| |
| |||||||
Log-Analyse und Auswertung: Setup mit Malware/Adware ausgeführt, seitdem ärgerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
06.03.2021, 22:31
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Setup mit Malware/Adware ausgeführt, seitdem ärger Dann jetzt neue FRST-Logs. Und die Logs bitte in CODE-Tags posten.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
06.03.2021, 23:11
| #2 |
 | Setup mit Malware/Adware ausgeführt, seitdem ärger Ach, jetzt verstanden was mit CODE-Tags gemeint war...
__________________ Hier nochmal die Logs: FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
durchgeführt von maxmu (Administrator) auf DESKTOP-U1ME020 (MSI MS-7A72) (06-03-2021 22:33:33)
Gestartet von C:\Users\maxmu\Downloads
Geladene Profile: maxmu
Platform: Windows 10 Pro N Version 20H2 19042.844 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] G:\eigene\Joy2Key\JoyToKey.exe
(Discord Inc. -> Discord Inc.) C:\Users\maxmu\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(Intel Corporation) [Datei ist nicht signiert] C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2008.2.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) F:\TeamSpeak 3 Client\ts3client_win64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve -> Valve Corporation) F:\Steam\steam.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [CL-25-8CAC0CA8-CCA1-4D42-8F0B-795239B0179C] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-25-8CAC0CA8-CCA1-4D42-8F0B-795239B0179C\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-25-8CAC0CA8-CCA1-4D42-8F0B-795239B (Der Dateneintrag hat 7 mehr Zeichen).
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1285238650-2508489159-2508943186-1001\...\Run: [Steam] => F:\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-1285238650-2508489159-2508943186-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-02-28] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1285238650-2508489159-2508943186-1001\...\Run: [] => [X]
HKU\S-1-5-21-1285238650-2508489159-2508943186-1001\...\Run: [Discord] => C:\Users\maxmu\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2155776 2020-11-18] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\89.1.21.73\Installer\chrmstp.exe [2021-03-03] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\maxmu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JoyToKey - Verknüpfung.lnk [2020-10-11]
ShortcutTarget: JoyToKey - Verknüpfung.lnk -> G:\eigene\Joy2Key\JoyToKey.exe () [Datei ist nicht signiert]
GroupPolicy: Beschränkung - Chrome <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1285238650-2508489159-2508943186-1001\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01796D6C-B93D-4CDF-9E31-71910F4C7827} - \sxNuQtyKxCweiX -> Keine Datei <==== ACHTUNG
Task: {0600E263-CCA0-41A2-91D4-3E12C04C4A65} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2020-12-28] () [Datei ist nicht signiert]
Task: {10A871DF-B254-4D9B-8AE6-E4819AC74640} - System32\Tasks\Opera scheduled Autoupdate 1613430369 => C:\Users\maxmu\AppData\Local\Programs\Opera\launcher.exe
Task: {1A589560-5E59-4E14-A3A9-ECBBBEF2EBBE} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {26A9E7E0-24A0-48FF-B9DC-B465720BBB1C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {2E4086B5-062A-4F1F-97D1-2275ADFDD97D} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {3ECF97C8-9BFE-40DB-B625-1912366954B8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {456D011C-3FF5-4771-A12A-4BB5D504A212} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4DCD5574-F049-4F5C-8ECA-8FE3F74B7D73} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51FFCCEB-4E2A-4585-887A-E96EB821AF24} - \Online Application V2G6 -> Keine Datei <==== ACHTUNG
Task: {66694BF9-36F1-43D2-BCFB-89B041FD96AF} - \Online Application V2G2 -> Keine Datei <==== ACHTUNG
Task: {6DDC3A3D-5343-43F6-B520-15CFB9CD5123} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2021-01-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {6DE9C9DA-80D2-4FF5-A631-D8FB58A4DEB0} - \Online Application V2G1 -> Keine Datei <==== ACHTUNG
Task: {72C770AB-951F-4DA0-98A2-635F2AE71735} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {771C72C9-3BAB-41D4-834C-8BBBE3C9DD6A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {898E400F-3D86-483A-A816-EC94F7402013} - System32\Tasks\Opera scheduled assistant Autoupdate 1613430372 => C:\Users\maxmu\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\maxmu\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {91AF2A88-50C0-4100-B6CF-67A4290B9C5D} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2021-01-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {9560DCB0-F4C5-4D99-9DB0-98CBCF3F0C28} - \Online Application V2G4 -> Keine Datei <==== ACHTUNG
Task: {96BB6D4C-2A4A-406E-9BDB-DDFFD0F7A93B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E1D8C39-8E7E-4807-A35C-3EB8FCE5C1C6} - \Online Application V2G5 -> Keine Datei <==== ACHTUNG
Task: {A2D5E3E3-1BEC-47D4-AB37-2168619B3B20} - \foRxJhaSiRLFlotwi2 -> Keine Datei <==== ACHTUNG
