| |
| |||||||
Log-Analyse und Auswertung: Trojan:Script/Woreflint.A!cl in file: C:\Users\name\AppData\Local\Temp\SCFA2EB.tmpWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
24.05.2023, 13:03
| #1 |
| |  Trojan:Script/Woreflint.A!cl in file: C:\Users\name\AppData\Local\Temp\SCFA2EB.tmp Guten Tag, Leider wurde ich Opfer der Mailware Trojan:Script/Woreflint.A!cl. Diese befindet sich nun seit Wochen auf dem PC. Wird zwar immer wieder "entfernt", aber ich bekomme trotzdem die Windowsdefender Meldung. Hier habe ich logs bei deren Auswertung ich Hilfe Brauche FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2023
durchgeführt von savio (Administrator) auf PC-SAVIO (24-05-2023 13:28:43)
Gestartet von C:\Users\savio\Desktop\FRST64.exe
Geladene Profile: savio
Plattform: Microsoft Windows 11 Pro Insider Preview Version 22H2 23451.1000 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe <6>
(C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\75.0.2.0\crashpad_handler.exe <8>
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_523.11500.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.50\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCopyAccelerator.exe
(C:\Users\savio\AppData\Local\Figma\app-116.9.5\Figma.exe ->) (Figma, Inc. -> ) C:\Users\savio\AppData\Local\FigmaAgent\figma_agent.exe
(C:\Users\savio\Desktop\adwcleaner.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2304.26.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(cmd.exe ->) (Agilebits -> AgileBits, Inc.) C:\Users\savio\AppData\Local\1Password\app\8\1Password-BrowserSupport.exe
(DriverStore\FileRepository\u0391400.inf_amd64_78dd64c613d4c112\B391098\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0391400.inf_amd64_78dd64c613d4c112\B391098\atieclxx.exe
(explorer.exe ->) (Agilebits -> 1Password) C:\Users\savio\AppData\Local\1Password\app\8\1Password.exe <5>
(explorer.exe ->) (Figma, Inc. -> Figma, Inc.) C:\Users\savio\AppData\Local\Figma\app-116.9.5\Figma.exe <10>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\74.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Users\savio\Desktop\adwcleaner.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <57>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\pwahelper.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0391400.inf_amd64_78dd64c613d4c112\B391098\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Codice Software SL -> Codice Software, S.L.) C:\Program Files\PlasticSCM5\client\plasticchangetrackerservice.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (peakstar technologies Inc. -> AtlasVPN.Worker) C:\Program Files\AtlasVPN\Bin\AtlasVPN.Worker.exe
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(services.exe ->) (plasticd) [Datei ist nicht signiert] C:\Program Files\PlasticSCM5\server\plasticd.exe
(services.exe ->) (Reallusion Inc. -> Reallusion.Inc) C:\Program Files (x86)\Common Files\Reallusion\RLHostService\RLHostService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Surfshark B.V. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.Service.exe
(sihost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(sihost.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\ProgramData\savio\slack\app-4.32.122\slack.exe <7>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2317.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_523.11500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [881440 2019-06-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088752 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-09-18] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1820568 2020-10-19] (LG Electronics Inc. -> LG Electronics Inc.)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.50\Installer\setup.exe [4045200 2023-05-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe [53969176 2023-05-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe [53969176 2023-05-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [MicrosoftEdgeAutoLaunch_BB803E781B762523B5E016383944836F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152256 2023-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [Discord] => C:\Users\savio\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [1Password] => C:\Users\savio\AppData\Local\1Password\app\8\1Password.exe [160138096 2023-05-09] (Agilebits -> 1Password)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\savio\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32754128 2023-01-08] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [Figma Agent] => C:\Users\savio\AppData\Local\FigmaAgent\figma_agent.exe [6698800 2023-05-15] (Figma, Inc. -> )
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-04-16] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-05-13] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [Surfshark] => C:\Program Files (x86)\Surfshark\Surfshark.exe [11455560 2023-01-30] (Surfshark B.V. -> Surfshark)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe [53969176 2023-05-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Run: [com.squirrel.slack.slack] => C:\ProgramData\savio\slack\slack.exe [310584 2023-05-01] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\savio\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Keine Datei)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\savio\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Keine Datei)
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\RunOnce: [Uninstall 23.096.0507.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\savio\AppData\Local\Microsoft\OneDrive\23.096.0507.0001" (Keine Datei)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe [53969176 2023-05-24] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\113.0.5672.127\Installer\chrmstp.exe [2023-05-24] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-02-13]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\qt_temp.Hp4444 [2023-05-14] () [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StartRLCMS.lnk [2023-05-14]
ShortcutTarget: StartRLCMS.lnk -> C:\ProgramData\Reallusion\RLRunUtility.exe (Reallusion Inc. -> )
Startup: C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2023-05-05]
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1F1D6BAA-5141-4692-A288-2B5A15F9928B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {228523ED-E976-4B12-A28C-106657F591E9} - System32\Tasks\AMD Updater => "C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe" /AUTOUPDATEIN (Keine Datei)
Task: {234573A1-A67F-4D6B-9858-C635915ED820} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2017-07-24] (Apple Inc. -> Apple Inc.)
