Trojanremover Log Code:
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.5.2982. For information, email support@simplysup.com
[Unregistered version]
Scan started: 18:30:44 15-Feb-2023
Using Database v11131
Operating System: Windows 11 Core [Version 22H2, Build: 10.0.22621.1105]
System up since: 15-Feb-2023 18:00
File System: NTFS
User Account Control is DISABLED
UserData directory: C:\Users\Darkw\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory: C:\Users\Darkw\OneDrive\Dokumente\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files (x86)\Trojan Remover\
Process is elevated
Automatic Daily Updates are enabled
Automatic Program Updates are enabled
Signed Microsoft files will be trusted
************************************************************
18:30:44: ----- Checking Default File Associations -----
No modified default file associations detected
----------
************************************************************
18:30:44: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.
************************************************************
18:30:44: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\explorer.exe
C:\Windows\explorer.exe (verified signer: [Microsoft Windows])
5001152 bytes
Created: 2023-01-19 00:19
Modified: 2023-01-19 00:19
Company: Microsoft Corporation
[17630703E32B738CAB4C195EFB69243C]
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\WINDOWS\System32\Userinit.exe,]
File: C:\Windows\Sysnative\Userinit.exe
C:\Windows\System32\Userinit.exe (verified signer: [Microsoft Windows])
114688 bytes
Created: 2022-05-07 07:19
Modified: 2022-05-07 07:19
Company: Microsoft Corporation
[C0C3F54B6193AB5C5C20701F989B2D85]
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [APSDaemon]
Value Data: ["C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (verified signer: [Apple Inc.])
59720 bytes
Created: 2013-09-13 19:51
Modified: 2013-09-13 19:51
Company: Apple Inc.
[61E4289E91E88C90478D7F4BEB10DCF7]
--------------------
Value Name: [VM_STI]
Value Data: [C:\WINDOWS\VM_STI.exe Philips SPC200NC Webcam]
C:\WINDOWS\VM_STI.exe - [Trusted Microsoft File]
--------------------
Value Name: [VirtualCloneDrive]
Value Data: ["C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (verified signer: [Elaborate Bytes AG])
105280 bytes
Created: 2020-02-23 14:18
Modified: 2020-02-23 14:18
Company: Elaborate Bytes AG
[B3330BC56CCB3F530F623083A5A45119]
--------------------
Value Name: [SDTray]
Value Data: ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (verified signer: [Safer-Networking Limited])
5204968 bytes
Created: 2023-02-15 17:55
Modified: 2021-11-16 14:52
Company: Safer-Networking Ltd.
[67F2A68835A4C31A63C0709DF12AB1D2]
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [OneDriveSetup]
Value Data: [C:\Windows\System32\OneDriveSetup.exe /thfirstsetup]
C:\Windows\Sysnative\OneDriveSetup.exe - [Trusted Microsoft File]
--------------------
Value Name: [HP ENVY 4520 series (NET)]
Value Data: ["C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH6BU4K2GN0660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1]
C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe (verified signer: [Hewlett Packard])
3770504 bytes
Created: 2017-04-06 23:40
Modified: 2017-04-06 23:40
Company: HP Inc.
[C4AEE7B1159C24762F9D137C392AEEE3]
--------------------
Value Name: [Gyazo]
Value Data: [C:\Program Files (x86)\Gyazo\GyStation.exe]
C:\Program Files (x86)\Gyazo\GyStation.exe (verified signer: [Nota,Inc.])
917200 bytes
Created: 2020-11-26 17:31
Modified: 2020-11-17 01:28
Company: Nota Inc.
[65BC7C2E86DB59DBD4F36BEA9B3FBAEF]
--------------------
Value Name: [Discord]
Value Data: [C:\Users\Darkw\AppData\Local\Discord\Update.exe --processStart Discord.exe]
C:\Users\Darkw\AppData\Local\Discord\Update.exe (verified signer: [Discord Inc.])
1512608 bytes
Created: 2021-12-27 23:05
Modified: 2021-09-21 19:16
Company: GitHub
[E039F56DC6315942BC3E3D9AD4D586E7]
--------------------
Value Name: [Opera GX Browser Assistant]
Value Data: [C:\Users\Darkw\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe]
C:\Users\Darkw\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (verified signer: [Opera Software AS])
3291288 bytes
Created: 2022-11-29 14:25
Modified: 2021-02-01 17:18
Company: Opera Software
[28A21AFB4BDC543B4B0309BB78B8BA4A]
--------------------
Value Name: [AMDNoiseSuppression]
Value Data: ["C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe"]
C:\Windows\System32\AMD\ANR\AMDNoiseSuppression.exe
C:\Windows\System32\AMD\ANR\AMDNoiseSuppression.exe - [file not found to scan]
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
************************************************************
18:30:48: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [SecurityHealth]
Value Data: [%windir%\system32\SecurityHealthSystray.exe]
C:\Windows\Sysnative\SecurityHealthSystray.exe - [Trusted Microsoft File]
--------------------
Value Name: [RtkAudUService]
Value Data: ["C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe" -background]
C:\Windows\Sysnative\DriverStore\FileRepository\realtekservice.inf_amd64_719a4f3eb3c3c65a\RtkAudUService64.exe - [Trusted Microsoft File]
--------------------
Value Name: [Ashampoo WinOptimizer Live-Tuner2]
Value Data: ["C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 17\LiveTuner2.exe" -TRAY]
C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 17\LiveTuner2.exe (verified signer: [Ashampoo GmbH & Co. KG])
4752264 bytes
Created: 2021-05-18 18:57
Modified: 2020-07-17 14:18
[B104DA838D7532FF4675C2643AD495CC]
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
************************************************************
18:30:49: Scanning ----- ShellExecuteHooks -----
No ShellExecuteHook entries found to scan
************************************************************
18:30:49: Scanning ----- 64-Bit ShellExecuteHooks -----
No 64-Bit ShellExecuteHook entries found to scan
************************************************************
18:30:49: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------
No Hidden File-loading x64 Registry Entries found
----------
************************************************************
18:30:49: Scanning -----ACTIVE SCREENSAVER-----
No active ScreenSaver found to scan.