Task: {AC58831E-2911-4560-AA8E-3925E1E3EBFA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AD3C51AD-1E62-4C29-ABBB-2048C15D27C4} - System32\Tasks\AdvancedWindowsManager => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe <==== ACHTUNG
Task: {B99DD9FC-D6C4-44D5-B7E0-002DF76AFC67} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C26AD3F8-C4E9-44C2-8CD7-BB8C19A54EF2} - System32\Tasks\BlueStacksHelper => F:\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {D31F9039-27E7-4398-BAFF-C8287856153E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5E20DB2-5DE5-4C84-A8F7-93B25ABE4CBB} - \AdvancedUpdater -> Keine Datei <==== ACHTUNG
Task: {DBBF953A-F763-4371-A4EA-422633E4DDA9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DCC306A4-90D3-4992-B06F-FF46EC96EE02} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E4C97813-A4FB-4958-A7F3-243F32EB735E} - \cFaOQYcgobtaOeT2 -> Keine Datei <==== ACHTUNG
Task: {E52C6C8E-76DF-4AFD-AAA2-3ED520995DD1} - \bjbqAKuaejjlSkahcCA2 -> Keine Datei <==== ACHTUNG
Task: {EADC7397-78D9-4D30-BBD7-F33A6C5BBADF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F33D9278-CA6B-4F91-B3A6-56EE2A3F084E} - \Online Application V2G3 -> Keine Datei <==== ACHTUNG
Task: {F5B91BD4-65D8-40AA-A3C2-F7D37B5AF475} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-1285238650-2508489159-2508943186-1001] => 127.0.0.1:8003
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{13c725e3-6b0c-4aa9-a298-5826bb7b58b6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{fe6f053c-8f0a-46d1-99a6-9b909d10ed76}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge Profile: C:\Users\maxmu\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-05]
Edge HKLM-x32\...\Edge\Extension: [eofogjfkadmolbbmnlbohhbkhbodcjjm]
FireFox:
========
FF DefaultProfile: s9zweamk.default
FF ProfilePath: C:\Users\maxmu\AppData\Roaming\Mozilla\Firefox\Profiles\da36qskg.default-release-1 [2021-03-06]
FF NewTab: Mozilla\Firefox\Profiles\da36qskg.default-release-1 -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT170603&iDate=2020-11-01 12:51:09&bName=&bitmask=0600
FF Extension: (Facebook Container) - C:\Users\maxmu\AppData\Roaming\Mozilla\Firefox\Profiles\da36qskg.default-release-1\Extensions\@contain-facebook.xpi [2020-09-29]
FF Extension: (AdBlocker Ultimate) - C:\Users\maxmu\AppData\Roaming\Mozilla\Firefox\Profiles\da36qskg.default-release-1\Extensions\adblockultimate@adblockultimate.net.xpi [2020-12-08]
FF Extension: (Privacy Badger) - C:\Users\maxmu\AppData\Roaming\Mozilla\Firefox\Profiles\da36qskg.default-release-1\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-02-17]
FF Extension: (AdBlocker for YouTube™) - C:\Users\maxmu\AppData\Roaming\Mozilla\Firefox\Profiles\da36qskg.default-release-1\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2020-11-24]
FF Extension: (NordVPN #1 VPN Extension: Get VPN for Firefox) - C:\Users\maxmu\AppData\Roaming\Mozilla\Firefox\Profiles\da36qskg.default-release-1\Extensions\nordvpnproxy@nordvpn.com.xpi [2021-02-10]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\maxmu\AppData\Roaming\Mozilla\Firefox\Profiles\da36qskg.default-release-1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Extension: (Talkie: text-to-speech, many languages!) - C:\Users\maxmu\AppData\Roaming\Mozilla\Firefox\Profiles\da36qskg.default-release-1\Extensions\{d83c8fb0-e51b-4d74-9c10-90e9610f16ca}.xpi [2021-02-07]
FF ProfilePath: C:\Users\maxmu\AppData\Roaming\Mozilla\Firefox\Profiles\s9zweamk.default [2021-02-18]
FF NewTab: Mozilla\Firefox\Profiles\s9zweamk.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT170603&iDate=2020-11-01 12:51:09&bName=&bitmask=0600
FF ProfilePath: C:\Users\maxmu\AppData\Roaming\Mozilla\Firefox\Profiles\vjzmqtkc.default-release [2021-03-05]
FF Homepage: Mozilla\Firefox\Profiles\vjzmqtkc.default-release -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\vjzmqtkc.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT170603&iDate=2020-11-01 12:51:09&bName=&bitmask=0600
FF Notifications: Mozilla\Firefox\Profiles\vjzmqtkc.default-release -> hxxps://mail-notification.info
FF Extension: (Google Access Offline) - C:\Program Files\Mozilla Firefox\browser\features\{863E9B9E-8224-427A-A759-AEFC837F93A0}.xpi [2021-02-15] [ist nicht signiert]
FF Extension: (Kein Name) - C:\Program Files\Mozilla Firefox\browser\features\{B1AA080D-2527-418B-98DC-21D9A1AE1568}.xpi [2021-02-15] [ist nicht signiert]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-11-18] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-11-18] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-11-18] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-11-18] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-11-18] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-11-18] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1285238650-2508489159-2508943186-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-11-18] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1285238650-2508489159-2508943186-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-11-18] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1285238650-2508489159-2508943186-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-11-18] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\a.js [2021-02-15]
