: 192.168.178.48
IPv4-DNS-Server: 192.168.178.1
Beschreibung: FRITZ!WLAN USB Stick AC 860

Soll ich mal den Router auf Werkseinstellungen zurücksetzen? Es wurde eigentlich nichts an den Einstellungen verändert gab vor langer Zeit mal Portfreigaben für bestimmte Games aber die hab ich schon seit langem wieder entfernt ist ein recht alter Router da wir Probleme mit den neuen hatten. Danke für die schnelle Antwort.

Alt 10.02.2021, 10:30   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Standard

Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee



Werkseinstellungen kannste mal machen. Und auf Firmwareupdates prüfen.

Und auch mal unbedingt dieses Geraffel deinstallieren:

CCleaner
IObit Uninstaller
Malware Hunter
McAfee LiveSafe

Antwort

Themen zu Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee
ahnung, anhang, aufbau, browser, einfach, frage, geblockt, gesperrt, ipadresse, kein plan, malware, mcafee, nervig, nichts, ports, programm, seite, seitenaufbau, startet, ungewollt, ungewollter, verschiedene, verursacht, webseite, webseiten, wirklich



Ähnliche Themen: Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee


  1. Seiten werden geblockt durch wa.ui-portal.de
    Log-Analyse und Auswertung - 18.08.2017 (19)
  2. Windows 7: Alle Files geblockt durch Cryptowall
    Log-Analyse und Auswertung - 30.05.2015 (1)
  3. Anwendung durch Gruppenrichtlinie geblockt --->Kaspersky startet nicht
    Plagegeister aller Art und deren Bekämpfung - 24.09.2014 (3)
  4. Avira durch Gruppenrichtlinie geblockt - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 21.06.2014 (17)
  5. Avast wurde durch eine Gruppenrichtlinie geblockt
    Plagegeister aller Art und deren Bekämpfung - 01.06.2014 (9)
  6. Windows 7: McAfee durch Gruppenrichtlinie gesperrt.
    Log-Analyse und Auswertung - 20.05.2014 (13)
  7. G-Data Antivir wird durch lokale Gruppenrichtlinien geblockt
    Log-Analyse und Auswertung - 25.04.2014 (11)
  8. GfilterSvc.exe wird durch Malwarebytes geblockt
    Log-Analyse und Auswertung - 19.07.2013 (19)
  9. Hosts Datei Veränderung durch Antivir geblockt
    Plagegeister aller Art und deren Bekämpfung - 26.06.2013 (8)
  10. Avira durch Gruppenrichtlinien geblockt und Trojan.fakems
    Log-Analyse und Auswertung - 18.06.2013 (27)
  11. outgoing Verbindung geblockt durch Mbam
    Log-Analyse und Auswertung - 17.06.2012 (1)
  12. `Durch das Besuchen von Seiten mit infizierten Inhalten...wird ihr Windows geblockt.`
    Plagegeister aller Art und deren Bekämpfung - 19.04.2012 (8)
  13. MCAfee infiziert - Deinstallation wird geblockt
    Plagegeister aller Art und deren Bekämpfung - 15.04.2011 (4)
  14. USA segnen McAfee-Übernahme durch Intel ab
    Nachrichten - 23.12.2010 (0)
  15. verschiedene Trojaner und Würmer auf meinem PC durch icq-virus
    Plagegeister aller Art und deren Bekämpfung - 03.06.2010 (1)
  16. pc wird immer geblockt durch windows sicherheits center
    Plagegeister aller Art und deren Bekämpfung - 22.12.2009 (2)
  17. Ungewollter Seitenaufbau durch IE trotz FF Nutzung
    Plagegeister aller Art und deren Bekämpfung - 11.06.2007 (3)

Zum Thema Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee - Hallo seit paar Tagen bzw. dem 04.02.2021 werden ständig ungewollt Webseiten aufgerufen mit untersch. IPs sobald man einen Browser startet diese werden von McAfee gesperrt glücklicherweise. Frage mich nun ob - Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee...
Archiv
Du betrachtest: Ungewollter Seitenaufbau auf verschiedene IPs geblockt durch McAfee auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.