************************************************************
18:30:49: Scanning ----- Registry Active Setup Keys -----
************************************************************
18:30:50: Scanning ----- 64-Bit Registry Active Setup Keys -----
Key: {8A69D345-D564-463c-AFF1-A69D9E530F96}
Path: "C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable
C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe (verified signer: [Google LLC])
4956952 bytes
Created: 2023-01-27 02:50
Modified: 2023-01-27 02:50
Company: Google LLC
[B42B8AC29EE0A9C3401AC4E7E186282D]
----------
************************************************************
18:30:50: Scanning ----- SERVICEDLL REGISTRY KEYS -----
************************************************************
18:30:58: Scanning ----- SERVICES REGISTRY KEYS -----
Key: 432201D3
ImagePath: system32\drivers\432201D3.sys
Service Display Name: 432201D3
Service Start Type: Boot
C:\Windows\System32\drivers\432201D3.sys (verified signer: [Malwarebytes Corporation])
255928 bytes
Created: 2020-09-06 09:24
Modified: 2020-09-14 22:55
Company: Malwarebytes
[BDFA7A13CC73B180BBDF1ABA280E1CF7]
----------
Key: 4636A426
ImagePath: \??\C:\WINDOWS\system32\drivers\4636A426.sys
Service Display Name: 4636A426
Service Start Type: Manual
C:\Windows\System32\drivers\4636A426.sys (verified signer: [Malwarebytes Corporation])
255928 bytes
Created: 2020-11-11 10:28
Modified: 2020-11-11 10:42
Company: Malwarebytes
[BDFA7A13CC73B180BBDF1ABA280E1CF7]
----------
Key: AMDRyzenMasterDriverV19
ImagePath: \??\C:\WINDOWS\system32\AMDRyzenMasterDriver.sys
Service Display Name: AMDRyzenMasterDriverV19
Service Start Type: Automatic
C:\Windows\System32\AMDRyzenMasterDriver.sys (verified signer: [Advanced Micro Devices INC.])
43336 bytes
Created: 2022-11-30 13:43
Modified: 2022-11-30 13:43
Company: Advanced Micro Devices
[AE100E65F6DCC77479666CDBF276040D]
----------
Key: AUEPLauncher
ImagePath: "C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe"
Service Display Name: AMD User Experience Program Data Uploader
Service Start Type: Automatic
C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe (verified signer: [Advanced Micro Devices Inc.])
Company: AMD
[E8DFE5C9E0B0390C9BCE8F8A4B2ABF25]
----------
Key: BEService
ImagePath: "C:\Program Files (x86)\Common Files\BattlEye\BEService.exe"
Service Display Name: BattlEye Service
Service Start Type: Disabled
C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (verified signer: [BattlEye Innovations e.K.])
5708808 bytes
Created: 2018-06-14 07:19
Modified: 2018-06-11 17:47
[B2E699AD20FBA9F8E1CA9DB8E641F940]
----------
Key: Bonjour Service
ImagePath: "C:\Program Files\Bonjour\mDNSResponder.exe"
Service Display Name: Dienst "Bonjour"
Service Start Type: Automatic
C:\Program Files\Bonjour\mDNSResponder.exe (verified signer: [Apple Inc.])
462184 bytes
Created: 2011-08-31 00:05
Modified: 2011-08-31 00:05
Company: Apple Inc.
[EBBCD5DFBB1DE70E8F4AF8FA59E401FD]
----------
Key: BthA2dp
ImagePath: \SystemRoot\System32\drivers\BthA2dp.sys
Service Display Name: @microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver
Service Start Type: Manual
C:\Windows\System32\drivers\BthA2dp.sys
532480 bytes
Created: 2022-09-28 20:40
Modified: 2022-09-28 20:40
Company: Microsoft Corporation
[4974081AA3E55017B2267FA507229786]
----------
Key: BthHFEnum
ImagePath: \SystemRoot\System32\drivers\bthhfenum.sys
Service Display Name: @microsoft_bluetooth_hfp.inf,%BTHHFENUM_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free-Profiltreiber
Service Start Type: Manual
C:\Windows\System32\drivers\bthhfenum.sys
184320 bytes
Created: 2022-09-28 20:40
Modified: 2022-09-28 20:40
Company: Microsoft Corporation
[4695640D672C9B082F1D14F2CF4236BF]
----------
Key: BTHMODEM
ImagePath: \SystemRoot\System32\drivers\bthmodem.sys
Service Display Name: @mdmbtmdm.inf,%BthModem.DisplayName%;Bluetooth Modem Communications Driver
Service Start Type: Manual
C:\Windows\System32\drivers\bthmodem.sys
106496 bytes
Created: 2022-05-07 07:19
Modified: 2022-05-07 07:19
Company: Microsoft Corporation
[2BE02EF23D28664A2C633B6D4D548BE6]
----------
Key: DfSdkS
ImagePath: "C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 17\DfsdkS.exe"
Service Display Name: Defragmentation-Service
Service Start Type: Manual
C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 17\DfsdkS.exe
406016 bytes
Created: 2021-05-18 18:57
Modified: 2020-07-17 14:12
Company: mst software GmbH, Germany
[92AE26F2CAF4A67E24A0BA6DDF32CC3C]
----------
Key: dtlitescsibus
ImagePath: \SystemRoot\System32\drivers\dtlitescsibus.sys
Service Display Name: DAEMON Tools Lite Virtual SCSI Bus
Service Start Type: Manual
C:\Windows\System32\drivers\dtlitescsibus.sys (verified signer: [Disc Soft Ltd])
30264 bytes
Created: 2016-05-20 11:01
Modified: 2016-05-20 11:02
Company: Disc Soft Ltd
[679FF716052109392D870F6A6C4A3535]
----------
Key: dtliteusbbus
ImagePath: \SystemRoot\System32\drivers\dtliteusbbus.sys
Service Display Name: DAEMON Tools Lite Virtual USB Bus
Service Start Type: Manual
C:\Windows\System32\drivers\dtliteusbbus.sys (verified signer: [Disc Soft Ltd])
47672 bytes
Created: 2016-05-20 11:02
Modified: 2016-05-20 11:02
Company: Disc Soft Ltd
[E23FDD696839A4790682CA66C48D3F2F]
----------
Key: EasyAntiCheat
ImagePath: "C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe"
Service Display Name: EasyAntiCheat
Service Start Type: Disabled
C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (verified signer: [EasyAntiCheat Oy])
803952 bytes
Created: 2019-03-18 09:56
Modified: 2019-09-06 04:58
Company: EasyAntiCheat Ltd
[6435A2F400DF67B802CC6350EDF76E09]
----------
Key: EpicOnlineServices
ImagePath: "C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe"
Service Display Name: Epic Online Services
Service Start Type: Manual
C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (verified signer: [Epic Games Inc.])
