Zurück   Trojaner-Board > Malware entfernen > Überwachung, Datenschutz und Spam

Überwachung, Datenschutz und Spam: Gefährlich genaue Phishing Emails

Windows 7 Fragen zu Verschlüsselung, Spam, Datenschutz & co. sind hier erwünscht. Hier geht es um Abwehr von Keyloggern oder aderen Spionagesoftware wie Spyware und Adware. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 15.02.2021, 20:28   #1
Elry
 
Gefährlich genaue Phishing Emails - Standard

Gefährlich genaue Phishing Emails



Seit geraumer Zeit bekomme ich auf meine Email Phishing Emails mit gefährlich genauen Details

Z.b.
Fake Amazon Emails mit meinen namen und Bestellnummer und ner aufforderung zu klicken.
Fake DHL Emails mit der Trackingnummer und ner aufforderung zu klicken.
(Absender sind nicht legitim sondern sowas wie tomtomrottamazionerider.it oder amazozne.com)

Ich habe noch nichts großartiges unternommen aber Windows 10 Antivirus meldet nichts.

Ich habe angst das einer auf meinen Pc eine RAT oder Backdoor installiert hat und ggf meine passwörter abgreift oder sowas, da es doch privatere informationen sind.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
Ran by pulze (administrator) on DESKTOP-TV3TQBJ (Micro-Star International Co., Ltd. MS-7A36) (15-02-2021 20:25:05)
Running from C:\Users\pulze\Downloads
Loaded Profiles: pulze
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Codota dot com ltd -> ) C:\Users\pulze\.tabnine\3.3.58\x86_64-pc-windows-gnu\WD-TabNine.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Discord Inc. -> Discord Inc.) C:\Users\pulze\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(JetBrains s.r.o. -> JetBrains s.r.o) C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.Etw.Collector.Host.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(Unity Technologies SF -> Unity Technologies Inc.) C:\Program Files\Unity Hub\Unity Hub.exe <3>
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2020-09-26] (Open-Shell) [File not signed]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [944088 2018-04-16] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-12-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-1763028911-1943601498-1160324226-1001\...\Run: [Discord] => C:\Users\pulze\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1763028911-1943601498-1160324226-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-08] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1DC78202-18AE-4306-9641-F6B2DFA16591} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2169C2F7-0742-4006-AE57-0FCC47C38680} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {349E6193-EF01-469A-91D3-24C264D2DB63} - System32\Tasks\update-S-1-5-21-1763028911-1943601498-1160324226-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {47F868C7-89E0-44DD-A478-A98EABDDB9E4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {70A73E5A-E222-4DC2-84E5-7187BED38CA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {813948FE-9900-4C61-AF77-ECAA49D110A8} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {A433BB7A-E654-4ADB-A0F7-BE488411B66E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B7949516-D845-480F-8E17-2F0C9AB186C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-21] (Google LLC -> Google LLC)
Task: {EDEE475D-BA53-4368-A069-DB3F5E2242B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-21] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-1763028911-1943601498-1160324226-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8e1ee6ad-af7f-4a14-b374-c2b47dbd974b}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{fb23fe38-e747-49b1-9e92-c4e7c3a775c0}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge Profile: C:\Users\pulze\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-15]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]