Chrome:
=======
CHR Profile: C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default [2021-02-17]
CHR Extension: (Präsentationen) - C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-20]
CHR Extension: (Docs) - C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-20]
CHR Extension: (Google Drive) - C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-20]
CHR Extension: (YouTube) - C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-20]
CHR Extension: (Tabellen) - C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-20]
CHR Extension: (Bitdefender Wallet) - C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2021-01-18]
CHR Extension: (Google Docs Offline) - C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-20]
CHR Extension: (Google Mail) - C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\maxmu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-20]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-06]
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
BRA Extension: (Adblock für Youtube™) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-01-02]
BRA Extension: (Bitdefender Wallet) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2021-02-20]
BRA Extension: (Bitdefender Anti-Tracker) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-02-20]
BRA Extension: (ClearURLs) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lckanjgmijmafbedllaakclkaicjfmnk [2021-01-02]
BRA Extension: (AdBlocker Ultimate) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2021-01-02]
BRA Extension: (Lunar Reader - Dark Theme & Night Shift Mode) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pifalnbglchfojkfmechjalgbjoodlpg [2021-01-14]
BRA Extension: (Privacy Badger) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2021-02-07]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-01-31]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-05]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2021-01-02]
BRA Extension: (Brave User Model Installer) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\eclclcmhpefndfimkgjknaenojpdffjp [2021-03-04]
BRA Extension: (Brave Ad Block Updater (EasyList Germany)) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\faknfgalcghekhfggcdikddilkpjbonh [2021-03-05]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-01-01]
BRA Extension: (Brave NTP sponsored images) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2021-03-05]
BRA Extension: (Crypto Wallets) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2021-02-09]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\maxmu\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2021-01-01] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2021-01-01] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 DialogBlockingService; C:\Windows\System32\DialogBlockingService.dll [76288 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-03-05] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_13; C:\ProgramData\EQU8\Diabotical\bin\anticheat.x64.equ8.exe [5537984 2021-01-16] (Int3 Software AB -> Int3 Software AB)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-01-31] (Intel Corporation) [Datei ist nicht signiert]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10532256 2021-02-28] (Logitech Inc -> Logitech, Inc.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2533952 2021-02-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3479624 2021-02-24] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [331648 2020-12-09] (Twitch Interactive, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\drivers\droidcamvideo.sys [33784 2020-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 EQU8_HELPER_13; C:\Windows\system32\DRIVERS\EQU8_HELPER_13.sys [38032 2021-02-02] (Int3 Software AB -> )
S3 fiddrv64; kein ImagePath
R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [25448 2021-02-28] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [38136 2020-08-07] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [26672 2020-08-07] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66808 2020-08-07] (Logitech Inc -> Logitech)
S3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [50152 2017-10-18] (Intel(R) INTELND1617 -> Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; kein ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-03-06 22:06 - 2021-03-06 22:06 - 000392988 _____ C:\ProgramData\cl.uninstall.1615064718.bdinstall.v2.bin
2021-03-06 22:06 - 2021-03-06 22:06 - 000074316 _____ C:\ProgramData\agent.uninstall.1615064779.bdinstall.v2.bin
2021-03-06 19:38 - 2021-03-06 19:38 - 001251046 _____ C:\Users\maxmu\Downloads\DiRT4_DigMan_PC_UKV_v1.pdf
2021-03-06 18:53 - 2021-03-06 18:53 - 000237552 _____ C:\Windows\ntbtlog.txt