Task: {2C8DDBB6-9BAB-49C3-9200-1D7D100034CA} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1645444329 => C:\Users\savio\AppData\Local\Programs\Opera GX\launcher.exe [2611616 2023-05-18] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\savio\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {31D68498-24AC-4F77-BE52-DDF406225F5D} - System32\Tasks\RLHub_SkipUac_savio => C:\Program Files (x86)\Common Files\Reallusion\LiveUpdate\Reallusion Hub.exe [1166160 2021-08-04] (Reallusion Inc. -> Reallusion Inc.)
Task: {4BE351D0-FA5C-4408-B42D-55E0E989525A} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-09-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {4CAB2E60-3FCD-41CA-A03A-93FC7E2BEE65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2022-02-13] (Google Inc -> Google Inc.)
Task: {55FB6318-986C-4FE7-8C01-D6D79F3B3143} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62A46340-DD7E-4E45-A2E3-E3027F7CA0B3} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183232 2022-09-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {695DD85C-981E-46DB-8441-F84E0E1F052C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {85AAA4D4-07E7-431E-80EC-8D3D703C9178} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {A7E1B018-203F-4BF1-9F73-E935243C02ED} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [67504 2022-04-18] (Microsoft Corporation -> Microsoft)
Task: {A93661A1-E180-4775-92A9-2F42BB5AAD9A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2022-02-13] (Google Inc -> Google Inc.)
Task: {BE06AEC1-B184-45C1-B087-420DFE6D1EC5} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-09-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C24A9BA9-5BE2-4A3B-A5D0-55754F17B540} - System32\Tasks\Opera GX scheduled Autoupdate 1644753098 => C:\Users\savio\AppData\Local\Programs\Opera GX\launcher.exe [2611616 2023-05-18] (Opera Norway AS -> Opera Software)
Task: {F3992AAB-CCC3-4601-8779-DA98923914EC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FEB9FFFD-3555-406F-A9E4-4FC3FB251C9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{61344b52-b331-4574-a64a-4a63ae29da93}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-24]
Edge Notifications: Default -> hxxps://mail.google.com; hxxps://www.faceit.com
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxp://google.com/"
Edge Extension: (Google Übersetzer) - C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22]
Edge Extension: (lock) - C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dppgmdbiimibapkepcbdbmkaabgiofem [2023-04-19]
Edge Extension: (Google Docs Offline) - C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-24]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-04-25]
Edge Extension: (Übersetzer - Webübersetzer, Wörterbuch) - C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbopnianfmifhdbdljehjepcknehlpci [2023-02-20]
Edge Extension: (Edge relevant text changes) - C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-24]
Edge Extension: (Microsoft Edge DevTools Enhancements) - C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfbdpdaobnofkbopebjglnaadopfikhh [2023-04-05]
Edge Extension: (Reader Mode Pro) - C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\koddbhkhginnhnfnhgldkampappgmmje [2022-11-14]
Edge Extension: (ClickUp: Tasks, Screenshots, Email, Time) - C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pliibjocnfmkagafnbkfcimonlnlpghj [2022-10-21]
Edge Profile: C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-02-03]
Edge HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\savio\AppData\Local\Google\Chrome\User Data\Default [2023-04-05]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (lock) - C:\Users\savio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2023-04-05]
CHR Extension: (Google Docs Offline) - C:\Users\savio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-05]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\savio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-02-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\savio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-13]
CHR Extension: (Dubble — Free Step-by-Step Guide Creator) - C:\Users\savio\AppData\Local\Google\Chrome\User Data\Default\Extensions\odinmjjdainghmojdffgpjmkefajhlbn [2023-03-21]
CHR Profile: C:\Users\savio\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-04]
CHR Profile: C:\Users\savio\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-02-09]
CHR Extension: (Google Docs Offline) - C:\Users\savio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-12]
CHR Extension: (Microsoft Power Automate) - C:\Users\savio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ljglajjnnkapghbckkcmodicjhacbfhk [2023-02-09]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\savio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\savio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-12]
CHR Profile: C:\Users\savio\AppData\Local\Google\Chrome\User Data\System Profile [2023-05-04]
CHR HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk]
CHR HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001) Opera GXStable - "C:\Users\savio\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-13] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc. -> Apple Inc.)
R2 AtlasVPN.Worker; C:\Program Files\AtlasVPN\Bin\AtlasVPN.Worker.exe [158168 2023-02-22] (peakstar technologies Inc. -> AtlasVPN.Worker)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-06-20] (BattlEye Innovations e.K. -> )
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9948264 2022-12-21] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-03-24] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-14] (Epic Games Inc. -> Epic Games, Inc.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10196736 2023-04-16] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9255384 2023-05-24] (Malwarebytes Inc. -> Malwarebytes)
R2 Plastic Change Tracker; C:\Program Files\PlasticSCM5\client\plasticchangetrackerservice.exe [368984 2022-02-06] (Codice Software SL -> Codice Software, S.L.)