Chrome: 
=======
CHR Profile: C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default [2021-02-15]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/media/ytm/images/applauncher/music_icon_48x48.png
CHR Extension: (Präsentationen) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-21]
CHR Extension: (Docs) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-21]
CHR Extension: (Google Drive) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-21]
CHR Extension: (YouTube) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-21]
CHR Extension: (Honey) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-01-08]
CHR Extension: (YouTube Music) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2020-12-21]
CHR Extension: (uBlock Origin) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-02-08]
CHR Extension: (Tabellen) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-21]
CHR Extension: (Google Docs Offline) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-21]
CHR Extension: (Webador) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdofelfggakflkagbhkcamndohlekjln [2020-12-21]
CHR Extension: (Dashboard - Picarto) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgbmnnpppdiifpipmniobndbgdejkbki [2020-12-21]
CHR Extension: (SponsorBlock für YouTube - Überspringe gesponserte Videosegmente) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjggcdmjocbbbhaepdhchncahnbgone [2021-02-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\pulze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-01-28] (BattlEye Innovations e.K. -> )
R2 CorsairGamingAudioConfig; C:\WINDOWS\system32\CorsairGamingAudioCfgService64.exe [616344 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-12-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [80936 2020-12-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 JetBrainsEtwHost; C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.Etw.Collector.Host.exe [1480656 2020-12-29] (JetBrains s.r.o. -> JetBrains s.r.o)
R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [520680 2020-12-21] (Skutta, Kristjan -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudio64.sys [60312 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-02-15] (CPUID S.A.R.L.U. -> CPUID)
S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [33784 2020-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 fwuac430mu; C:\WINDOWS\system32\DRIVERS\fwuac430mu.sys [2008040 2018-04-16] (WDKTestCert rstolz,131417395005862431 -> AVM GmbH)
R3 MpKsleba275a5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{33851120-BB60-45CC-8D6E-E5F4EFA7647A}\MpKslDrv.sys [47344 2021-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [57440 2020-10-09] (SteelSeries ApS -> SteelSeries ApS)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-15 20:25 - 2021-02-15 20:25 - 000015983 _____ C:\Users\pulze\Downloads\FRST.txt
2021-02-15 20:10 - 2021-02-15 20:25 - 000000000 ____D C:\FRST
2021-02-15 20:10 - 2021-02-15 20:10 - 002297856 _____ (Farbar) C:\Users\pulze\Downloads\FRST64.exe
2021-02-15 19:37 - 2021-01-15 00:51 - 000834424 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\PsExec.exe
2021-02-15 18:52 - 2021-02-15 18:52 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Macromedia
2021-02-15 18:52 - 2021-02-15 18:52 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Adobe
2021-02-15 18:46 - 2021-02-15 18:46 - 000000000 ____D C:\Program Files\VS Revo Group
2021-02-15 18:24 - 2021-02-15 18:24 - 000072664 _____ C:\ProgramData\agent.uninstall.1613409837.bdinstall.v2.bin
2021-02-15 16:25 - 2021-02-15 16:25 - 000000000 ____D C:\Users\pulze\.tabnine
2021-02-15 16:21 - 2021-02-15 16:21 - 000000000 ____D C:\Users\pulze\.vsts
2021-02-15 16:11 - 2021-02-15 16:21 - 000000000 ____D C:\Users\pulze\AppData\Roaming\JetBrains
2021-02-15 16:11 - 2021-02-15 16:11 - 000000000 ____D C:\Users\pulze\AppData\Local\JetBrains
2021-02-15 16:08 - 2021-02-15 16:08 - 000000000 ____D C:\Program Files\JetBrains
2021-02-15 11:43 - 2021-02-15 11:43 - 000000000 ____D C:\Users\pulze\.omnisharp
2021-02-15 10:54 - 2021-02-15 18:52 - 000000000 ____D C:\Users\pulze\AppData\Local\Adobe
2021-02-15 10:29 - 2021-02-15 10:29 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Avast Software
2021-02-15 10:28 - 2021-02-15 10:28 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswb7ea2e4d2083b746.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw63f01983669058f5.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000466224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswe84e2544c5b2b583.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw6c0a8c660062912e.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-15 10:28 - 2021-02-15 10:28 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd5232e68f50d08e7.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw0b5e8c6e8991176e.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8b14783c5a746948.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8bb3c8d2da042d8a.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000175240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1f668c767afd89b7.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw0888847cedb05ea9.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa191994477108be5.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa592071a9c003606.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw499bcdf1da14d06e.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw542550194606c11e.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf3ec9bcb1937879f.tmp
2021-02-15 10:28 - 2021-02-15 10:28 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-02-15 10:27 - 2021-02-15 10:27 - 000000000 ____D C:\Program Files\Avast Software
2021-02-15 10:25 - 2021-02-15 18:23 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-15 10:21 - 2021-02-15 10:21 - 000087652 _____ C:\ProgramData\agent.update.1613380905.bdinstall.v2.bin
2021-02-15 10:17 - 2021-02-15 10:17 - 000001196 _____ C:\Users\pulze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2021-02-15 10:17 - 2021-02-15 10:17 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2021-02-15 10:13 - 2021-02-15 18:24 - 000000000 ____D C:\Program Files\Bitdefender Agent
2021-02-15 10:13 - 2021-02-15 10:13 - 000116112 _____ C:\ProgramData\agent.1613380396.bdinstall.v2.bin