926176 bytes
Created: 2021-06-29 16:42
Modified: 2021-03-16 16:22
Company: Epic Games, Inc.
[D6819EA41722241D257985D18667E3D9]
----------
Key: FirebirdGuardianDefaultInstance
ImagePath: "C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe" -s DefaultInstance
Service Display Name: Firebird Guardian - DefaultInstance
Service Start Type: Automatic
C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
98304 bytes
Created: 2021-12-15 19:43
Modified: 2016-06-30 15:40
Company: Firebird Project
[867FDB22F49D67EDD3E8B46C4091AE8A]
----------
Key: FirebirdServerDefaultInstance
ImagePath: "C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance
Service Display Name: Firebird Server - DefaultInstance
Service Start Type: Manual
C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
3825664 bytes
Created: 2021-12-15 19:43
Modified: 2016-06-30 15:40
Company: Firebird Project
[4F6CB0331D59C29669A0C5B13CCBBB14]
----------
Key: FLEXnet Licensing Service
ImagePath: "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
Service Display Name: FLEXnet Licensing Service
Service Start Type: Disabled
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (verified signer: [Acresso Software Inc.])
1045256 bytes
Created: 2017-10-04 00:12
Modified: 2017-10-04 00:12
Company: Acresso Software Inc.
[8669BE94F63944E4F899C3950B520241]
----------
Key: GameforgeClientService
ImagePath: "C:\Program Files (x86)\GameforgeClient\gfservice.exe"
Service Display Name: Gameforge Client Service
Service Start Type: Manual
C:\Program Files (x86)\GameforgeClient\gfservice.exe (verified signer: [Gameforge 4D GmbH])
633504 bytes
Created: 2022-10-17 18:17
Modified: 2022-04-07 10:47
[B7E1B1829C6F6A9A80109FD1953FB3F4]
----------
Key: GoogleChromeElevationService
ImagePath: "C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe"
Service Display Name: Google Chrome Elevation Service (GoogleChromeElevationService)
Service Start Type: Manual
C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe (verified signer: [Google LLC])
1725720 bytes
Created: 2023-01-27 02:50
Modified: 2023-01-24 00:57
Company: Google LLC
[65E23E116FD6AC67CFEA7AD0CEE03640]
----------
Key: gupdate
ImagePath: "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
Service Display Name: Google Update-Dienst (gupdate)
Service Start Type: Automatic
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (verified signer: [Google LLC])
156232 bytes
Created: 2021-09-28 10:22
Modified: 2021-09-28 10:22
Company: Google LLC
[5A25AEBDD889EFDA40F2A57297A32422]
----------
Key: gupdatem
ImagePath: "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
Service Display Name: Google Update-Dienst (gupdatem)
Service Start Type: Manual
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (verified signer: [Google LLC])
156232 bytes
Created: 2021-09-28 10:22
Modified: 2021-09-28 10:22
Company: Google LLC
[5A25AEBDD889EFDA40F2A57297A32422]
----------
Key: LiveTuner2PM
ImagePath: \??\C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 17\LiveTuner64.sys
Service Display Name: Ashampoo LiveTuner 2 Driver
Service Start Type: Automatic
C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 17\LiveTuner64.sys (verified signer: [Ashampoo GmbH & Co. KG])
24432 bytes
Created: 2021-05-18 18:57
Modified: 2020-07-17 14:13
[A3ED0B6A711F40CAE27146E7EC10AED7]
----------
Key: MozillaMaintenance
ImagePath: "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
Service Display Name: Mozilla Maintenance Service
Service Start Type: Disabled
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (verified signer: [Mozilla Corporation])
247200 bytes
Created: 2020-08-17 12:12
Modified: 2023-01-25 15:06
Company: Mozilla Foundation
[28D8BA505A97DE208FAB2E6D555004B6]
----------
Key: MySQL
ImagePath: "C:\Program Files\MariaDB 10.3\bin\mysqld.exe" "--defaults-file=C:\Program Files\MariaDB 10.3\data\my.ini" "MySQL"
Service Display Name: MySQL
Service Start Type: Disabled
C:\Program Files\MariaDB 10.3\bin\mysqld.exe (verified signer: [MariaDB Corporation Ab])
15813032 bytes
Created: 2019-04-01 14:25
Modified: 2019-04-01 14:25
[C07FBC663D67DED2C7BC645C8938B7DD]
----------
Key: Neo_VPN
ImagePath: \SystemRoot\System32\drivers\Neo_VPN.sys
Service Display Name: @oem6.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN
Service Start Type: Manual
C:\Windows\System32\drivers\Neo_VPN.sys (verified signer: [SoftEther K.K.])
28768 bytes
Created: 2019-05-31 02:52
Modified: 2019-05-31 02:52
Company: SoftEther VPN Project at University of Tsukuba, Japan.
[AFBF859B49F12B67630829DE7433D75F]
----------
Key: Neo_VPN2
ImagePath: \SystemRoot\System32\drivers\Neo_VPN2.sys
Service Display Name: VPN Client Device Driver - VPN2
Service Start Type: Manual
C:\Windows\System32\drivers\Neo_VPN2.sys (verified signer: [SoftEther K.K.])
28768 bytes
Created: 2019-05-31 02:57
Modified: 2019-05-31 02:57
Company: SoftEther VPN Project at University of Tsukuba, Japan.