2021-03-06 18:21 - 2021-03-06 18:21 - 002084016 _____ (Malwarebytes) C:\Users\maxmu\Downloads\MBSetup.exe
2021-03-06 18:10 - 2021-03-06 18:42 - 000057276 _____ C:\Users\maxmu\Downloads\Addition.txt
2021-03-06 18:08 - 2021-03-06 22:34 - 000031622 _____ C:\Users\maxmu\Downloads\FRST.txt
2021-03-06 18:06 - 2021-03-06 22:33 - 000000000 ____D C:\FRST
2021-03-06 14:53 - 2021-03-06 14:53 - 000480256 _____ C:\Windows\system32\AssignedAccessCsp.dll
2021-03-06 14:52 - 2021-03-06 14:52 - 001822272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-03-06 14:52 - 2021-03-06 14:52 - 001394024 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-03-06 14:52 - 2021-03-06 14:52 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-03-06 14:52 - 2021-03-06 14:52 - 000231248 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-03-06 14:52 - 2021-03-06 14:52 - 000091136 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-03-06 14:52 - 2021-03-06 14:52 - 000011002 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-03-06 14:12 - 2021-03-06 14:14 - 005349304 _____ (Intel) C:\Users\maxmu\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2021-03-06 13:59 - 2021-03-06 13:59 - 019365976 _____ (Intel Corporation) C:\Users\maxmu\Downloads\Intel(R) Processor Identification Utility.exe
2021-03-06 13:59 - 2021-03-06 13:59 - 000000000 ____D C:\Program Files (x86)\Intel Corporation
2021-03-06 13:50 - 2021-03-06 13:50 - 022172504 _____ (Intel Corporation) C:\Users\maxmu\Downloads\XTUSetup.exe
2021-03-06 12:21 - 2021-03-06 12:21 - 002301440 _____ (Farbar) C:\Users\maxmu\Downloads\FRST64.exe
2021-03-06 12:09 - 2021-03-06 12:09 - 000024850 _____ C:\Users\maxmu\Downloads\INV-159921.pdf
2021-03-06 12:03 - 2021-03-06 12:03 - 000231569 _____ C:\Users\maxmu\Downloads\invoice.pdf
2021-03-06 11:51 - 2021-03-06 11:51 - 000024037 _____ C:\Users\maxmu\Downloads\591109.pdf
2021-03-06 11:11 - 2021-03-06 11:11 - 021305104 _____ (TEFINCOM S.A. ) C:\Users\maxmu\Downloads\NordVPNSetup.exe
2021-03-05 21:00 - 2021-03-05 21:00 - 000000000 ___RD C:\Users\maxmu\Documents\Ubisoft
2021-03-05 19:53 - 2021-02-18 06:39 - 000454574 ____R C:\Windows\system32\Drivers\etc\hosts.20210305-195355.backup
2021-03-05 18:52 - 2021-03-05 18:52 - 000000000 ____D C:\Users\maxmu\AppData\Local\Safer-Networking Ltd
2021-03-05 18:51 - 2021-03-05 18:51 - 000000000 ____D C:\Safer-Networking Ltd
2021-03-05 18:50 - 2021-03-05 18:50 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\maxmu\Downloads\spybotsd-2.8.68.0.exe
2021-03-05 18:49 - 2021-03-05 18:49 - 008463216 _____ (Malwarebytes) C:\Users\maxmu\Downloads\adwcleaner_8.1.exe
2021-03-05 18:46 - 2021-03-05 21:00 - 000000000 ____D C:\Users\maxmu\Documents\Assassin's Creed Syndicate
2021-03-05 03:23 - 2021-03-06 22:24 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\discord
2021-03-05 03:23 - 2021-03-05 03:23 - 000000000 ____D C:\Users\maxmu\AppData\Local\Discord
2021-03-05 03:17 - 2021-03-05 03:17 - 068822328 _____ (Discord Inc.) C:\Users\maxmu\Downloads\DiscordSetup.exe
2021-02-28 02:56 - 2021-02-28 02:56 - 008463216 _____ (Malwarebytes) C:\Users\maxmu\Downloads\adwcleaner_8.1(1).exe
2021-02-28 02:44 - 2021-02-28 02:44 - 000022832 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_576773433255.dll
2021-02-28 02:42 - 2021-02-28 02:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-02-28 02:42 - 2021-02-28 02:42 - 000000000 ____D C:\Program Files\LGHUB
2021-02-28 02:35 - 2021-02-28 02:35 - 000022832 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_722540741790.dll
2021-02-28 02:27 - 2021-02-28 02:27 - 000022832 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_193283859510794.dll
2021-02-27 23:29 - 2021-02-27 23:29 - 000012281 _____ C:\Users\maxmu\Downloads\CustomDSRTool.zip
2021-02-27 23:13 - 2021-02-27 23:30 - 000000000 ____D C:\Users\maxmu\Downloads\nvidiaProfileInspector
2021-02-27 21:03 - 2021-03-06 20:15 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\EasyAntiCheat
2021-02-27 21:03 - 2021-02-27 21:03 - 000000000 ____D C:\Users\maxmu\AppData\Local\Madness
2021-02-27 21:03 - 2021-02-27 21:03 - 000000000 ____D C:\Users\maxmu\AppData\Local\CrashReportClient
2021-02-27 16:39 - 2021-02-27 16:39 - 000891560 _____ (Spotify Ltd) C:\Users\maxmu\Downloads\SpotifySetup.exe
2021-02-27 10:23 - 2021-02-27 10:23 - 002508440 _____ (Sysinternals - www.sysinternals.com) C:\Users\maxmu\Downloads\procexp.exe
2021-02-27 02:22 - 2021-02-27 02:22 - 000000000 ____D C:\Users\maxmu\AppData\LocalLow\RageSquid
2021-02-26 14:00 - 2021-02-24 13:01 - 001855208 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-02-26 14:00 - 2021-02-24 13:01 - 001855208 _____ C:\Windows\system32\vulkaninfo.exe
2021-02-26 14:00 - 2021-02-24 13:01 - 001452336 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-02-26 14:00 - 2021-02-24 13:01 - 001435880 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-26 14:00 - 2021-02-24 13:01 - 001435880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-02-26 14:00 - 2021-02-24 13:01 - 001191728 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-02-26 14:00 - 2021-02-24 13:01 - 001094888 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-02-26 14:00 - 2021-02-24 13:01 - 001094888 _____ C:\Windows\system32\vulkan-1.dll