2021-02-13 13:01 - 2021-02-13 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2020.2.4f1 (64-bit)
2021-02-13 12:12 - 2021-02-13 14:10 - 000000000 ____D C:\Users\pulze\AppData\LocalLow\DefaultCompany
2021-02-13 12:10 - 2021-02-13 12:10 - 000000000 ____D C:\Users\pulze\Documents\Unity
2021-02-11 22:50 - 2021-02-11 22:50 - 000000000 ____D C:\Program Files\dotnet
2021-02-11 21:54 - 2021-02-11 22:06 - 000000000 ____D C:\Users\pulze\Documents\plural
2021-02-10 11:50 - 2021-02-10 11:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-10 11:50 - 2021-02-10 11:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-10 11:50 - 2021-02-10 11:50 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-10 11:50 - 2021-02-10 11:50 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 11:50 - 2021-02-10 11:50 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-09 15:15 - 2021-02-09 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2021-02-09 15:15 - 2021-02-09 15:15 - 000000000 ____D C:\Program Files (x86)\JetBrains
2021-02-09 14:41 - 2021-02-09 14:42 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pluralsight
2021-02-09 14:41 - 2021-02-09 14:42 - 000000000 ____D C:\Users\pulze\AppData\Local\Pluralsight
2021-02-08 21:44 - 2021-02-08 21:44 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6fb2b3c9e4838
2021-02-05 05:18 - 2021-02-04 20:24 - 000000000 ____D C:\Windows.old
2021-02-05 05:16 - 2021-02-05 05:18 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-02-05 05:15 - 2021-02-05 05:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-02-05 05:15 - 2021-02-05 05:15 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-02-05 05:14 - 2021-02-05 05:14 - 000000000 ____D C:\ProgramData\ssh
2021-02-05 05:11 - 2021-02-05 05:11 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-02-05 05:11 - 2021-02-05 05:11 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-02-05 05:11 - 2021-02-05 05:11 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-02-05 05:11 - 2021-02-05 05:11 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-02-05 05:11 - 2021-02-05 05:11 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-02-05 05:11 - 2021-02-05 05:11 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-02-05 05:11 - 2021-02-05 05:11 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-02-05 05:11 - 2021-02-05 05:11 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-02-05 05:11 - 2021-02-05 05:11 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-02-05 05:11 - 2021-02-05 05:11 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-02-05 05:11 - 2021-02-05 05:11 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-02-05 05:11 - 2021-02-05 05:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-02-05 05:11 - 2021-02-05 05:11 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-05 05:11 - 2021-02-05 05:11 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-02-05 05:11 - 2021-02-05 05:11 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-02-05 05:11 - 2021-02-05 05:11 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-02-05 05:10 - 2021-02-05 05:10 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-02-05 05:10 - 2021-02-05 05:10 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-02-05 05:10 - 2021-02-05 05:10 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-02-05 05:10 - 2021-02-05 05:10 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-02-05 05:10 - 2021-02-05 05:10 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-02-05 05:10 - 2021-02-05 05:10 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-02-05 05:10 - 2021-02-05 05:10 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-02-05 05:10 - 2021-02-05 05:10 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-02-05 05:10 - 2021-02-05 05:10 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-02-05 05:10 - 2021-02-05 05:10 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-02-05 05:10 - 2021-02-05 05:10 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-02-05 05:10 - 2021-02-05 05:10 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-05 05:10 - 2021-02-05 05:10 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-02-05 05:10 - 2021-02-05 05:10 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-02-05 05:10 - 2021-02-05 05:10 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-02-05 05:10 - 2021-02-05 05:10 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-02-05 05:10 - 2021-02-05 05:10 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-02-05 05:10 - 2021-02-05 05:10 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-02-05 05:10 - 2021-02-05 05:10 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-02-05 05:05 - 2021-02-05 05:05 - 000417792 _____ C:\WINDOWS\system32\d3dconfig.exe
2021-02-05 05:05 - 2021-02-05 05:05 - 000374784 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
2021-02-05 05:05 - 2021-02-05 05:05 - 000365056 _____ C:\WINDOWS\SysWOW64\d3dconfig.exe
2021-02-05 05:05 - 2021-02-05 05:05 - 000347136 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
2021-02-05 05:04 - 2021-02-15 11:29 - 000741684 _____ C:\WINDOWS\system32\perfh007.dat
2021-02-05 05:04 - 2021-02-15 11:29 - 000149934 _____ C:\WINDOWS\system32\perfc007.dat
2021-02-05 05:04 - 2021-02-05 05:04 - 000306166 _____ C:\WINDOWS\system32\perfi007.dat
2021-02-05 05:04 - 2021-02-05 05:04 - 000040520 _____ C:\WINDOWS\system32\perfd007.dat
2021-02-05 05:04 - 2021-02-05 05:04 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-02-05 05:04 - 2021-02-05 05:04 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2021-02-05 05:04 - 2021-02-05 05:04 - 000000000 ____D C:\WINDOWS\system32\de
2021-02-05 05:01 - 2021-02-05 05:01 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-02-05 05:01 - 2021-02-05 05:01 - 000000000 ____D C:\Program Files\MSBuild
2021-02-05 05:01 - 2021-02-05 05:01 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-02-05 05:01 - 2021-02-05 05:01 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-02-04 21:02 - 2021-02-04 22:02 - 000000000 ____D C:\Users\pulze\AppData\Roaming\obs-studio
2021-02-04 21:02 - 2021-02-04 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2021-02-04 21:01 - 2021-02-04 21:02 - 000000000 ____D C:\Program Files\obs-studio
2021-02-04 20:28 - 2021-02-15 11:29 - 001817348 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-04 20:26 - 2021-02-04 20:26 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-04 20:25 - 2021-02-04 20:25 - 000000000 ____D C:\Program Files\SteelSeries