[AFBF859B49F12B67630829DE7433D75F]
----------
Key: PGR1394b
ImagePath: \SystemRoot\System32\drivers\HS3dSensor1394.sys
Service Display Name: HS 3d Sensor IEEE 1394 Bus host controllers
Service Start Type: Manual
C:\Windows\System32\drivers\HS3dSensor1394.sys
72704 bytes
Created: 2008-02-19 07:09
Modified: 2008-02-19 07:09
Company: Point Grey Research
[6FC9CDA0B608DFDA41E42D2E9C7D7874]
----------
Key: ProtonVPN Service
ImagePath: "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe"
Service Display Name: ProtonVPN Service
Service Start Type: Manual
C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe (verified signer: [Proton Technologies AG])
108792 bytes
Created: 2021-05-05 13:15
Modified: 2021-05-05 13:15
[DBC6057791FCE36FFDFC56878ED4E798]
----------
Key: ProtonVPN Update Service
ImagePath: "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe"
Service Display Name: ProtonVPN Update Service
Service Start Type: Manual
C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe (verified signer: [Proton Technologies AG])
62712 bytes
Created: 2021-05-05 13:15
Modified: 2021-05-05 13:15
[F7CC272A24CD4B75ACEE2CF4BFD4ED69]
----------
Key: ScpVBus
ImagePath: \SystemRoot\System32\drivers\ScpVBus.sys
Service Display Name: @oem65.inf,%ScpVBus.SVCDESC%;Scp Virtual Bus Driver
Service Start Type: Manual
C:\Windows\System32\drivers\ScpVBus.sys (verified signer: [Bruce James])
39168 bytes
Created: 2013-05-19 08:02
Modified: 2013-05-19 08:02
Company: Scarlet.Crush Productions
[0447065A6E10774EFCECFDD0EB970A79]
----------
Key: SDScannerService
ImagePath: "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
Service Display Name: Spybot-S&D 2 Scanner Service
Service Start Type: Automatic
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (verified signer: [Safer-Networking Limited])
2782080 bytes
Created: 2023-02-15 17:55
Modified: 2021-11-16 14:50
Company: Safer-Networking Ltd.
[D2761381056CE59FA8FAF445F54632EA]
----------
Key: SDUpdateService
ImagePath: "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
Service Display Name: Spybot-S&D 2 Updating Service
Service Start Type: Automatic
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (verified signer: [Safer-Networking Limited])
4605312 bytes
Created: 2023-02-15 17:55
Modified: 2021-11-16 14:50
Company: Safer-Networking Ltd.
[54D121029B6553D74C3E53E060B0B3CF]
----------
Key: SDWSCService
ImagePath: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
Service Display Name: Spybot Security Center Integration Service
Service Start Type: Automatic
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (verified signer: [Safer-Networking Ltd.])
940976 bytes
Created: 2023-02-15 17:55
Modified: 2019-09-04 16:32
Company: Safer-Networking Ltd.
[FCC850AEF12628C2B8F5A8AC370FB4DE]
----------
Key: Steam Client Service
ImagePath: "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
Service Display Name: Steam Client Service
Service Start Type: Manual
C:\Program Files (x86)\Common Files\Steam\SteamService.exe (verified signer: [Valve Corp.])
2663784 bytes
Created: 2021-06-11 21:37
Modified: 2022-09-28 03:58
Company: Valve Corporation
[21F5FE3A96BC977E4D598A8DE8A6C888]
----------
Key: tap0901
ImagePath: \SystemRoot\System32\drivers\tap0901.sys
Service Display Name: TAP-Windows Adapter V9
Service Start Type: Manual
C:\Windows\System32\drivers\tap0901.sys (verified signer: ["OpenVPN Technologies])
27136 bytes
Created: 2016-04-21 11:10
Modified: 2016-04-21 11:10
Company: The OpenVPN Project
[D765F43CBEA72D14C04AF3D2B9C8E54B]
----------
Key: TaskKill
ImagePath: \??\C:\Users\Darkw\AppData\Local\Temp\?????.sys
Service Display Name:
Service Start Type: Boot
C:\Users\Darkw\AppData\Local\Temp\?????.sys
----------
Key: TeamViewer
ImagePath: "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
Service Display Name: TeamViewer
Service Start Type: Automatic
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (verified signer: [TeamViewer Germany GmbH])
12986664 bytes
Created: 2020-09-13 18:00
Modified: 2021-12-17 11:46
Company: TeamViewer Germany GmbH
[13654289C46270544AED9BD829D1969A]
----------
Key: WinSetupMon
ImagePath: system32\DRIVERS\WinSetupMon.sys
Service Display Name: WinSetupMon
Service Start Type: System
C:\Windows\System32\DRIVERS\WinSetupMon.sys
C:\Windows\System32\DRIVERS\WinSetupMon.sys - [file not found to scan]
----------
Key: WO_LiveService2
ImagePath: "C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 17\LiveTunerService.exe"
Service Display Name: Ashampoo LiveTuner 2 Service
Service Start Type: Disabled
C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 17\LiveTunerService.exe (verified signer: [Ashampoo GmbH & Co. KG])
308616 bytes
Created: 2021-05-18 18:57
Modified: 2020-07-17 14:18
[1E741DB1E145327D0F6879D31C0CA5B3]
----------
************************************************************
18:31:24: Scanning ----- ContextMenuHandlers -----
Key: SDECon32
CLSID: {44176360-2BBF-4EC1-93CE-384B8681A0BC}
Path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon32.dll
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon32.dll (verified signer: [Safer-Networking Limited])
447496 bytes
Created: 2023-02-15 17:55
Modified: 2021-12-21 21:11
Company: Safer-Networking Ltd.
[C56A74BEF1E03D620E6CCB5DC59FB2FF]
----------
Key: WinRAR32
CLSID: {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Path: C:\Program Files\WinRAR\rarext32.dll
C:\Program Files\WinRAR\rarext32.dll (verified signer: [win.rar GmbH])
463064 bytes
Created: 2017-06-25 01:05
Modified: 2019-04-27 22:03
Company: Alexander Roshal
[C2D97B8A513E280E3C9EDD0DFA06F75F]
----------
************************************************************
18:31:25: Scanning ----- Folder\ColumnHandlers -----
Key: {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
File: C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll
C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll
445440 bytes
Created: 2019-09-04 01:00
Modified: 2019-09-04 01:00
Company: Apache Software Foundation
[AF17A2B65FFB741514FF80161E06DD28]
----------
************************************************************
18:31:25: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll
C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll (verified signer: [Oracle America, Inc.])