2021-02-26 14:00 - 2021-02-24 13:01 - 000948968 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-26 14:00 - 2021-02-24 13:01 - 000948968 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-02-26 14:00 - 2021-02-24 12:58 - 000678704 _____ C:\Windows\system32\nvofapi64.dll
2021-02-26 14:00 - 2021-02-24 12:58 - 000671504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-02-26 14:00 - 2021-02-24 12:58 - 000612120 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-02-26 14:00 - 2021-02-24 12:58 - 000546096 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-02-26 14:00 - 2021-02-24 12:57 - 002102576 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-02-26 14:00 - 2021-02-24 12:57 - 001587504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-02-26 14:00 - 2021-02-24 12:57 - 001511184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-02-26 14:00 - 2021-02-24 12:57 - 001163544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-02-26 14:00 - 2021-02-24 12:57 - 000811824 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-02-26 14:00 - 2021-02-24 12:57 - 000687896 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-02-26 14:00 - 2021-02-24 12:57 - 000655664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-02-26 14:00 - 2021-02-24 12:57 - 000556816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-02-26 14:00 - 2021-02-24 12:56 - 008260888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-02-26 14:00 - 2021-02-24 12:56 - 007391504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-02-26 14:00 - 2021-02-24 12:56 - 004610352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-02-26 14:00 - 2021-02-24 12:56 - 002729744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-02-26 14:00 - 2021-02-24 12:56 - 000445200 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-02-26 14:00 - 2021-02-24 12:55 - 000848688 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-02-26 14:00 - 2021-02-24 12:54 - 006072896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-02-26 14:00 - 2021-02-24 02:50 - 000084450 _____ C:\Windows\system32\nvinfo.pb
2021-02-26 11:53 - 2021-02-26 11:53 - 000010144 _____ C:\Users\maxmu\AppData\Local\recently-used.xbel
2021-02-26 03:32 - 2021-02-26 03:32 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-02-25 22:28 - 2021-02-25 22:28 - 000000000 ____D C:\Users\maxmu\AppData\Local\AVGame
2021-02-25 16:37 - 2021-02-25 16:37 - 000000000 ____D C:\Users\maxmu\Documents\WB Games
2021-02-25 03:26 - 2021-02-25 03:29 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\MetaQuotes
2021-02-25 03:23 - 2021-02-25 03:23 - 001361168 _____ (MetaQuotes Software Corp.) C:\Users\maxmu\Downloads\mt5setup.exe
2021-02-24 12:10 - 2021-02-24 12:10 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Treexy
2021-02-24 12:10 - 2021-02-24 12:10 - 000000000 ____D C:\Users\maxmu\AppData\Local\Treexy
2021-02-24 12:10 - 2021-02-24 12:10 - 000000000 ____D C:\ProgramData\Treexy
2021-02-24 12:10 - 2021-02-24 12:10 - 000000000 ____D C:\ProgramData\Caphyon
2021-02-20 03:29 - 2021-02-20 03:29 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\NVIDIA
2021-02-20 03:23 - 2020-10-07 13:33 - 000230720 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2021-02-20 03:23 - 2020-10-07 13:33 - 000047232 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2021-02-20 03:21 - 2021-02-20 03:21 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2021-02-20 03:19 - 2021-02-24 12:54 - 007117744 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-02-20 03:19 - 2021-01-23 09:11 - 005637792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-02-20 03:18 - 2021-03-06 22:24 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-20 03:18 - 2021-02-20 03:18 - 000001407 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-02-20 03:16 - 2021-02-20 03:16 - 127203936 _____ (NVIDIA Corporation New) C:\Users\maxmu\Downloads\GeForce_Experience_v3.21.0.36.exe
2021-02-20 03:12 - 2021-02-20 03:12 - 000093644 _____ C:\ProgramData\vpn.uninstall.1613787078.bdinstall.v2.bin
2021-02-20 02:53 - 2021-03-06 18:53 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2021-02-20 02:45 - 2021-02-20 02:45 - 000000000 ____D C:\Windows\pss
2021-02-20 02:39 - 2021-02-20 02:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-19 22:31 - 2021-02-19 22:31 - 000203548 _____ C:\ProgramData\vpn.1613770297.bdinstall.v2.bin
2021-02-19 22:20 - 2021-02-19 22:20 - 000760520 _____ C:\ProgramData\cl.1613768963.bdinstall.v2.bin
2021-02-19 22:20 - 2021-02-19 22:20 - 000102392 _____ C:\ProgramData\cl.kit.1613768575.bdinstall.v2.bin
2021-02-19 22:19 - 2021-03-06 22:07 - 000000085 _____ C:\Windows\wininit.ini
2021-02-19 21:57 - 2021-02-19 21:57 - 000118072 _____ C:\ProgramData\agent.1613768126.bdinstall.v2.bin