R2 Plastic Server 6; C:\Program Files\PlasticSCM5\server\plasticd.exe [142848 2022-02-06] (plasticd) [Datei ist nicht signiert]
R2 RLHostService; C:\Program Files (x86)\Common Files\Reallusion\RLHostService\RLHostService.exe [280072 2021-02-25] (Reallusion Inc. -> Reallusion.Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [302008 2023-04-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Surfshark Service; C:\Program Files (x86)\Surfshark\Surfshark.Service.exe [3662408 2023-01-30] (Surfshark B.V. -> Surfshark)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11060856 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35880 2023-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2022-09-15] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0391400.inf_amd64_78dd64c613d4c112\B391098\amdkmdag.sys [101190176 2023-04-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [213280 2023-04-29] (Microsoft Windows -> Microsoft Corporation)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-23] (Logitech Inc -> Logitech)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-30] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-05-24] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 MpKsl338387e9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{04FAA76D-A782-4D66-8973-43AD06FC97B2}\MpKslDrv.sys [212264 2023-05-24] (Microsoft Windows -> Microsoft Corporation)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_3ab91b059be7f058\rtcx21x64.sys [652880 2022-05-11] (Realtek Semiconductor Corp. -> Realtek)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 SurfsharkSplitTunnelDriver; C:\Program Files (x86)\Surfshark\Resources\x64\SurfsharkSplitTunnelCalloutDriver.sys [39648 2022-02-01] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [30720 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
R3 tapsurfshark; C:\WINDOWS\System32\drivers\tapsurfshark.sys [38728 2020-06-15] (WDKTestCert Lenovo,131775874531219913 -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-03] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22292248 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VirtualHID; C:\WINDOWS\System32\drivers\VirtualHID.sys [26768 2020-02-05] (Voyetra Turtle Beach, Inc. -> TurtleBeach)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2023-04-29] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-05-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-05-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-02] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-05-24 13:28 - 2023-05-24 13:29 - 000031411 _____ C:\Users\savio\Desktop\FRST.txt
2023-05-24 13:28 - 2023-05-24 13:29 - 000000000 ____D C:\FRST
2023-05-24 13:27 - 2023-05-24 13:28 - 002382848 _____ (Farbar) C:\Users\savio\Desktop\FRST64.exe
2023-05-24 13:24 - 2023-05-24 13:24 - 000001481 _____ C:\Users\savio\Desktop\AdwCleaner[S01].txt
2023-05-24 13:22 - 2023-05-24 13:23 - 000000000 ____D C:\AdwCleaner
2023-05-24 13:21 - 2023-05-24 13:21 - 008791352 _____ (Malwarebytes) C:\Users\savio\Desktop\adwcleaner.exe
2023-05-24 13:20 - 2023-05-24 13:20 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-05-24 13:20 - 2023-05-24 13:20 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-05-24 13:20 - 2023-05-24 13:20 - 000000000 ____D C:\Users\savio\AppData\Local\mbam
2023-05-24 13:20 - 2023-05-24 13:20 - 000000000 ____D C:\Users\savio\AppData\Local\Malwarebytes
2023-05-24 13:19 - 2023-05-24 13:19 - 002638680 _____ (Malwarebytes) C:\Users\savio\Desktop\MBSetup.exe
2023-05-24 13:19 - 2023-05-24 13:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-05-24 13:19 - 2023-05-24 13:19 - 000000000 ____D C:\Program Files\Malwarebytes
2023-05-24 09:10 - 2023-05-24 09:10 - 000994375 _____ C:\Users\savio\Desktop\Dextra Rechtsschutz AG, Hohlstrasse 556, CH-8048 ZürichLRI.pdf
2023-05-24 08:49 - 2023-05-24 08:49 - 000797826 _____ C:\Users\savio\Desktop\Vereinbarung Zusammenarbeit «Casual-Games» Entwick-.pdf
2023-05-24 08:07 - 2023-05-24 08:07 - 000758844 _____ C:\WINDOWS\system32\perfh007.dat
2023-05-24 08:07 - 2023-05-24 08:07 - 000157062 _____ C:\WINDOWS\system32\perfc007.dat
2023-05-05 10:48 - 2023-04-27 12:57 - 002185760 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-05-05 10:48 - 2023-04-27 12:57 - 002185760 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-05-05 10:48 - 2023-04-27 12:57 - 001619960 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-05-05 10:48 - 2023-04-27 12:57 - 001619960 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-05-05 10:48 - 2023-04-27 12:57 - 001593376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 001593376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 001500936 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 001500936 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 001232088 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 001232088 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000952816 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2023-05-05 10:48 - 2023-04-27 12:57 - 000792048 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000669168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000598008 _____ C:\WINDOWS\system32\GameManager64.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000539632 _____ C:\WINDOWS\system32\libsmi_guest.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000533488 _____ C:\WINDOWS\system32\dgtrayicon.exe
2023-05-05 10:48 - 2023-04-27 12:57 - 000532464 _____ C:\WINDOWS\system32\libsmi_host.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000526320 _____ C:\WINDOWS\system32\atieah64.exe
2023-05-05 10:48 - 2023-04-27 12:57 - 000493040 _____ C:\WINDOWS\system32\EEURestart.exe
2023-05-05 10:48 - 2023-04-27 12:57 - 000463904 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000451568 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000395256 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2023-05-05 10:48 - 2023-04-27 12:57 - 000351728 _____ C:\WINDOWS\system32\clinfo.exe