480312 bytes
Created: 2019-11-09 21:38
Modified: 2019-11-09 21:38
Company: Oracle Corporation
[570B34D8B53D5F8ACC5BB13093124061]
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll
C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll (verified signer: [Oracle America, Inc.])
194616 bytes
Created: 2019-11-09 21:38
Modified: 2019-11-09 21:38
Company: Oracle Corporation
[FA0657C86482F1B84CCA6D6AF40E89BB]
----------
************************************************************
18:31:25: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll
C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll (verified signer: [Oracle America, Inc.])
582200 bytes
Created: 2019-11-09 21:40
Modified: 2019-11-09 21:40
Company: Oracle Corporation
[E2B3189DB59C56AE5089B0AF02FF3C5F]
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll
C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll (verified signer: [Oracle America, Inc.])
245304 bytes
Created: 2019-11-09 21:40
Modified: 2019-11-09 21:40
Company: Oracle Corporation
[3E40600D728B3BF318136579F2C4A604]
----------
************************************************************
18:31:25: Scanning ----- ShellServiceObjectDelayLoad Entries -----
************************************************************
18:31:25: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----
************************************************************
18:31:25: Scanning ----- ShellServiceObjects -----
************************************************************
18:31:26: Scanning ----- 64-Bit ShellServiceObjects -----
************************************************************
18:31:28: Scanning ----- SharedTaskScheduler Entries -----
No SharedTaskScheduler entries found to scan
************************************************************
18:31:28: Scanning ----- 64-Bit SharedTaskScheduler Entries -----
No 64-Bit SharedTaskScheduler entries found to scan
************************************************************
18:31:28: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.
************************************************************
18:31:28: Scanning ----- APPINIT_DLLS -----
No AppInit_DLLs value found to check
************************************************************
18:31:28: Scanning ----- 64-Bit APPINIT_DLLS -----
No 64-Bit AppInit_DLLs value found to check
************************************************************
18:31:28: Scanning ----- SECURITY PROVIDER DLLS -----
************************************************************
18:31:28: Scanning ----- CREDENTIAL PROVIDERS -----
************************************************************
18:31:29: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 2022-05-07 07:24
Modified: 2022-05-07 07:22
[7F1698BAB066B764A314A589D338DAAE]
--------------------
************************************************************
18:31:29: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: Darkw
[C:\Users\Darkw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
DeepL auto-start.lnk - links to [C:\Users\Darkw\AppData\Roaming\0install.net\DESKTO~1\stubs\1EAE01~1\AUTO-S~1.EXE]
C:\Users\Darkw\AppData\Roaming\0install.net\DESKTO~1\stubs\1EAE01~1\AUTO-S~1.EXE
114176 bytes
Created: 2022-07-15 02:48
Modified: 2022-07-15 02:48
[1122AA4C7A1DBE71D5850FBBE7B0DEB0]
----------
C:\Users\Darkw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 2017-06-24 16:31
Modified: 2022-09-29 15:56
[7F1698BAB066B764A314A589D338DAAE]
----------
--------------------
************************************************************
18:31:29: Scanning ----- SCHEDULED TASKS -----
Taskname: AMDInstallLauncher
Target: C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe
Parameters: /InstallAUEP
Schedule:
<Task not scheduled>
Next Run Time:
Status: Ready
Creator: Advanced Micro Devices
Comments: AMDInstallLauncher
-----
C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (verified signer: [Advanced Micro Devices Inc.])
954808 bytes
Created: 2022-12-16 21:33
Modified: 2022-11-30 20:19
Company: Advanced Micro Devices, Inc.
[C15D4AADB224911D4F31EC90F31419B8]
----------
Taskname: AMDLinkUpdate
Target: C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe
Parameters: -AMDLinkUpdate
Schedule:
<Task not scheduled>
Next Run Time:
Status: Ready
Creator: Advanced Micro Devices
Comments: AMDLinkUpdate
-----
C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe - file already scanned
----------
Taskname: AMDRyzenMasterSDKTask
Target: "C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe"
Parameters:
Schedule:
<Task not scheduled>
Next Run Time:
Status: Running
Creator: Advanced Micro Devices
Comments: AMDRyzenMasterSDKTask
-----
C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (verified signer: [Advanced Micro Devices Inc.])
183224 bytes
Created: 2022-11-30 14:04
Modified: 2022-11-30 14:04
Company: Advanced Micro Devices, Inc.
[D6954D6D6DCCC4A1B9D4D51F649C1334]
----------
Taskname: GoogleUpdateTaskMachineCore
Target: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Parameters: /c
Schedule:
1. At logon
2. At 00:49:00 every day
Next Run Time: 16.02.2023 00:49:46
Status: Ready
Creator:
Comments: Hält Ihre Google-Software auf dem neuesten Stand. Falls diese Anwendung deaktiviert oder angehalten wird, wird Ihre Google-Software nicht aktualisiert. Das heißt, dass eventuell auftretende Sicherheitslücken nicht behoben und bestimmte Funktionen möglicherweise nicht ausgeführt werden können. Diese Anwendung deinstalliert sich selbst, wenn sie nicht von einer Google-Software verwendet wird.
-----
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (verified signer: [Google LLC])
156232 bytes
Created: 2021-09-28 10:22
Modified: 2021-09-28 10:22
Company: Google LLC
[5A25AEBDD889EFDA40F2A57297A32422]
----------
Taskname: GoogleUpdateTaskMachineUA
Target: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Parameters: /ua /installsource scheduler
Schedule:
At 00:49:00 every day
Next Run Time: 15.02.2023 18:49:46
Status: Ready
Creator:
Comments: Hält Ihre Google-Software auf dem neuesten Stand. Falls diese Anwendung deaktiviert oder angehalten wird, wird Ihre Google-Software nicht aktualisiert. Das heißt, dass eventuell auftretende Sicherheitslücken nicht behoben und bestimmte Funktionen möglicherweise nicht ausgeführt werden können. Diese Anwendung deinstalliert sich selbst, wenn sie nicht von einer Google-Software verwendet wird.