2021-02-19 21:52 - 2021-03-06 00:31 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Binance
2021-02-19 21:49 - 2021-02-19 21:49 - 000000865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Binance.lnk
2021-02-19 21:49 - 2021-02-19 21:49 - 000000865 _____ C:\ProgramData\Desktop\Binance.lnk
2021-02-19 21:49 - 2021-02-19 21:49 - 000000000 ____D C:\Users\maxmu\AppData\Local\binance-updater
2021-02-19 21:45 - 2021-02-19 21:47 - 088728600 _____ (BinanceTech) C:\Users\maxmu\Downloads\binance-setup.exe
2021-02-19 15:31 - 2021-02-19 15:31 - 000000000 ____D C:\ProgramData\GeoComply
2021-02-19 12:52 - 2021-02-19 12:52 - 000000000 ____D C:\Users\maxmu\Documents\NeocoreGames
2021-02-19 12:52 - 2021-02-19 12:52 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\GameSparks
2021-02-19 07:55 - 2021-02-19 07:56 - 013568464 _____ C:\Users\maxmu\Downloads\bitdefender_windows_1974626b-2dd7-4625-9c5d-a7302511bb84.exe
2021-02-19 07:54 - 2021-02-19 07:54 - 000001310 _____ C:\ProgramData\Desktop\Driver Sweeper.lnk
2021-02-19 07:54 - 2021-02-19 07:54 - 000000000 ____D C:\Program Files (x86)\Phyxion.net
2021-02-19 03:07 - 2021-02-19 03:07 - 000000292 _____ C:\Users\maxmu\Documents\eset.txt
2021-02-18 21:40 - 2021-02-18 21:40 - 000000000 ____D C:\Users\maxmu\AppData\LocalLow\Funselektor Labs Inc_
2021-02-18 08:57 - 2021-02-18 08:57 - 000099251 _____ C:\Users\maxmu\Downloads\UnitFrames.txt
2021-02-18 08:55 - 2021-02-18 08:55 - 000002344 _____ C:\Users\maxmu\Downloads\autoexec.cfg
2021-02-18 06:53 - 2021-02-18 06:53 - 000000000 ____D C:\Users\maxmu\Documents\ProcAlyzer Dumps
2021-02-18 06:39 - 2021-02-15 22:34 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.20210218-063906.backup
2021-02-18 05:41 - 2021-02-18 05:41 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2021-02-18 05:40 - 2021-03-06 22:08 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-18 05:40 - 2021-03-06 22:07 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-02-17 18:17 - 2021-02-17 18:17 - 003902842 _____ C:\Users\maxmu\Downloads\Nucleus-Paper-v2.pdf
2021-02-17 13:08 - 2021-02-17 13:09 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8
2021-02-17 13:08 - 2021-02-17 13:08 - 000000000 ____D C:\Users\maxmu\AppData\Local\Package Cache
2021-02-17 10:44 - 2021-02-17 10:44 - 000000000 ____D C:\Users\maxmu\AppData\LocalLow\Kubold
2021-02-17 06:49 - 2021-02-17 07:36 - 000000000 ____D C:\Users\maxmu\Downloads\mm
2021-02-17 05:57 - 2021-02-28 15:34 - 000000778 _____ C:\Users\maxmu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-02-17 05:57 - 2021-02-17 05:57 - 015019488 _____ (ESET spol. s r.o.) C:\Users\maxmu\Downloads\esetonlinescanner.exe
2021-02-17 05:57 - 2021-02-17 05:57 - 000000000 ____D C:\Users\maxmu\AppData\Local\ESET
2021-02-17 03:13 - 2021-02-17 03:13 - 030584912 _____ (Piriform Software Ltd) C:\Users\maxmu\Downloads\ccsetup576.exe
2021-02-17 03:13 - 2021-02-17 03:13 - 000000000 ____D C:\Users\maxmu\AppData\Local\mbam
2021-02-17 03:12 - 2021-02-17 03:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-16 14:43 - 2021-02-16 14:43 - 000000000 _____ C:\Windows\system32\last.dump
2021-02-16 14:28 - 2021-02-16 14:28 - 000000000 ___HD C:\$AV_ASW
2021-02-16 05:16 - 2021-02-16 05:16 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2021-02-16 00:06 - 2021-02-19 22:15 - 000003858 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1613430372
2021-02-16 00:06 - 2021-02-19 22:15 - 000003626 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1613430369
2021-02-16 00:06 - 2021-02-16 00:06 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Opera Software
2021-02-16 00:05 - 2021-02-16 00:05 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2021-02-16 00:04 - 2021-02-16 05:20 - 000000000 ____D C:\Program Files (x86)\Avira
2021-02-16 00:04 - 2021-02-16 05:16 - 000000000 ____D C:\ProgramData\Avira
2021-02-16 00:04 - 2021-02-16 00:06 - 000000000 ____D C:\Users\maxmu\AppData\Local\Avira
2021-02-16 00:00 - 2021-02-16 00:00 - 000000000 ____D C:\ProgramData\AdvancedWindowsManager
2021-02-15 23:11 - 2021-02-19 22:12 - 000003084 _____ C:\Windows\system32\Tasks\AdvancedWindowsManager
2021-02-15 23:11 - 2021-02-16 14:28 - 000000000 ____D C:\ProgramData\ClGWwgevwcVtcLVB
2021-02-15 23:11 - 2021-02-15 23:11 - 000004850 __RSH C:\ProgramData\ntuser.pol
2021-02-15 23:09 - 2021-02-15 23:09 - 000000000 ____D C:\Users\maxmu\AppData\Local\BAMBOO
2021-02-15 23:09 - 2020-02-20 13:02 - 000047920 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2021-02-15 23:08 - 2021-02-17 05:40 - 000000000 ____D C:\Users\maxmu\AppData\Local\AdvinstAnalytics
2021-02-15 23:04 - 2021-02-15 23:04 - 000000000 ____D C:\Users\maxmu\AppData\LocalLow\IronGate
2021-02-15 22:44 - 2021-02-15 22:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-02-15 22:44 - 2021-02-15 22:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-02-10 04:43 - 2021-02-10 04:43 - 000000000 ____D C:\Users\maxmu\Documents\MAXON
2021-02-10 04:43 - 2021-02-10 04:43 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Maxon