2023-05-05 10:48 - 2023-04-27 12:57 - 000257008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000217584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000201040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000197624 _____ C:\WINDOWS\system32\mantle64.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000186864 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000176632 _____ C:\WINDOWS\system32\mantleaxl64.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000174584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000163936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000154104 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000138232 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000137720 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000065568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000041968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2023-05-05 10:48 - 2023-04-27 12:57 - 000038904 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 105774112 _____ C:\WINDOWS\system32\amd_comgr.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 089135136 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 016633376 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 007362440 _____ C:\WINDOWS\system32\amdsmi.exe
2023-05-05 10:48 - 2023-04-27 12:56 - 004376096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 004180000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 002203128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 001701672 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 001378984 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 001305592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 001030176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000934432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000761888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000559136 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000553928 _____ C:\WINDOWS\system32\amdmiracast.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000461856 _____ C:\WINDOWS\system32\amdlogum.exe
2023-05-05 10:48 - 2023-04-27 12:56 - 000422944 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000380448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000178368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000156608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000156608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000146192 _____ C:\WINDOWS\system32\atidxx64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000129056 _____ C:\WINDOWS\system32\amdxc64.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000126368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000126368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000119592 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000109088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2023-05-05 10:48 - 2023-04-27 12:56 - 000104480 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2023-05-05 10:48 - 2023-04-27 12:55 - 000166456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2023-05-05 10:48 - 2023-04-27 12:55 - 000140888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2023-05-05 10:48 - 2023-04-20 12:16 - 103230200 _____ C:\WINDOWS\system32\amdxc64.so
2023-05-05 08:51 - 2023-05-24 08:07 - 001754678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-05 08:46 - 2023-05-05 08:46 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-05-05 08:45 - 2023-05-05 08:45 - 000000020 ___SH C:\Users\savio\ntuser.ini
2023-05-05 00:31 - 2023-05-24 08:09 - 000003926 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-05-05 00:31 - 2023-05-24 08:09 - 000003802 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-05-05 00:31 - 2023-05-24 08:09 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3636290956-4184935153-3330214957-1001
2023-05-05 00:31 - 2023-05-24 08:09 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3636290956-4184935153-3330214957-1001
2023-05-05 00:31 - 2023-05-24 08:05 - 000004198 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1644753098
2023-05-05 00:31 - 2023-05-24 08:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-05 00:31 - 2023-05-13 12:51 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-05 00:31 - 2023-05-13 12:51 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-05 00:31 - 2023-05-05 00:31 - 000003760 _____ C:\WINDOWS\system32\Tasks\AMD Updater
2023-05-05 00:31 - 2023-05-05 00:31 - 000003758 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1645444329
2023-05-05 00:31 - 2023-05-05 00:31 - 000002518 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-05-05 00:31 - 2023-05-05 00:31 - 000002420 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-05-05 00:31 - 2023-05-05 00:31 - 000002404 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2023-05-05 00:31 - 2023-05-05 00:31 - 000002320 _____ C:\WINDOWS\system32\Tasks\RLHub_SkipUac_savio
2023-05-05 00:31 - 2023-05-05 00:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2023-05-05 00:31 - 2023-05-05 00:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2023-05-05 00:30 - 2023-05-05 00:31 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2023-05-05 00:30 - 2023-05-05 00:31 - 000011433 _____ C:\WINDOWS\diagerr.xml
2023-05-05 00:29 - 2023-05-05 00:29 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2023-05-05 00:27 - 2023-05-24 08:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-05 00:27 - 2023-05-05 08:44 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-05-05 00:27 - 2023-05-05 00:27 - 000306336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-04 21:14 - 2023-05-04 21:14 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Network
2023-05-04 21:13 - 2023-05-05 00:27 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Crypto
2023-05-04 21:13 - 2023-05-04 21:13 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\SystemCertificates
2023-05-04 21:07 - 2023-05-05 00:27 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-05-04 21:05 - 2023-05-05 08:45 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Windows
2023-05-04 21:05 - 2023-05-05 08:45 - 000000000 ____D C:\Users\savio
2023-05-04 21:05 - 2023-05-05 00:27 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Spelling
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\Vorlagen
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\Startmenü
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\Netzwerkumgebung
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\Lokale Einstellungen
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\Eigene Dateien
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\Druckumgebung
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\Documents\Eigene Videos
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\Documents\Eigene Musik
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\Documents\Eigene Bilder
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\AppData\Local\Verlauf
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\AppData\Local\Anwendungsdaten
2023-05-04 21:05 - 2023-05-04 21:05 - 000000000 _SHDL C:\Users\savio\Anwendungsdaten