2021-02-04 20:24 - 2021-02-15 11:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-04 20:24 - 2021-02-08 21:44 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-04 20:24 - 2021-02-05 11:00 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-04 20:24 - 2021-02-05 11:00 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-04 20:24 - 2021-02-04 20:24 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-02-04 20:24 - 2021-02-04 20:24 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-02-04 20:24 - 2021-02-04 20:24 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-04 20:24 - 2021-02-04 20:24 - 000003056 _____ C:\WINDOWS\system32\Tasks\update-S-1-5-21-1763028911-1943601498-1160324226-1001
2021-02-04 20:24 - 2021-02-04 20:24 - 000002800 _____ C:\WINDOWS\system32\Tasks\update-sys
2021-02-04 20:24 - 2021-02-04 20:24 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-02-04 20:24 - 2021-02-04 20:24 - 000000020 ___SH C:\Users\pulze\ntuser.ini
2021-02-04 20:20 - 2021-02-15 16:25 - 000000000 ____D C:\Users\pulze
2021-02-04 20:20 - 2019-12-07 10:10 - 000001105 _____ C:\Users\pulze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-04 20:19 - 2021-02-15 19:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-04 20:19 - 2021-02-15 11:22 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-04 20:19 - 2021-02-10 14:34 - 005007616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-04 14:12 - 2021-02-10 14:02 - 000000000 ____D C:\Users\pulze\RiderProjects
2021-02-04 12:13 - 2021-02-04 12:13 - 000000000 ____D C:\ProgramData\VS Revo Group
2021-02-04 11:58 - 2021-02-10 11:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-02-04 11:58 - 2021-02-10 11:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-04 11:58 - 2021-02-09 14:52 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-02-04 11:58 - 2021-02-04 11:58 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Thunderbird
2021-02-04 11:58 - 2021-02-04 11:58 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Mozilla
2021-02-04 11:58 - 2021-02-04 11:58 - 000000000 ____D C:\Users\pulze\AppData\Local\Thunderbird
2021-02-04 11:58 - 2021-02-04 11:58 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-03 19:15 - 2021-02-15 20:24 - 000000000 ____D C:\Users\pulze\AppData\LocalLow\Unity
2021-02-03 19:15 - 2021-02-13 13:52 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Unity
2021-02-03 19:15 - 2021-02-12 00:19 - 000000000 ____D C:\Users\pulze\AppData\Local\Unity
2021-02-03 14:09 - 2021-02-15 18:42 - 000000000 ____D C:\Users\pulze\AppData\Roaming\TabNine
2021-02-03 14:09 - 2021-02-03 14:09 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Codota
2021-02-03 14:07 - 2021-02-03 14:07 - 000000000 ____D C:\Users\pulze\AppData\Local\SymbolSourceSymbols
2021-02-03 14:07 - 2021-02-03 14:07 - 000000000 ____D C:\Users\pulze\AppData\Local\RefSrcSymbols
2021-02-03 13:36 - 2021-02-03 13:36 - 000000000 ____D C:\Users\pulze\Documents\My Web Sites
2021-02-03 13:36 - 2021-02-03 13:36 - 000000000 ____D C:\Users\pulze\Documents\IISExpress
2021-02-02 12:26 - 2021-02-02 12:26 - 000000000 ____D C:\Program Files\Unity
2021-02-02 11:53 - 2021-02-02 11:53 - 000000000 ____D C:\ProgramData\Unity
2021-02-02 11:43 - 2021-02-15 11:41 - 000000000 ____D C:\Users\pulze\AppData\Roaming\UnityHub
2021-02-02 11:43 - 2021-02-02 11:43 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Unity Hub
2021-02-01 09:06 - 2021-02-01 09:06 - 000000000 ____D C:\Users\pulze\AppData\Local\IsolatedStorage
2021-02-01 08:58 - 2021-02-01 08:58 - 000000000 ____D C:\Users\pulze\AppData\LocalLow\Temp
2021-01-31 14:34 - 2021-02-01 09:28 - 000000000 ____D C:\Users\pulze\Documents\Visual Studio 2019
2021-01-29 16:16 - 2021-02-04 20:24 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-29 16:11 - 2021-01-29 16:11 - 000000000 ___HD C:\$WinREAgent
2021-01-27 20:52 - 2021-01-27 20:58 - 000000000 ____D C:\Users\pulze\AppData\Roaming\ScreenToGif
2021-01-26 22:25 - 2021-01-26 22:39 - 000000000 ____D C:\Users\pulze\Documents\Adobe
2021-01-26 22:02 - 2021-02-05 05:18 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-01-26 19:46 - 2021-01-26 19:46 - 000000066 _____ C:\Users\pulze\inittk.ini
2021-01-26 19:45 - 2021-01-31 13:21 - 000000000 ____D C:\Users\pulze\vmlogs
2021-01-26 19:45 - 2021-01-26 19:45 - 000000053 _____ C:\Users\pulze\useruid.ini
2021-01-26 19:45 - 2021-01-26 19:45 - 000000045 _____ C:\Users\pulze\nuuid.ini
2021-01-26 19:45 - 2021-01-26 19:45 - 000000041 _____ C:\Users\pulze\inst.ini
2021-01-26 19:45 - 2021-01-26 19:45 - 000000000 ____D C:\Users\pulze\Nox_share
2021-01-26 13:39 - 2021-02-05 05:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2021-01-26 13:39 - 2021-01-26 13:39 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Corsair
2021-01-26 13:39 - 2021-01-26 13:39 - 000000000 ____D C:\Users\pulze\AppData\Local\Corsair
2021-01-26 13:39 - 2021-01-26 13:39 - 000000000 ____D C:\ProgramData\Corsair
2021-01-26 13:39 - 2021-01-26 13:39 - 000000000 ____D C:\Program Files (x86)\Corsair
2021-01-24 00:55 - 2021-02-05 05:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Repair for Video
2021-01-24 00:55 - 2021-01-24 00:55 - 000000000 _RSHD C:\ProgramData\Key-Base
2021-01-24 00:55 - 2021-01-24 00:55 - 000000000 ____D C:\ProgramData\{83E99137-A7CC-9432-2BE9-55A6F1759C92}
2021-01-24 00:52 - 2021-02-05 05:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-01-24 00:47 - 2021-01-24 00:47 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2021-01-24 00:45 - 2021-02-05 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rising Research
2021-01-24 00:45 - 2021-01-24 00:45 - 000000000 ____D C:\Program Files (x86)\Rising Research
2021-01-24 00:37 - 2021-01-24 00:40 - 000000004 _____ C:\Users\pulze\movdump.lic
2021-01-24 00:28 - 2021-01-26 21:38 - 000000000 ____D C:\Users\pulze\AppData\Roaming\vlc
2021-01-24 00:28 - 2021-01-24 00:52 - 000000000 ____D C:\Program Files\VideoLAN
2021-01-22 21:40 - 2021-01-22 21:40 - 000000000 ____D C:\Users\pulze\AppData\Local\Zerebos
2021-01-20 21:44 - 2021-01-20 21:44 - 000000000 ____D C:\Users\pulze\AppData\Local\pip
2021-01-20 19:42 - 2021-01-20 19:42 - 000000000 ____D C:\ProgramData\TEMP
2021-01-20 18:04 - 2021-01-20 18:04 - 000000000 ____D C:\WINDOWS\system32\compress