-----
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - file already scanned
----------
Taskname: GyazoUpdateTaskMachine
Target: "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Parameters:
Schedule:
At logon
Next Run Time:
Status: Ready
Creator: SVEN\Darkw
Comments:
-----
C:\Program Files (x86)\Gyazo\GyazoUpdate.exe (verified signer: [Nota,Inc.])
6896800 bytes
Created: 2020-11-26 17:31
Modified: 2020-11-17 01:27
Company: Nota Inc.
[610FFD1BF8CD65D50108753FE411A80D]
----------
Taskname: GyazoUpdateTaskMachineDaily
Target: "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Parameters:
Schedule:
At 17:31:00 every day
Next Run Time: 16.02.2023 17:31:00
Status: Ready
Creator: SVEN\Darkw
Comments:
-----
C:\Program Files (x86)\Gyazo\GyazoUpdate.exe - file already scanned
----------
Taskname: HPCustParticipation HP ENVY 4520 series
Target: "C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe"
Parameters: /UA 15.5
Schedule:
At 12:25:00 on 15.12.2018
Next Run Time: 15.02.2023 19:25:00
Status: Ready
Creator: SVEN\Darkw
Comments:
-----
C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe (verified signer: [Hewlett Packard])
6438536 bytes
Created: 2017-04-06 23:34
Modified: 2017-04-06 23:34
Company: HP Inc.
[BA359CD7D494EB13B0E3213D891BE2FC]
----------
Taskname: Opera GX scheduled assistant Autoupdate 1669728332
Target: C:\Users\Darkw\AppData\Local\Programs\Opera GX\launcher.exe
Parameters: --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Darkw\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Schedule:
1. At 14:25:00 every day
2. At logon
Next Run Time: 16.02.2023 14:25:32
Status: Ready
Creator: SVEN\Darkw
Comments: Keeps Opera Browser Assistant up to date
-----
C:\Users\Darkw\AppData\Local\Programs\Opera GX\launcher.exe (verified signer: [Opera Norway AS])
2542536 bytes
Created: 2022-11-20 14:24
Modified: 2023-02-13 11:34
Company: Opera Software
[43A264370C4B7D8E1CAB1C5FED6D2C64]
----------
Taskname: Opera GX scheduled Autoupdate 1668950681
Target: C:\Users\Darkw\AppData\Local\Programs\Opera GX\launcher.exe
Parameters: --scheduledautoupdate $(Arg0)
Schedule:
1. At 17:53:00 every day
2. At logon
Next Run Time: 16.02.2023 17:53:43
Status: Ready
Creator: SVEN\Darkw
Comments: Hält Opera auf dem neuesten Stand.
-----
C:\Users\Darkw\AppData\Local\Programs\Opera GX\launcher.exe - file already scanned
----------
Taskname: StartAUEP
Target: "C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe"
Parameters:
Schedule:
At logon
Next Run Time:
Status: Running
Creator: WORKGROUP\DESKTOP-THPC04N$
Comments:
-----
C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (verified signer: [Advanced Micro Devices Inc.])
679352 bytes
Created: 2022-11-30 14:07
Modified: 2022-11-30 14:07
Company: AMD
[1526E602F34972D909125D5FF98FA0EE]
----------
Taskname: StartCNBM
Target: "C:\Program Files\AMD\CNext\CNext\cncmd.exe"
Parameters: benchmark
Schedule:
At 00:00:00 on 17.01.2023
Next Run Time:
Status: Ready
Creator: Advanced Micro Devices
Comments:
-----
C:\Program Files\AMD\CNext\CNext\cncmd.exe (verified signer: [Advanced Micro Devices Inc.])
56760 bytes
Created: 2022-11-30 14:12
Modified: 2022-11-30 14:12
Company: Advanced Micro Devices, Inc.
[C8570B5F54D9F78A0DBB3F6C89FA8852]
----------
Taskname: TR_AntiHijack
Target: "C:\Program Files (x86)\Trojan Remover\TRAntiHJ.exe"
Parameters:
Schedule:
At logon
Next Run Time:
Status: Ready
Creator: Simply Super Software
Comments: This task runs the Trojan Remover Anti-Hijack component when a user logs on. This component helps protect against screen locker malware.
-----
C:\Program Files (x86)\Trojan Remover\TRAntiHJ.exe
C:\Program Files (x86)\Trojan Remover\TRAntiHJ.exe - [file not found to scan]
----------
Taskname: TR_FastScan_AtLogon
Target: "C:\Program Files (x86)\Trojan Remover\Trjscan.exe"
Parameters: /boot
Schedule:
At logon
Next Run Time:
Status: Ready
Creator: Simply Super Software
Comments: This task runs the Trojan Remover FastScan when a user logs on. The FastScan scans important system areas to check for malware. The scan is delayed so that the task does not impact on system startup time.
-----
C:\Program Files (x86)\Trojan Remover\Trjscan.exe (verified signer: [Simply Super Software])
6575832 bytes
Created: 2023-02-15 18:26
Modified: 2022-07-05 19:51
Company: Simply Super Software
[4DFD66E0149DECD817CD2B9EA65135A5]
----------
Taskname: TR_FastScan_Daily_Darkw
Target: "C:\Program Files (x86)\Trojan Remover\Trjscan.exe"
Parameters: /silent
Schedule:
At 20:54:00 every day
Next Run Time: 15.02.2023 20:54:00
Status: Ready
Creator: Simply Super Software
Comments: This task launches the Trojan Remover FastScan daily at the given time. The FastScan scans important system areas to check for malware.
-----
C:\Program Files (x86)\Trojan Remover\Trjscan.exe - file already scanned
----------
Taskname: TR_Updater
Target: "C:\Program Files (x86)\Trojan Remover\Trupd.exe"
Parameters: /silent
Schedule:
At 20:39:00 every day
Next Run Time: 15.02.2023 20:39:00
Status: Ready
Creator: Simply Super Software
Comments: This task periodically checks for available program and database updates for Trojan Remover.