2023-05-04 21:04 - 2023-05-04 21:07 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-05-04 21:01 - 2023-05-04 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-05-04 21:01 - 2023-05-04 21:01 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-05-04 21:01 - 2023-05-04 21:01 - 000000000 ____D C:\WINDOWS\addins
2023-05-04 21:00 - 2023-05-05 00:27 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-05-04 21:00 - 2023-05-04 21:00 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2023-05-04 21:00 - 2023-05-04 21:00 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-05-04 21:00 - 2023-05-04 21:00 - 000000000 ____D C:\Program Files\MSBuild
2023-05-04 21:00 - 2023-05-04 21:00 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-05-04 20:50 - 2023-05-04 20:50 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-05-04 20:33 - 2023-05-16 08:25 - 000000000 ___DC C:\WINDOWS\Panther
2023-05-04 10:31 - 2023-05-04 10:31 - 000000258 _____ C:\Users\savio\Desktop\Produktionsnotizen.txt
2023-05-04 09:52 - 2023-05-04 09:53 - 000002396 _____ C:\Users\savio\Desktop\Frozen City.txt
2023-05-04 08:55 - 2023-05-04 08:55 - 000000203 _____ C:\Users\savio\Desktop\Taskplanung.txt
2023-05-04 08:52 - 2023-05-04 09:11 - 000000361 _____ C:\Users\savio\Desktop\Dobler.txt
2023-05-03 11:14 - 2023-05-03 11:14 - 000013979 _____ C:\Users\savio\Desktop\Advanced Reporting 2022 Dez 2023 April.csv
2023-05-03 11:06 - 2023-05-03 11:06 - 000010381 _____ C:\Users\savio\Desktop\Network Comparision 2022 Dez 2023 April.csv
2023-04-29 16:27 - 2023-05-04 08:37 - 000000000 ____D C:\Users\savio\Desktop\Etsy
2023-04-29 16:20 - 2023-05-04 20:59 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-04-29 16:20 - 2023-05-04 20:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-04-29 16:20 - 2023-05-04 20:59 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-04-29 16:20 - 2023-04-29 16:20 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2023-04-29 16:20 - 2023-04-29 16:20 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-04-29 16:20 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2023-04-29 16:20 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\mde
2023-04-29 16:20 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\RemotePackages
2023-04-29 16:20 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\InboxApps
2023-04-29 16:20 - 2023-04-29 16:20 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2023-04-29 16:19 - 2023-04-29 16:19 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-04-29 16:19 - 2023-04-29 16:19 - 000000000 ____D C:\ProgramData\ssh
2023-04-29 16:10 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2023-04-29 16:10 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2023-04-29 16:09 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-04-29 16:09 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-04-29 16:09 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-04-29 16:09 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-04-29 16:09 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-04-29 16:09 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-04-29 16:09 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-04-29 16:09 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-04-29 16:09 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\system32\de
2023-04-29 16:09 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2023-04-29 16:09 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2023-04-29 16:09 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2023-04-29 16:09 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\system32\0409
2023-04-29 16:09 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\DigitalLocker
2023-04-29 09:14 - 2023-04-29 09:14 - 000000000 _SHDL C:\Users\Default User
2023-04-29 09:14 - 2023-04-29 09:14 - 000000000 _SHDL C:\Users\All Users
2023-04-29 09:01 - 2023-05-04 21:16 - 000000000 ____D C:\WINDOWS\Setup
2023-04-29 08:57 - 2023-05-24 13:20 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-04-29 08:57 - 2023-05-24 13:20 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-04-29 08:57 - 2023-05-24 13:19 - 000000000 ___RD C:\Program Files (x86)
2023-04-29 08:57 - 2023-05-24 13:19 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-29 08:57 - 2023-05-24 13:19 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-29 08:57 - 2023-05-24 13:18 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-29 08:57 - 2023-05-05 09:02 - 000000000 ____D C:\ProgramData\USOPrivate
2023-04-29 08:57 - 2023-05-05 09:01 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-04-29 08:57 - 2023-05-05 09:00 - 000000000 ____D C:\WINDOWS\appcompat
2023-04-29 08:57 - 2023-05-05 08:45 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-29 08:57 - 2023-05-05 08:45 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-29 08:57 - 2023-05-05 08:44 - 000000000 ____D C:\Program Files\Windows NT
2023-04-29 08:57 - 2023-05-05 00:31 - 000000000 ____D C:\Program Files\Windows Defender
2023-04-29 08:57 - 2023-05-05 00:28 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2023-04-29 08:57 - 2023-05-05 00:27 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-04-29 08:57 - 2023-05-05 00:27 - 000000000 __RHD C:\Users\Public\Libraries
2023-04-29 08:57 - 2023-05-05 00:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-29 08:57 - 2023-05-05 00:27 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-04-29 08:57 - 2023-05-05 00:27 - 000000000 ____D C:\WINDOWS\system32\spool
2023-04-29 08:57 - 2023-05-05 00:27 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-04-29 08:57 - 2023-05-05 00:27 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-04-29 08:57 - 2023-05-05 00:27 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-29 08:57 - 2023-05-05 00:27 - 000000000 ____D C:\WINDOWS\ServiceState
2023-04-29 08:57 - 2023-05-05 00:27 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-04-29 08:57 - 2023-05-05 00:27 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-04-29 08:57 - 2023-05-04 21:05 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-04-29 08:57 - 2023-05-04 21:02 - 000000000 ____D C:\WINDOWS\OCR
2023-04-29 08:57 - 2023-05-04 21:01 - 000000000 ____D C:\WINDOWS\system32\setup
2023-04-29 08:57 - 2023-05-04 21:01 - 000000000 ____D C:\WINDOWS\Globalization
2023-04-29 08:57 - 2023-05-04 21:00 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-04-29 08:57 - 2023-05-04 21:00 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-04-29 08:57 - 2023-05-04 20:59 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-04-29 08:57 - 2023-04-29 16:21 - 000000000 ____D C:\WINDOWS\Containers