2021-02-10 04:42 - 2021-02-10 04:42 - 000466684 _____ C:\Users\maxmu\Downloads\ASIO4ALL_2_13_Deutsch.exe
2021-02-10 04:41 - 2021-02-10 04:41 - 000000000 ____D C:\Users\maxmu\Downloads\CinebenchR23
2021-02-10 04:33 - 2021-02-10 04:34 - 261956799 _____ C:\Users\maxmu\Downloads\CinebenchR23.zip
2021-02-09 21:56 - 2021-02-09 21:56 - 000000000 ____D C:\Users\maxmu\AppData\Local\Maine
2021-02-09 16:06 - 2021-02-09 16:06 - 001243488 _____ (BraveSoftware Inc.) C:\Users\maxmu\Downloads\BraveBrowserSetup.exe
2021-02-08 03:57 - 2021-02-08 03:57 - 069423360 _____ (Riot Games, Inc.) C:\Users\maxmu\Downloads\Install League of Legends na.exe
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-03-06 22:29 - 2020-08-06 01:38 - 001723028 _____ C:\Windows\system32\PerfStringBackup.INI
2021-03-06 22:29 - 2019-12-07 15:51 - 000743772 _____ C:\Windows\system32\perfh007.dat
2021-03-06 22:29 - 2019-12-07 15:51 - 000150194 _____ C:\Windows\system32\perfc007.dat
2021-03-06 22:29 - 2019-12-07 10:12 - 000000000 ____D C:\Windows\INF
2021-03-06 22:24 - 2020-08-06 01:53 - 000000000 ____D C:\Users\maxmu\AppData\LocalLow\Mozilla
2021-03-06 22:24 - 2020-08-06 01:53 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-06 22:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-06 22:23 - 2020-08-07 22:40 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\LGHUB
2021-03-06 22:23 - 2020-08-07 22:40 - 000000000 ____D C:\Users\maxmu\AppData\Local\LGHUB
2021-03-06 22:22 - 2020-08-06 01:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-03-06 22:22 - 2020-08-06 01:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-06 22:22 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2021-03-06 22:07 - 2020-08-06 01:34 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-03-06 22:05 - 2020-08-06 01:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-06 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-03-06 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Macromed
2021-03-06 18:05 - 2020-08-06 02:15 - 000000000 ____D C:\Users\maxmu\AppData\Local\CrashDumps
2021-03-06 17:36 - 2020-08-06 01:36 - 000000000 ____D C:\Users\maxmu
2021-03-06 15:16 - 2019-12-07 10:03 - 000065536 _____ C:\Windows\system32\config\ELAM
2021-03-06 15:14 - 2020-08-06 02:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-06 15:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-03-06 15:11 - 2020-12-09 17:25 - 000267360 _____ C:\Windows\system32\FNTCACHE.DAT
2021-03-06 15:11 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-06 15:11 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-03-06 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-03-06 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-03-06 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-03-06 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-03-06 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-03-06 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2021-03-06 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-03-06 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-03-06 15:10 - 2020-08-06 01:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-03-06 14:54 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-03-06 14:53 - 2020-08-07 12:35 - 000007680 _____ C:\Users\maxmu\AppData\Local\Resmon.ResmonCfg
2021-03-06 14:48 - 2020-08-07 06:00 - 000000000 ___HD C:\$WinREAgent
2021-03-06 03:21 - 2020-08-23 17:53 - 000000000 ____D C:\Users\maxmu\Documents\My Games
2021-03-06 02:08 - 2020-08-15 22:28 - 000000000 ____D C:\ProgramData\Riot Games
2021-03-05 22:24 - 2020-12-10 06:57 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\WhatsApp
2021-03-05 21:19 - 2020-11-01 14:41 - 000000000 ____D C:\Users\maxmu\AppData\Local\Ubisoft Game Launcher
2021-03-05 18:54 - 2020-08-06 08:01 - 000000000 ____D C:\Users\maxmu\AppData\Local\D3DSCache
2021-03-05 08:32 - 2020-10-31 04:43 - 000000000 ____D C:\Users\maxmu\AppData\Local\PokerStars.EU
2021-03-05 03:23 - 2020-08-06 02:39 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-03-05 03:23 - 2020-08-06 02:39 - 000000000 ____D C:\Users\maxmu\AppData\Local\SquirrelTemp
2021-03-04 11:05 - 2020-08-06 23:56 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Origin
2021-03-04 11:05 - 2020-08-06 23:56 - 000000000 ____D C:\ProgramData\Origin
2021-03-04 10:32 - 2020-08-06 23:56 - 000000000 ____D C:\Users\maxmu\AppData\Local\Origin
2021-03-03 18:58 - 2021-01-01 23:53 - 000002316 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-03-03 18:58 - 2021-01-01 23:53 - 000002275 _____ C:\ProgramData\Desktop\Brave.lnk
2021-02-28 14:59 - 2020-12-10 20:16 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Exodus
2021-02-28 14:57 - 2020-12-10 20:16 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2021-02-28 14:57 - 2020-12-10 20:16 - 000000000 ____D C:\Users\maxmu\AppData\Local\exodus
2021-02-28 08:23 - 2020-08-06 21:33 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Twitch
2021-02-27 15:18 - 2020-08-06 02:15 - 000000000 ____D C:\Users\maxmu\AppData\Local\NVIDIA