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-15 20:25 - 2020-12-21 19:27 - 000000000 ____D C:\Users\pulze\AppData\Local\OpenShell
2021-02-15 20:25 - 2020-12-21 19:23 - 000000000 ____D C:\Users\pulze\AppData\Roaming\discord
2021-02-15 20:24 - 2020-12-30 02:13 - 000000000 ____D C:\Users\pulze\AppData\LocalLow\Mozilla
2021-02-15 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-15 18:48 - 2020-12-21 19:39 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-02-15 15:29 - 2020-12-21 19:27 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Code
2021-02-15 12:06 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-15 11:58 - 2021-01-02 19:30 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-15 11:22 - 2020-12-29 18:43 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-15 11:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-15 10:59 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-15 10:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-15 09:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-13 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-13 13:02 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-13 12:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-13 12:03 - 2020-12-22 17:56 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-12 10:50 - 2020-12-21 10:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-11 22:50 - 2020-12-22 06:27 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-11 18:14 - 2020-12-30 02:13 - 000000910 _____ C:\Users\pulze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2021-02-11 13:38 - 2020-12-21 19:41 - 000000000 ____D C:\Users\pulze\AppData\Local\D3DSCache
2021-02-10 15:00 - 2020-12-22 17:02 - 000000000 ____D C:\Users\pulze\AppData\Local\Ubisoft Game Launcher
2021-02-10 14:47 - 2020-12-21 19:14 - 000000000 ____D C:\Users\pulze\AppData\Local\Packages
2021-02-10 14:03 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-10 14:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-10 14:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-10 14:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-10 14:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-10 14:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-10 14:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-10 14:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-10 14:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 14:03 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 11:44 - 2020-12-21 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 11:42 - 2020-12-21 19:42 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-09 14:41 - 2020-12-21 19:23 - 000000000 ____D C:\Users\pulze\AppData\Local\SquirrelTemp
2021-02-08 21:24 - 2020-12-21 19:19 - 000000000 ____D C:\Users\pulze\Documents\Bewerbung
2021-02-08 21:06 - 2020-12-21 19:19 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-05 11:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-02-05 05:18 - 2021-01-05 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Compressor
2021-02-05 05:18 - 2021-01-04 18:04 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.8
2021-02-05 05:18 - 2021-01-02 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-02-05 05:18 - 2021-01-01 06:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-02-05 05:18 - 2020-12-30 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.9
2021-02-05 05:18 - 2020-12-30 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2021-02-05 05:18 - 2020-12-26 00:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2021-02-05 05:18 - 2020-12-22 06:30 - 000000000 ____D C:\Program Files\IIS
2021-02-05 05:18 - 2020-12-22 06:06 - 000000000 ____D C:\Program Files\UNP
2021-02-05 05:18 - 2020-12-21 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2021-02-05 05:18 - 2020-12-21 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-02-05 05:18 - 2020-12-21 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open-Shell
2021-02-05 05:18 - 2020-12-21 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-05 05:18 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2021-02-05 05:18 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-02-05 05:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-02-05 05:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-02-05 05:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-02-05 05:18 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-02-05 05:18 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-02-05 05:18 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-02-05 05:16 - 2021-01-05 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2021-02-05 05:16 - 2020-12-30 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2021-02-05 05:16 - 2020-12-29 18:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-02-05 05:16 - 2020-12-22 06:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2021-02-05 05:16 - 2020-12-22 06:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2021-02-05 05:14 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-02-05 05:14 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-02-05 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-02-05 05:13 - 2019-12-07 10:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-05 05:13 - 2019-12-07 10:52 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-05 05:05 - 2019-12-07 10:51 - 000000000 ____D C:\WINDOWS\OCR
2021-02-05 05:04 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-02-05 05:04 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-02-05 05:04 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-02-05 05:04 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-02-05 05:04 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-02-05 05:04 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-02-05 05:04 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-02-05 05:04 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-02-05 05:04 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-02-05 05:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-02-05 05:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-02-04 22:14 - 2021-01-01 06:32 - 000000000 ____D C:\Users\pulze\AppData\Roaming\FileZilla
2021-02-04 22:12 - 2021-01-01 06:48 - 000000128 _____ C:\Users\pulze\AppData\Local\PUTTY.RND
2021-02-04 22:02 - 2021-01-02 13:38 - 000000000 ____D C:\Users\pulze\AppData\Local\CrashDumps
2021-02-04 20:40 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-02-04 20:24 - 2020-12-21 19:31 - 000000000 ____D C:\ProgramData\Packages
2021-02-04 20:24 - 2020-12-21 19:14 - 000000000 ___RD C:\Users\pulze\3D Objects
2021-02-04 20:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-02-04 20:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-04 20:24 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-02-04 20:21 - 2021-01-10 02:25 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Equalify
2021-02-04 20:21 - 2020-12-21 19:19 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-04 20:20 - 2020-12-22 17:02 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-02-04 20:20 - 2020-12-21 19:23 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-02-04 20:19 - 2020-12-21 19:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-04 20:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-04 12:34 - 2020-12-21 19:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2021-02-03 13:42 - 2020-12-21 19:41 - 000000000 ____D C:\Users\pulze\AppData\Roaming\Visual Studio Setup
2021-02-03 13:37 - 2020-12-22 06:27 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2021-02-03 13:37 - 2020-12-22 06:27 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2021-02-03 13:36 - 2020-12-22 06:29 - 000000000 ____D C:\Program Files\IIS Express
2021-02-03 13:36 - 2020-12-22 06:29 - 000000000 ____D C:\Program Files (x86)\IIS Express
2021-02-03 13:36 - 2020-12-22 06:28 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2021-02-03 13:36 - 2020-12-22 06:28 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-02-03 13:32 - 2020-12-22 06:35 - 000000000 ____D C:\Users\pulze\AppData\Local\Package Cache
2021-02-02 12:07 - 2020-12-22 17:17 - 000000000 ____D C:\Users\pulze\AppData\Local\.IdentityService
2021-02-01 08:57 - 2020-12-30 16:48 - 000000000 ____D C:\Users\pulze\AppData\Roaming\NuGet
2021-01-31 15:49 - 2021-01-01 06:48 - 000000128 _____ C:\Users\pulze\AppData\Roaming\PUTTY.RND
2021-01-31 15:19 - 2020-12-30 16:58 - 000000000 ____D C:\Users\pulze\AppData\Roaming\npm-cache
2021-01-23 01:53 - 2021-01-13 13:48 - 000000000 ____D C:\Users\pulze\AppData\Roaming\PreMiD
2021-01-22 13:16 - 2020-12-21 19:24 - 000799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-21 19:42 - 2020-12-30 16:50 - 000000000 ____D C:\Python39
2021-01-21 19:42 - 2020-12-22 06:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.7
2021-01-21 10:43 - 2020-12-22 17:07 - 361672549 _____ C:\WINDOWS\MEMORY.DMP
2021-01-17 04:11 - 2020-12-21 19:16 - 000000000 ____D C:\Users\pulze\AppData\Local\PlaceholderTileLogoFolder