2023-04-29 08:57 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-29 08:57 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\SystemApps
2023-04-29 08:57 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-04-29 08:57 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\security
2023-04-29 08:57 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\schemas
2023-04-29 08:57 - 2023-04-29 16:20 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-29 08:57 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2023-04-29 08:57 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2023-04-29 08:57 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2023-04-29 08:57 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2023-04-29 08:57 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2023-04-29 08:57 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2023-04-29 08:57 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2023-04-29 08:57 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2023-04-29 08:57 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2023-04-29 08:57 - 2023-04-29 16:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2023-04-29 08:57 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-04-29 08:57 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-04-29 08:57 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-04-29 08:57 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-04-29 08:57 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\system32\Com
2023-04-29 08:57 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\IME
2023-04-29 08:57 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\Help
2023-04-29 08:57 - 2023-04-29 16:09 - 000000000 ____D C:\WINDOWS\BrowserCore
2023-04-29 08:57 - 2023-04-29 16:09 - 000000000 ____D C:\Program Files\Common Files\System
2023-04-29 08:57 - 2023-04-29 16:09 - 000000000 ____D C:\Program Files (x86)\Windows NT
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\Web
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\system32\winevt
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\system32\ras
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\system32\Pbr
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\SKB
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\Resources
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\Registration
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\PLA
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\Media
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\InputMethod
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\IdentityCRL
2023-04-29 08:57 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ___SD C:\WINDOWS\system32\Nui
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ___SD C:\WINDOWS\system32\lxss
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\WUModels
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\WaaS
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\Vss
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\UUS
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\tracing
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\TAPI
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\Keywords
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\IME
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\icsxml
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\ias
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\DriverState
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\System
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\SchCache
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\rescache
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\Performance
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\ModemLogs
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\L2Schemas
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\Cursors
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\Branding
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Spelling
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\ProgramData\USOShared
2023-04-29 08:57 - 2023-04-29 08:57 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2023-04-29 08:57 - 2023-04-29 08:54 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2023-04-29 08:57 - 2023-04-29 08:54 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2023-04-29 08:57 - 2023-04-29 08:54 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2023-04-29 08:57 - 2023-04-27 12:56 - 000515104 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-04-29 08:54 - 2023-05-24 08:07 - 000000000 ____D C:\WINDOWS\INF
2023-04-29 08:52 - 2023-04-29 08:52 - 000000146 _____ C:\WINDOWS\system32\UevAppMonitor.exe.config
2023-04-29 08:52 - 2023-04-29 08:52 - 000000112 _____ C:\WINDOWS\SysWOW64\MixedRealityRuntime.json
2023-04-29 08:52 - 2023-04-29 08:52 - 000000112 _____ C:\WINDOWS\system32\MixedRealityRuntime.json
2023-04-29 08:51 - 2023-04-29 08:51 - 000046645 _____ C:\WINDOWS\SysWOW64\ctac.json
2023-04-29 08:51 - 2023-04-29 08:51 - 000040448 _____ (Microsoft) C:\WINDOWS\SysWOW64\csrr.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000038400 _____ (Microsoft) C:\WINDOWS\SysWOW64\oflc-nz.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000037888 _____ (Microsoft) C:\WINDOWS\SysWOW64\fpb.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000033280 _____ (Microsoft) C:\WINDOWS\SysWOW64\cero.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000030208 _____ (Microsoft) C:\WINDOWS\SysWOW64\esrb.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000027648 _____ (Microsoft) C:\WINDOWS\SysWOW64\usk.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000027648 _____ (Microsoft) C:\WINDOWS\SysWOW64\cob-au.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi-pt.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000017920 _____ (Microsoft) C:\WINDOWS\SysWOW64\grb.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000014336 _____ (Microsoft) C:\WINDOWS\SysWOW64\djctq.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000013824 _____ (Microsoft) C:\WINDOWS\SysWOW64\pcbp.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000008269 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2023-04-29 08:51 - 2023-04-29 08:51 - 000008269 _____ C:\WINDOWS\system32\ResPriHMImageList
2023-04-29 08:51 - 2023-04-29 08:51 - 000008266 _____ C:\WINDOWS\system32\ResPriUHMImageList
2023-04-29 08:51 - 2023-04-29 08:51 - 000008264 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2023-04-29 08:51 - 2023-04-29 08:51 - 000008240 _____ C:\WINDOWS\system32\ResPriLMImageList