-----
C:\Program Files (x86)\Trojan Remover\Trupd.exe (verified signer: [Simply Super Software])
6713560 bytes
Created: 2023-02-15 18:26
Modified: 2022-08-04 18:34
Company: Simply Super Software
[259C6FC84A6095E4A1D4E2242E2CEDA1]
----------
Taskname: \Avast Software\Overseer
Target: C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Parameters: /from_scheduler:1
Schedule:
1. On system startup
2. At 11:27:00 every day
Next Run Time: 16.02.2023 11:27:42
Status: Ready
Creator: Avast Software
Comments: Avast Overseer is a support application that fixes common technical issues with Avast products.
-----
C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (verified signer: [Avast Software s.r.o.])
2295192 bytes
Created: 2023-01-31 11:27
Modified: 2023-01-31 11:27
Company: Avast Software
[DBFF3ADB5D82170229CE12B996984E1E]
----------
Taskname: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser
Target: %SystemRoot%\System32\MbaeParserTask.exe
Parameters:
Schedule:
At event
Next Run Time:
Status: Ready
Creator: $(@%SystemRoot%\system32\MbaeParserTask.exe,-1902)
Comments: $(@%SystemRoot%\system32\MbaeParserTask.exe,-1903)
-----
C:\Windows\System32\MbaeParserTask.exe
C:\Windows\System32\MbaeParserTask.exe - [file not found to scan]
----------
Taskname: \Microsoft\Windows\UpdateOrchestrator\Reboot
Target: %systemroot%\system32\MusNotification.exe
Parameters: RebootDialog
Schedule:
At 16:25:25 on 19.09.2019
Next Run Time:
Status: Ready
Creator:
Comments:
-----
C:\Windows\System32\MusNotification.exe
C:\Windows\System32\MusNotification.exe - [file not found to scan]
----------
Taskname: \Microsoft\Windows\UpdateOrchestrator\Reboot_AC
Target: %systemroot%\system32\MusNotification.exe
Parameters: /RunOnAC RebootDialog
Schedule:
At 02:50:00 on 26.11.2021
Next Run Time:
Status: Disabled
Creator:
Comments:
-----
C:\Windows\System32\MusNotification.exe - file already scanned
----------
Taskname: \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery
Target: %systemroot%\system32\MusNotification.exe
Parameters: /RunOnBattery RebootDialog
Schedule:
At 02:50:00 on 26.11.2021
Next Run Time:
Status: Disabled
Creator:
Comments:
-----
C:\Windows\System32\MusNotification.exe - file already scanned
----------
Taskname: \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display
Target: %systemroot%\system32\MusNotification.exe
Parameters: Display
Schedule:
Custom Trigger
Next Run Time:
Status: Ready
Creator:
Comments:
-----
C:\Windows\System32\MusNotification.exe - file already scanned
----------
Taskname: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker
Target: %systemroot%\system32\MusNotification.exe
Parameters:
Schedule:
1. Custom Trigger
2. At 03:00:00 every day
Next Run Time: 16.02.2023 18:25:27
Status: Ready
Creator: Microsoft Corporation
Comments: Durch diese Aufgabe wird ein Systemneustart im Anschluss an eine Updateinstallation ausgelöst.
-----
C:\Windows\System32\MusNotification.exe - file already scanned
----------
Taskname: \Mozilla\Firefox Background Update 308046B0AF4A39CB
Target: C:\Program Files\Mozilla Firefox\firefox.exe
Parameters: --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Schedule:
At 17:06:27 on 28.08.2022
Next Run Time: 15.02.2023 22:06:27
Status: Ready
Creator: Mozilla
Comments: Die Aufgabe "Hintergrundaktualisierung" sucht nach Updates für Firefox, während Firefox nicht ausgeführt wird. Die Aufgabe wird automatisch von Firefox installiert und erneut installiert, wenn Firefox ausgeführt wird. Um diese Aufgabe zu deaktivieren, passen Sie die Browser-Einstellungen oder die Firefox-Unternehmensrichtlinien-Einstellung "BackgroundAppUpdate" an.
-----
C:\Program Files\Mozilla Firefox\firefox.exe (verified signer: [Mozilla Corporation])
661408 bytes
Created: 2023-01-25 15:06
Modified: 2023-01-25 15:06
Company: Mozilla Corporation
[66A6B001D806D3117BBA41DD55C08DE0]
----------
Taskname: \S-1-5-21-1737221348-3492425996-1968164432-1001\DataSenseLiveTileTask
Target: %SystemRoot%\System32\DataUsageLiveTileTask.exe
Parameters:
Schedule:
At 09:00:00 on 05.08.2015
Next Run Time: 15.02.2023 18:45:00
Status: Disabled
Creator:
Comments:
-----
C:\Windows\System32\DataUsageLiveTileTask.exe
C:\Windows\System32\DataUsageLiveTileTask.exe - [file not found to scan]
----------
Taskname: \Safer-Networking\Spybot - Search and Destroy\Check for updates
Target: "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"
Parameters: /autoupdate /silent /autoclose /background
Schedule:
At logon
Next Run Time:
Status: Ready
Creator: Spybot - Search & Destroy 2
Comments: This task will regularly check for software updates, and install any available updates, to ensure you are well-protected.
-----
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (verified signer: [Safer-Networking Limited])
5363552 bytes
Created: 2023-02-15 17:55
Modified: 2021-11-16 14:52
Company: Safer-Networking Ltd.
[B21FF9BF062CE58ABDF479FE74E3845B]
----------
Taskname: \Safer-Networking\Spybot - Search and Destroy\Refresh immunization
Target: "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"
Parameters: /immunize /silent /autoclose
Schedule:
At 00:30:00 every Donnerstag of every week, starting 15.02.2023
Next Run Time: 16.02.2023 00:30:00
Status: Ready
Creator: Spybot - Search & Destroy 2
Comments: This task will update your immunization, keeping your browsers protected against known malware sites, cookies and more.
-----
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (verified signer: [Safer-Networking Limited])
5629064 bytes
Created: 2023-02-15 17:55
Modified: 2021-11-23 15:28
Company: Safer-Networking Ltd.
[02D72C8A52C214C209C4EC0ADB4F0C09]
----------
Taskname: \Safer-Networking\Spybot - Search and Destroy\Scan the system
Target: "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"
Parameters: /scan /cleanclose
Schedule:
At 00:30:00 on day 1 of month 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, starting 15.02.2023
Next Run Time: 01.03.2023 00:30:00
Status: Ready
Creator: Spybot - Search & Destroy 2
Comments: A full system scan is recommended once per month.