==================== Files in the root of some directories ========

2017-01-14 12:37 - 2017-01-14 12:37 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2021-01-01 06:48 - 2021-01-31 15:49 - 000000128 _____ () C:\Users\pulze\AppData\Roaming\PUTTY.RND
2021-01-01 06:48 - 2021-02-04 22:12 - 000000128 _____ () C:\Users\pulze\AppData\Local\PUTTY.RND
2020-12-21 19:51 - 2020-12-21 19:51 - 000000003 _____ () C:\Users\pulze\AppData\Local\updater.log
2020-12-21 19:51 - 2020-12-21 19:51 - 000000424 _____ () C:\Users\pulze\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
         
Code:
ATTFilter
 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by pulze (15-02-2021 20:26:54)
Running from C:\Users\pulze\Downloads
Windows 10 Home Version 20H2 19042.804 (X64) (2021-02-04 19:24:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1763028911-1943601498-1160324226-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1763028911-1943601498-1160324226-503 - Limited - Disabled)
Guest (S-1-5-21-1763028911-1943601498-1160324226-501 - Limited - Disabled)
pulze (S-1-5-21-1763028911-1943601498-1160324226-1001 - Administrator - Enabled) => C:\Users\pulze
WDAGUtilityAccount (S-1-5-21-1763028911-1943601498-1160324226-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 06.20.10 - AVM Berlin)
CORSAIR iCUE Software (HKLM-x32\...\{10730A22-FBFF-43C4-92EA-1583832711B4}) (Version: 3.37.140 - Corsair)
Digital Video Repair 3.7.0.0 (HKLM-x32\...\Digital VideoRepair_is1) (Version: 3.7.0.0 - Rising Research)
Discord (HKU\S-1-5-21-1763028911-1943601498-1160324226-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Equalify 1.4.7 (HKU\S-1-5-21-1763028911-1943601498-1160324226-1001\...\{E3B5506D-A71E-471B-89E7-3B834326A763}_is1) (Version: 1.4.7 - Leonardsen Software)
FileZilla Client 3.52.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.52.0.5 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
IIS 10.0 Express (HKLM\...\{0307C98E-AE82-4A4F-A950-A72FBD805338}) (Version: 10.0.04403 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - ) Hidden
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
JetBrains ETW Service (HKLM-x32\...\{12E20DAD-DE65-4CD7-ACBC-61C4EABE7171}) (Version: 203.15.20.0 - JetBrains s.r.o) Hidden
JetBrains Rider 2020.3.2 (HKLM-x32\...\JetBrains Rider 2020.3.2) (Version: 203.6682.21 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Microsoft .NET SDK 5.0.103 (x64) (HKLM-x32\...\{ef652463-9fab-47df-a3bd-caeec3c0dd92}) (Version: 5.1.321.7308 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{2EC26D34-FB67-4C58-AC20-235697551222}) (Version: 10.0.3802 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.7.0 - Mozilla)
Mozilla Thunderbird 78.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.7.1 (x86 de)) (Version: 78.7.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Node.js (HKLM\...\{2D38322C-867F-4873-907B-74B7D0422349}) (Version: 14.15.3 - Node.js Foundation)
NVIDIA Graphics Driver 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
OpenOffice 4.1.8 (HKLM-x32\...\{3C1972F6-E411-4B54-AD4C-EF24894301D6}) (Version: 4.18.9803 - Apache Software Foundation)
Open-Shell (HKLM\...\{F4B6EE58-F183-4B0D-930B-4480673C0F5B}) (Version: 4.4.160 - The Open-Shell Team)
PuTTY release 0.74 (64-bit) (HKLM\...\{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 - Simon Tatham)
Python 3.9.1 (64-bit) (HKU\S-1-5-21-1763028911-1943601498-1160324226-1001\...\{b2be55ad-3177-42aa-a6c2-53004684e4ea}) (Version: 3.9.1150.0 - Python Software Foundation)
Python 3.9.1 Add to Path (64-bit) (HKLM\...\{5AD5ED9C-14D1-4CFA-B4B1-A02CE8916D9F}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Core Interpreter (64-bit) (HKLM\...\{1C00F581-D5BF-491E-B1BB-72AA3A2250E5}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Development Libraries (64-bit) (HKLM\...\{27AD952D-DD9D-4AAC-B486-8AA601BFA064}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Documentation (64-bit) (HKLM\...\{5CB3AEED-BB03-47E2-BFF1-0CA58C236895}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Executables (64-bit) (HKLM\...\{71A9F41D-A865-46D4-A650-B210150DEF2A}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 pip Bootstrap (64-bit) (HKLM\...\{EF2B9385-6453-4702-9584-21BA8288D157}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Standard Library (64-bit) (HKLM\...\{5DD5C023-790B-4F1B-9B1B-8D1BC48F3057}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Tcl/Tk Support (64-bit) (HKLM\...\{414B5372-24FD-4302-8090-B9CE5564A6DD}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Test Suite (64-bit) (HKLM\...\{A7EC4DEB-8ABD-471D-BB5B-E579EBC9B043}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Utility Scripts (64-bit) (HKLM\...\{47A9647A-A576-4751-9C37-D32EB70285A3}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{FFC95928-6A14-4FB3-8D73-7A62382F66AC}) (Version: 3.9.7280.0 - Python Software Foundation)
SDK ARM Additions (HKLM-x32\...\{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Repair for Video (HKLM-x32\...\Stellar Repair for Video_is1) (Version: 5.0.0.2 - Stellar Information Technology Pvt Ltd.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
Unity (HKLM-x32\...\Unity) (Version: 2020.2.4f1 - Unity Technologies ApS)
Unity Hub 2.4.2 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.4.2 - Unity Technologies Inc.)
Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{9F7B0D96-881D-8850-C303-43F3A08E6902}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.24.20200219 - Xilisoft)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-04] (Microsoft Studios) [MS Ad]
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.13.154.0_x64__43tkc6nmykmb6 [2021-01-21] (Ookla)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0 [2021-02-07] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.7.0_x86__xpfg3f7e9an52 [2021-02-04] (New Work SE)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-11-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2020-09-26] (Open-Shell) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-22 17:17 - 2020-10-21 13:55 - 001409024 _____ () [File not signed] \\?\C:\Program Files\Unity Hub\resources\app.asar.unpacked\node_modules\@unityhub\unity-editor-license\build\Release\license.node
2021-02-15 11:41 - 2021-02-15 11:41 - 000137728 _____ () [File not signed] \\?\C:\Users\pulze\AppData\Local\Temp\275bde34-8b6a-4afb-b0b2-df2b8c1f5d31.tmp.node
2021-02-15 11:41 - 2021-02-15 11:41 - 000615424 _____ () [File not signed] \\?\C:\Users\pulze\AppData\Local\Temp\5bc0da0b-5e02-401a-81c9-395107328921.tmp.node
2021-02-15 11:41 - 2021-02-15 11:41 - 000164864 _____ () [File not signed] \\?\C:\Users\pulze\AppData\Local\Temp\990665bd-b25e-4eb7-9f80-71e98a34bf61.tmp.node
2021-02-15 11:41 - 2021-02-15 11:41 - 000273408 _____ () [File not signed] \\?\C:\Users\pulze\AppData\Local\Temp\aae24ab8-2e41-4491-b9d0-e61be87bbca6.tmp.node
2021-02-15 11:41 - 2021-02-15 11:41 - 000136192 _____ () [File not signed] \\?\C:\Users\pulze\AppData\Local\Temp\c27c250f-b2d5-4a17-a4d0-3ce883e7afda.tmp.node
2021-02-15 11:41 - 2021-02-15 11:41 - 000151040 _____ () [File not signed] \\?\C:\Users\pulze\AppData\Local\Temp\d76f164c-0998-4d00-afbe-6fb76ff9011d.tmp.node