2023-04-29 08:51 - 2023-04-29 08:51 - 000008240 _____ C:\WINDOWS\system32\ResPriImageList
2023-04-29 08:51 - 2023-04-29 08:51 - 000004608 _____ (Microsoft) C:\WINDOWS\SysWOW64\WEB.rs
2023-04-29 08:51 - 2023-04-29 08:51 - 000001820 _____ C:\WINDOWS\SysWOW64\rasctrnm.h
2023-04-29 08:51 - 2023-04-29 08:51 - 000001820 _____ C:\WINDOWS\system32\rasctrnm.h
2023-04-29 08:51 - 2023-04-29 08:51 - 000000670 ___RH C:\WINDOWS\WindowsShell.Manifest
2023-04-29 08:50 - 2023-04-29 08:50 - 000089761 _____ C:\WINDOWS\system32\DiskSnapshot.conf
2023-04-29 08:50 - 2023-04-29 08:50 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\oflc-nz.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\csrr.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000046645 _____ C:\WINDOWS\system32\ctac.json
2023-04-29 08:50 - 2023-04-29 08:50 - 000045056 _____ (Microsoft) C:\WINDOWS\system32\fpb.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\esrb.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\cero.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000038128 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys
2023-04-29 08:50 - 2023-04-29 08:50 - 000036864 _____ (Microsoft) C:\WINDOWS\system32\usk.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000036864 _____ (Microsoft) C:\WINDOWS\system32\cob-au.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi-pt.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\grb.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\pcbp.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\djctq.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000012288 _____ (Microsoft) C:\WINDOWS\system32\WEB.rs
2023-04-29 08:50 - 2023-04-29 08:50 - 000010576 _____ C:\WINDOWS\system32\TransformPPSToWlan.xslt
2023-04-29 08:50 - 2023-04-29 08:50 - 000001688 _____ C:\WINDOWS\system32\TransformPPSToWlanCredentials.xslt
2023-04-29 08:48 - 2023-05-24 08:00 - 104595456 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-04-29 08:48 - 2023-05-17 11:54 - 019136512 _____ C:\WINDOWS\system32\config\SYSTEM
2023-04-29 08:48 - 2023-05-17 11:54 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT
2023-04-29 08:48 - 2023-05-17 11:54 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-04-29 08:48 - 2023-05-17 11:54 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2023-04-29 08:48 - 2023-05-17 11:54 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2023-04-29 08:48 - 2023-05-05 00:31 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-04-29 08:48 - 2023-05-04 21:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-29 08:48 - 2023-05-04 20:59 - 000000000 ____D C:\WINDOWS\servicing
2023-04-29 08:48 - 2023-04-29 09:14 - 000000000 ____D C:\WINDOWS\system32\SMI
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-05-24 13:19 - 2022-02-12 22:28 - 000000000 ____D C:\Users\savio\AppData\Local\Packages
2023-05-24 13:19 - 2022-02-12 22:28 - 000000000 ____D C:\ProgramData\Packages
2023-05-24 13:18 - 2022-10-10 15:45 - 000000000 ____D C:\Users\savio\AppData\Local\Spark Desktop
2023-05-24 13:18 - 2022-02-15 11:13 - 000000000 ____D C:\Users\savio\AppData\Roaming\ClickUp
2023-05-24 13:14 - 2022-02-13 11:03 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-24 13:08 - 2022-02-12 22:43 - 000000000 ____D C:\Users\savio\AppData\Roaming\Slack
2023-05-24 12:57 - 2022-02-12 22:24 - 000000000 ___SD C:\Users\savio\AppData\Roaming\Microsoft\Credentials
2023-05-24 10:16 - 2022-08-29 11:47 - 000000000 ____D C:\Users\savio\AppData\Roaming\Figma
2023-05-24 08:42 - 2022-02-12 22:48 - 000000000 ____D C:\Users\savio\AppData\Roaming\1Password
2023-05-24 08:42 - 2022-02-12 22:48 - 000000000 ____D C:\Users\savio\AppData\Local\1Password
2023-05-24 08:34 - 2022-02-12 22:28 - 000000000 ____D C:\Users\savio\AppData\Local\D3DSCache
2023-05-24 08:16 - 2022-02-13 11:03 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-24 08:15 - 2023-04-10 14:26 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-05-24 08:09 - 2022-02-12 22:29 - 000002399 _____ C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-24 08:09 - 2022-02-12 22:18 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-24 08:06 - 2022-02-13 12:41 - 000000000 ____D C:\Users\savio\AppData\Local\AMD_Common
2023-05-24 08:05 - 2022-02-13 13:51 - 000001438 _____ C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2023-05-24 08:02 - 2022-07-21 22:08 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2023-05-24 08:00 - 2022-09-23 08:44 - 000000000 ____D C:\Users\savio\AppData\Roaming\LGHUB
2023-05-24 08:00 - 2022-09-22 20:42 - 000000000 ____D C:\Users\savio\AppData\Local\LGHUB
2023-05-24 08:00 - 2022-03-02 10:19 - 000000000 ____D C:\ProgramData\Reallusion
2023-05-24 08:00 - 2022-02-12 22:17 - 000012288 ___SH C:\DumpStack.log.tmp
2023-05-17 01:50 - 2022-02-12 22:47 - 000000000 ____D C:\Users\savio\AppData\Roaming\discord
2023-05-17 00:52 - 2022-02-12 22:47 - 000000000 ____D C:\Users\savio\AppData\Local\Discord
2023-05-16 09:11 - 2022-08-29 11:47 - 000000000 ____D C:\Users\savio\AppData\Local\FigmaAgent
2023-05-15 18:07 - 2023-02-03 20:08 - 000000000 ____D C:\Users\savio\AppData\Roaming\UnityHub
2023-05-15 10:45 - 2022-11-15 18:46 - 000001270 _____ C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Figma.lnk
2023-05-15 10:45 - 2022-08-29 11:47 - 000000000 ____D C:\Users\savio\AppData\Local\Figma
2023-05-14 09:46 - 2023-04-06 10:13 - 000001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\AtlasVPN.lnk
2023-05-14 09:46 - 2022-02-17 23:41 - 000000000 ____D C:\ProgramData\Riot Games
2023-05-14 09:46 - 2022-02-13 12:32 - 000001048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk
2023-05-13 21:56 - 2022-10-05 18:22 - 000000000 ____D C:\Users\savio\AppData\Local\Battle.net
2023-05-13 20:59 - 2022-10-28 08:44 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2023-05-13 20:59 - 2022-03-28 15:54 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2023-05-13 20:59 - 2022-02-18 09:49 - 000000944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2023-05-13 16:42 - 2023-01-08 01:14 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2023-05-13 16:26 - 2022-10-05 18:22 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-05-10 12:16 - 2022-02-12 22:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-10 12:14 - 2022-02-12 22:45 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-09 17:35 - 2022-10-08 17:06 - 000079312 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-05-09 17:35 - 2022-10-08 17:06 - 000062968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-05-09 17:35 - 2022-02-19 02:06 - 002794960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-05-09 17:35 - 2022-02-19 02:06 - 000488912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-05-09 17:35 - 2022-02-19 02:06 - 000247248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2023-05-09 17:35 - 2022-02-19 02:06 - 000202192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-05-09 17:35 - 2022-02-19 02:06 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-05-09 17:35 - 2022-02-19 02:06 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-05-09 17:26 - 2022-02-12 22:48 - 000001356 _____ C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2023-05-08 09:37 - 2022-05-09 19:42 - 000000000 ____D C:\Users\savio\AppData\Local\CrashDumps