-----
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (verified signer: [Safer-Networking Limited])
6093928 bytes
Created: 2023-02-15 17:55
Modified: 2021-12-20 17:16
Company: Safer-Networking Ltd.
[93395EEE6F370B1793A299CD0C36DC8C]
----------
************************************************************
18:31:39: Scanning ----- ShellIconOverlayIdentifiers -----
************************************************************
18:31:39: Scanning ----- 64-Bit ShellIconOverlayIdentifiers -----
************************************************************
18:31:39: Scanning ----- DEVICE DRIVER ENTRIES -----
************************************************************
18:31:40: Scanning for ----- MALWARE REGISTRY ENTRIES -----
************************************************************
18:31:40: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\Darkw\Downloads\Beautiful Black Wallpapers Abduzeedo Design Inspiration.jpg
C:\Users\Darkw\Downloads\Beautiful Black Wallpapers Abduzeedo Design Inspiration.jpg - [file not found to scan]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Command Processor AutoRuns checks completed.
----------
DNS Server information:
Interface:
NameServers: 172.18.0.26
Interface:
NameServers: 172.18.0.26
Interface:
NameServers: 172.18.0.26
Interface:
NameServers: 10.128.138.1
Interface:
NameServers: 172.18.0.26
Checks for rogue DNS NameServers completed
----------
BootExcute entries:
Unparsed entry: [autocheck autochk *]
-----
BootExecute registry entry checks completed
----------
Additional checks completed
************************************************************
18:31:40: Checking ----- Shortcut Hijacks -----
208 Program Shortcuts checked
************************************************************
18:31:41: Scanning ----- RUNNING PROCESSES -----
C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (verified signer: [Advanced Micro Devices Inc.])
28799928 bytes
Created: 2022-11-30 14:12
Modified: 2022-11-30 14:12
Company: Advanced Micro Devices, Inc.
[F27D09AA2B1EEF39D7934F69F6A79BF6]
--------------------
C:\ProgramData\0install.net\implementations\sha256new_JCCQDCLOYQPYCEPZF325EEMUOXSHGMIFC42HMBHVLBFPWCTZ75KA\DeepL.exe (verified signer: [DeepL SE])
184088 bytes
Created: 2023-01-27 17:18
Modified: 2023-01-17 09:41
Company: DeepL SE
[1A2BE3AA29FC5A8FF2D8B058312E3667]
--------------------
C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe (verified signer: [Advanced Micro Devices Inc.])
509880 bytes
Created: 2022-11-30 14:07
Modified: 2022-11-30 14:07
Company: AMD
[E8DFE5C9E0B0390C9BCE8F8A4B2ABF25]
--------------------
C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (verified signer: [Google LLC])
309720 bytes
Created: 2022-08-30 00:44
Modified: 2022-08-30 00:44
Company: Google LLC
[381C22092074255A291F4C9946A5C28F]
--------------------
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (verified signer: [Safer-Networking Limited])
5473032 bytes
Created: 2023-02-15 17:55
Modified: 2021-11-20 14:23
Company: Safer-Networking Ltd.
[04B2F83ABD4A370C389BF8A7C13FD055]
--------------------
C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (verified signer: [Advanced Micro Devices Inc.])
2280888 bytes
Created: 2022-11-30 14:12
Modified: 2022-11-30 14:12
Company: Advanced Micro Devices, Inc.
[7E2156A2B4DD9CD85D34D6E4F0EE660A]
--------------------
C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (verified signer: [Google LLC])
408536 bytes
Created: 2022-08-30 00:44
Modified: 2022-08-30 00:44
Company: Google LLC
[F1DE10A8B9909A4AF635112C8866D534]
--------------------
C:\Program Files\AMD\CNext\CNext\amdow.exe (verified signer: [Advanced Micro Devices Inc.])
49080 bytes
Created: 2022-11-30 14:12
Modified: 2022-11-30 14:12
Company: Advanced Micro Devices, Inc.
[5DF793D410EE07649D0B71B876497D16]
--------------------
C:\Users\Darkw\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.exe
6656 bytes
Created: 2022-11-21 15:09
Modified: 2022-08-21 03:44
Company: The CefSharp Authors
[ED1CEA45D3C9FADC00B237378164365C]
--------------------
C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe (verified signer: [Advanced Micro Devices Inc.])
627640 bytes
Created: 2022-11-30 14:12
Modified: 2022-11-30 14:12
Company: Advanced Micro Devices, Inc.
[8843968545BF126E7C20ECCD84D63B52]
--------------------
C:\Users\Darkw\AppData\Local\Microsoft\Windows\INetCache\IE\083MFCD8\trjsetup[1].exe (verified signer: [Simply Super Software])
-R- 15441312 bytes
Created: 2023-02-15 18:27
Modified: 2023-02-12 00:47
Company: Simply Super Software
[9EA5BABF6100F16074566AEF293B41FA]
--------------------
C:\Users\Darkw\AppData\Local\Temp\is-CCN9R.tmp\trjsetup[1].tmp (verified signer: [Simply Super Software])
1577000 bytes
Created: 2023-02-15 18:27
Modified: 2023-02-15 18:27
[4AAACBE93EE7AD2D86FE3533068ADE70]
--------------------
C:\Program Files (x86)\Trojan Remover\Rmvtrjan.exe
FileSize: 7536824
[This is a Trojan Remover component]
************************************************************
18:31:47: Checking ----- HOSTS Files -----
No malicious entries were found in the hosts file
No malicious entries were found in the hosts.ics file
************************************************************
18:31:47: Checking ----- BROWSER SETTINGS -----
Loaded Firefox Extensions:
----------
[default-release] Profile:
RT@Multi_Url_Opener.xpi
touch-vpn@anchorfree.com.xpi
uBlock0@raymondhill.net.xpi
{2ce3a649-6013-44c2-b2f4-2684bb1a5dc4}.xpi
{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
--------------------
************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
%11%\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 18:31:47 15-Feb-2023
Total Scan time: 1 mins, 2 secs
************************************************************ |