2021-02-15 11:41 - 2021-02-15 11:41 - 000206336 _____ () [File not signed] \\?\C:\Users\pulze\AppData\Local\Temp\e4da44b9-de88-4e66-9f2b-1cd58b8e261f.tmp.node
2020-12-29 21:25 - 2020-12-29 21:25 - 000357376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ActionsConverters.dll
2020-12-29 21:05 - 2020-12-29 21:05 - 000760832 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyCommands.dll
2020-12-29 21:05 - 2020-12-29 21:05 - 000744960 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyNotifications.dll
2020-12-29 21:04 - 2020-12-29 21:04 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\MobileProto.dll
2020-12-29 21:05 - 2020-12-29 21:05 - 000203776 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ModelHelpers.dll
2020-12-29 21:04 - 2020-12-29 21:04 - 000209408 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2020-12-29 21:04 - 2020-12-29 21:04 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2020-12-22 17:17 - 2020-10-21 13:55 - 002131456 _____ () [File not signed] C:\Program Files\Unity Hub\ffmpeg.dll
2020-12-22 17:17 - 2020-10-21 13:55 - 000140288 _____ () [File not signed] C:\Program Files\Unity Hub\libegl.dll
2020-12-22 17:17 - 2020-10-21 13:55 - 005425152 _____ () [File not signed] C:\Program Files\Unity Hub\libglesv2.dll
2020-12-26 00:53 - 2018-04-16 02:00 - 000335872 _____ (AVM Berlin) [File not signed] C:\Program Files (x86)\avmwlanstick\avmsysnet.dll
2020-12-26 00:53 - 2018-04-16 02:00 - 000218112 _____ (AVM GmbH) [File not signed] C:\Program Files (x86)\avmwlanstick\avmwlapi.dll
2021-02-15 12:32 - 2020-11-16 23:52 - 001725952 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Bugsnax\fmod.dll
2021-02-15 12:32 - 2020-11-16 23:52 - 001434624 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Bugsnax\fmodstudio.dll
2021-02-15 12:32 - 2020-11-16 23:52 - 003846144 _____ (Irrlicht Team) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Bugsnax\Irrlicht.dll
2021-02-15 12:32 - 2020-11-16 23:52 - 002598912 _____ (NVIDIA Corporation) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Bugsnax\PhysX3_x64.dll
2021-02-15 12:32 - 2020-11-16 23:52 - 000504320 _____ (NVIDIA Corporation) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Bugsnax\PhysX3CharacterKinematic_x64.dll
2021-02-15 12:32 - 2020-11-16 23:52 - 001876992 _____ (NVIDIA Corporation) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Bugsnax\PhysX3Common_x64.dll
2021-02-15 12:32 - 2020-11-16 23:52 - 000543232 _____ (NVIDIA Corporation) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Bugsnax\PhysX3Cooking_x64.dll
2020-09-26 13:47 - 2020-09-26 13:47 - 000975872 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\ClassicExplorer64.dll
2020-09-26 13:47 - 2020-09-26 13:47 - 002659328 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2020-09-26 13:48 - 2020-09-26 13:48 - 000562688 _____ (Open-Shell) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2020-11-15 15:51 - 2020-11-15 15:51 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-12-29 21:04 - 2020-12-29 21:04 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2020-12-29 21:04 - 2020-12-29 21:04 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2020-09-26] (Open-Shell) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2020-09-26] (Open-Shell) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Python39\Scripts\;C:\Python39\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\nodejs\;C:\ProgramData\chocolatey\bin;C:\Program Files\PuTTY\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-1763028911-1943601498-1160324226-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pulze\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{CA9B5248-6A53-4F6C-B391-CCEBD310C452}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{0D9E8F9C-4008-4DEB-B978-D87A2A542FFF}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{B4A08001-3580-4D9D-A81D-E868652144B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{6A402778-29D7-41D7-BAC7-1C8D1E1F041A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{FB8998E4-AAE3-41C4-AC79-017020D851C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{469B5150-E201-4365-A9D1-179EBBA420D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{4C17F78A-B2BC-49C8-ABE5-296540DE78DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{B61C43B4-D240-4411-A3FA-E911AE200300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{236021BC-7BB2-4B54-BD4F-3719BC4D924A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{B5ACBFDF-A4E9-463F-8601-03F79F584D86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{FBA20459-A718-474D-95CA-62C1AF991D9D}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{B4C7A281-1ECE-4983-BC24-BCECCF68D39E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{FD137FE5-8135-462D-93C6-CC79BF4B1A81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E323298F-E5DD-4C9A-AD62-D55D3B39DEF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{12ECB2CD-8C60-417A-BB06-8207FE5D51DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{414A049E-FFE3-4FA4-B22C-01641D9DAA84}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{698C68C6-89A3-4A08-BCF5-C4F667965510}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A85D04B5-DFB6-4607-A5A5-37E985E7219C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1FCDDB9B-1EDA-4E20-8C72-ACF6BB235E90}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DF0CF9E5-6C85-44EC-9241-5818718B7EE2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94881497-6FCF-416E-A053-EDDC7D774589}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7178C9EE-48B6-4E98-8007-5F91EB27920D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{52558969-C792-425F-9786-8437EBF72003}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{71226111-D921-4740-B8CF-65257C9EDD8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{127B102B-A5D6-4697-A180-F2E154273EAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0EDB9889-8FEE-4B48-855E-B9DE58B23676}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A9C31651-170B-4BA2-9BD3-EDEFF10AD5F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{97E0E78C-F96E-45F5-897B-F4180A1B60EB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EEC3B6B8-D7BA-4D0E-8CB6-C3575A906778}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{52F82B7B-9999-4AF5-96B2-C8D4FC587C90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{46CA9E4E-CF48-47D8-A801-96B786117A7E}] => (Allow) C:\Program Files\Unity\Hub\Editor\2020.2.4f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{61B939FD-FE7B-4950-9DF4-9EAC39A21DAF}] => (Block) C:\Program Files\Unity\Hub\Editor\2020.2.4f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{BA112498-3388-488C-87F1-E01F481860E4}C:\program files\unity\hub\editor\2020.2.4f1\editor\unity.exe] => (Allow) C:\program files\unity\hub\editor\2020.2.4f1\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [UDP Query User{E6E540A0-33F3-4C35-B94F-792593FCB5CE}C:\program files\unity\hub\editor\2020.2.4f1\editor\unity.exe] => (Allow) C:\program files\unity\hub\editor\2020.2.4f1\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)