2023-05-06 14:16 - 2022-02-12 22:28 - 000000000 ____D C:\Users\savio\AppData\Local\AMD
2023-05-05 08:45 - 2022-02-12 22:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-05-05 00:27 - 2023-04-16 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2023-05-05 00:27 - 2023-04-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-05-05 00:27 - 2023-02-06 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2021.3.13f1
2023-05-05 00:27 - 2023-01-08 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2023-05-05 00:27 - 2022-12-15 15:07 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-05-05 00:27 - 2022-10-28 08:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2023-05-05 00:27 - 2022-10-05 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2023-05-05 00:27 - 2022-10-05 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2023-05-05 00:27 - 2022-09-27 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-05-05 00:27 - 2022-09-27 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-05-05 00:27 - 2022-09-15 08:23 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2023-05-05 00:27 - 2022-09-12 11:57 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2023-05-05 00:27 - 2022-08-31 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnScreen Control
2023-05-05 00:27 - 2022-05-02 09:28 - 000000000 ____D C:\WINDOWS\system32\AMD
2023-05-05 00:27 - 2022-04-23 16:30 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\SysWOW64\3082
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\SysWOW64\1055
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\SysWOW64\1049
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\SysWOW64\1046
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\SysWOW64\1045
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\SysWOW64\1040
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\SysWOW64\1036
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\SysWOW64\1029
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\system32\3082
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\system32\1055
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\system32\1049
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\system32\1046
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\system32\1045
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\system32\1040
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\system32\1036
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\system32\1033
2023-05-05 00:27 - 2022-04-18 16:02 - 000000000 ____D C:\WINDOWS\system32\1029
2023-05-05 00:27 - 2022-03-31 15:46 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2023-05-05 00:27 - 2022-03-02 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Character Creator 3
2023-05-05 00:27 - 2022-02-19 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL
2023-05-05 00:27 - 2022-02-19 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2023-05-05 00:27 - 2022-02-17 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-05-05 00:27 - 2022-02-17 23:03 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-05-05 00:27 - 2022-02-13 15:00 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-05-05 00:27 - 2022-02-13 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-05-05 00:27 - 2022-02-13 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SanDisk SSD Toolkit
2023-05-05 00:27 - 2022-02-13 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-05-05 00:27 - 2022-02-13 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2023-05-05 00:27 - 2022-02-12 22:47 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-05-05 00:27 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-05-04 22:32 - 2022-05-03 22:24 - 000001272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-05-04 22:32 - 2022-04-18 16:03 - 000001758 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk
2023-05-04 21:07 - 2023-02-03 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Surfshark
2023-05-04 21:07 - 2022-12-27 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2023-05-04 21:07 - 2022-04-18 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022
2023-05-04 21:07 - 2022-02-13 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-05-04 21:07 - 2022-02-13 00:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2023-05-04 21:06 - 2023-01-08 00:52 - 000000000 ____D C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2023-05-02 22:24 - 2022-02-12 22:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-04-29 00:40 - 2022-02-13 11:03 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-04-27 12:57 - 2023-04-06 13:13 - 002072608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2023-04-27 12:56 - 2023-04-06 13:13 - 000133152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2023-04-27 12:56 - 2023-04-06 13:08 - 000222688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2023-04-27 12:56 - 2022-09-09 03:20 - 000610344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2023-04-27 12:56 - 2022-09-09 03:20 - 000317480 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2023-04-27 12:56 - 2022-09-09 03:20 - 000035880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendrmgr.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2022-04-29 19:58 - 2022-12-19 23:20 - 000000032 _____ () C:\Users\savio\AppData\Roaming\.machineId
2022-05-04 01:33 - 2022-05-04 01:33 - 000007060 _____ () C:\Users\savio\AppData\Roaming\532b7a7a-018f-4cfe-b9e5-4e2933ecc52c.tmp
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Trojan:Script/Woreflint.A!cl in file: C:\Users\name\AppData\Local\Temp\SCFA2EB.tmp |
| administrator, auswertung, bonjour, desktop, email, file, google, homepage, internet, maleware, malwarebytes, microsoft, opera, ordner, prozesse, realtek, registry, scan, server, services.exe, svchost.exe, system, temp, treiber, trojan, trojaner, updates |
Baum-Darstellung