==================== Restore Points =========================

13-02-2021 13:01:50 Windows Modules Installer
15-02-2021 18:54:11 Removed GIFmicro.

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/15/2021 06:54:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (02/15/2021 06:54:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (02/15/2021 06:54:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.

System Error:
The system cannot find the file specified.
.

Error: (02/15/2021 06:54:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
The system cannot find the file specified.
.

Error: (02/15/2021 06:54:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
The system cannot find the file specified.
.

Error: (02/15/2021 06:54:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRvrt.

System Error:
The system cannot find the file specified.
.

Error: (02/15/2021 06:54:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
The system cannot find the file specified.
.

Error: (02/15/2021 06:54:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (02/15/2021 10:57:11 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (02/15/2021 10:54:31 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport FRITZ!WLAN USB Stick AC 430 MU-MIMO, {fb23fe38-e747-49b1-9e92-c4e7c3a775c0}, had event 74

Error: (02/15/2021 10:50:09 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (02/15/2021 09:49:46 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport FRITZ!WLAN USB Stick AC 430 MU-MIMO, {fb23fe38-e747-49b1-9e92-c4e7c3a775c0}, had event 74

Error: (02/15/2021 09:03:34 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport FRITZ!WLAN USB Stick AC 430 MU-MIMO, {fb23fe38-e747-49b1-9e92-c4e7c3a775c0}, had event 74

Error: (02/14/2021 06:35:10 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport FRITZ!WLAN USB Stick AC 430 MU-MIMO, {fb23fe38-e747-49b1-9e92-c4e7c3a775c0}, had event 74

Error: (02/14/2021 04:59:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (02/14/2021 04:59:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Windows Defender:
================
Date: 2021-02-14 17:50:07
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-13 18:24:05
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-09 23:31:12
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-07 20:42:45
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-06 21:13:48
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-06 01:51:20
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2021-02-15 18:23:18
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-15 18:21:40
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. H.20 01/22/2019
Motherboard: Micro-Star International Co., Ltd. A320M PRO-E (MS-7A36)
Processor: AMD Ryzen 5 1500X Quad-Core Processor 
Percentage of memory in use: 45%
Total physical RAM: 16335.16 MB
Available physical RAM: 8963.31 MB
Total Virtual: 18767.16 MB
Available Virtual: 6895.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.13 GB) (Free:270.81 GB) NTFS

\\?\Volume{a9ab6a35-6320-4f3e-a64d-59315c476581}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{3efc41ca-3dc0-4acd-ad38-5e7a729d97e4}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
         

Geändert von Elry (15.02.2021 um 20:35 Uhr)

Alt 16.02.2021, 08:28   #2
M-K-D-B
/// TB-Ausbilder
 
Gefährlich genaue Phishing Emails - Standard

Gefährlich genaue Phishing Emails



Es ist keine Malware in den Logdateien zu sehen, ich verschiebe nach Spam.
__________________


Antwort

Themen zu Gefährlich genaue Phishing Emails
absender, amazon, antivirus, aufforderung, backdoor, details, email, emails, gefährlich, klicke, melde, meldet, namen, nicht, nichts, phishing, phishing - mail, tracking, trojaner, unter, windows, windows 10



Ähnliche Themen: Gefährlich genaue Phishing Emails


  1. Einfache Auswertung und genaue weitere Vorgehensweise eines Scans mit OTLOldtimer
    Log-Analyse und Auswertung - 02.03.2017 (2)
  2. Vielen Dank für die schnelle und genaue Hilfe
    Lob, Kritik und Wünsche - 15.11.2015 (1)
  3. Tmp00000000 gefährlich ?
    Alles rund um Windows - 15.07.2015 (5)
  4. Phishing-Mail-Link angeklickt (Paypal-Phishing-Mail)
    Plagegeister aller Art und deren Bekämpfung - 29.11.2014 (9)
  5. MSE hat Trojaner entdeckt, genaue Bezeichnung dank UTS leider unbekannt
    Log-Analyse und Auswertung - 22.01.2013 (3)
  6. PUP-Toolbar - gefährlich oder nicht gefährlich?
    Plagegeister aller Art und deren Bekämpfung - 12.07.2012 (3)
  7. Genaue Auswirkungen von TR/Sirefef.BP.1 und onlinebanking und kaspersky?
    Plagegeister aller Art und deren Bekämpfung - 30.03.2012 (5)
  8. GEMA-Trojaner auf Rechner eines Unerfahrenen (genaue Anleitung nötig)
    Log-Analyse und Auswertung - 27.12.2011 (12)
  9. Rootkit eingefangen. PC fährt eigenständig runter. Keine genaue Lokalisierung möglich.
    Log-Analyse und Auswertung - 31.08.2010 (13)
  10. Genaue HiJackThis Überprüfung!
    Log-Analyse und Auswertung - 09.08.2010 (2)
  11. Suche genaue Hijack This Anleitung
    Diskussionsforum - 09.03.2009 (2)
  12. Gefährlich?
    Plagegeister aller Art und deren Bekämpfung - 18.05.2008 (2)
  13. New.net gefährlich?!
    Plagegeister aller Art und deren Bekämpfung - 31.03.2006 (2)
  14. wie gefährlich
    Mülltonne - 20.01.2006 (1)
  15. Gefährlich???
    Plagegeister aller Art und deren Bekämpfung - 10.06.2005 (2)
  16. Ist das gefährlich?
    Antiviren-, Firewall- und andere Schutzprogramme - 04.01.2004 (1)

Zum Thema Gefährlich genaue Phishing Emails - Seit geraumer Zeit bekomme ich auf meine Email Phishing Emails mit gefährlich genauen Details Z.b. Fake Amazon Emails mit meinen namen und Bestellnummer und ner aufforderung zu klicken. Fake DHL - Gefährlich genaue Phishing Emails...
Archiv
Du betrachtest: Gefährlich genaue Phishing Emails auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.