2021-02-27 09:34 - 2021-01-24 09:50 - 000000000 ____D C:\Users\maxmu\AppData\Local\WhatsApp
2021-02-27 05:51 - 2020-12-18 19:17 - 000000000 ____D C:\Users\maxmu\AppData\Local\Synthetik
2021-02-27 05:25 - 2020-08-06 02:57 - 000000000 ____D C:\Users\maxmu\AppData\Local\ElevatedDiagnostics
2021-02-26 12:11 - 2020-10-01 23:17 - 000000000 ____D C:\Users\maxmu\AppData\Local\babl-0.1
2021-02-26 11:53 - 2020-10-01 23:23 - 000000000 ____D C:\Users\maxmu\AppData\Local\gtk-2.0
2021-02-26 03:32 - 2020-08-06 01:59 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-25 22:28 - 2020-08-06 10:03 - 000000000 ____D C:\Users\maxmu\AppData\Local\UnrealEngine
2021-02-25 21:46 - 2020-12-10 08:37 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Telegram Desktop
2021-02-25 14:00 - 2021-01-24 17:54 - 000000000 ____D C:\Users\maxmu\AppData\Local\Abelssoft
2021-02-25 14:00 - 2021-01-16 10:08 - 000000000 ____D C:\AdwCleaner
2021-02-25 14:00 - 2020-12-11 02:33 - 000000000 ____D C:\Users\maxmu\.android
2021-02-25 06:05 - 2020-08-06 01:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-24 22:32 - 2021-01-25 10:17 - 000000000 ____D C:\Users\maxmu\AppData\Local\User Data
2021-02-24 12:04 - 2020-08-07 13:18 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2021-02-24 07:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2021-02-24 00:03 - 2020-08-07 00:44 - 000000000 ____D C:\Program Files (x86)\Origin
2021-02-20 03:21 - 2020-08-06 01:38 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-20 03:18 - 2020-08-06 02:15 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 03:18 - 2020-08-06 02:15 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 03:18 - 2020-08-06 02:15 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 03:18 - 2020-08-06 02:15 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 03:18 - 2020-08-06 02:15 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 03:18 - 2020-08-06 02:15 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 03:18 - 2020-08-06 02:15 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 03:18 - 2020-08-06 02:15 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 03:18 - 2020-08-06 02:15 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 03:18 - 2020-08-06 02:15 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 03:18 - 2020-08-06 02:15 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-20 03:03 - 2020-08-06 02:15 - 000000000 ____D C:\Users\maxmu\AppData\Local\NVIDIA Corporation
2021-02-20 02:53 - 2020-08-06 07:46 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-20 02:27 - 2020-10-11 03:58 - 000001476 _____ C:\Users\maxmu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2021-02-19 22:56 - 2020-12-19 13:11 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\atomic
2021-02-19 22:13 - 2021-01-31 22:41 - 000003220 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2021-02-19 22:13 - 2020-08-06 01:48 - 000003080 _____ C:\Windows\system32\Tasks\klcp_update
2021-02-19 22:12 - 2021-01-02 08:08 - 000002942 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2021-02-19 22:12 - 2021-01-01 23:52 - 000003578 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2021-02-19 22:12 - 2021-01-01 23:52 - 000003354 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2021-02-19 17:23 - 2021-01-03 23:00 - 000000000 ____D C:\Users\maxmu\Downloads\Telegram Desktop
2021-02-19 04:14 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-18 23:01 - 2020-08-07 12:47 - 000000000 ____D C:\Users\maxmu\AppData\Local\AVAST Software
2021-02-18 22:35 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-02-18 11:02 - 2020-11-03 23:20 - 000000000 ____D C:\Windows\SysWOW64\directx
2021-02-18 09:04 - 2021-01-02 01:22 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\Sphere by Horizen
2021-02-18 05:25 - 2020-08-06 01:39 - 000000000 ____D C:\Users\maxmu\AppData\Local\Packages
2021-02-18 05:24 - 2020-08-06 19:23 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
2021-02-18 01:11 - 2020-10-21 14:45 - 000000000 ____D C:\Users\maxmu\Documents\gimpshizz
2021-02-17 14:16 - 2020-12-11 02:51 - 000000576 _____ C:\ProgramData\droidcam-client-options-v1
2021-02-17 14:16 - 2020-12-11 02:51 - 000000093 _____ C:\ProgramData\droidcam-settings
2021-02-17 06:10 - 2020-11-01 01:50 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\uTorrent
2021-02-17 03:22 - 2020-08-06 03:59 - 000000000 ____D C:\Users\maxmu\AppData\Roaming\XnView
2021-02-16 09:58 - 2020-12-18 14:41 - 000000000 ____D C:\Users\maxmu\AppData\Local\YoloMouse
2021-02-15 23:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Keywords
2021-02-15 23:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Keywords
2021-02-15 23:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-02-15 23:13 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-15 23:13 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-02-15 23:11 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-02-15 23:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-15 22:59 - 2020-08-06 05:19 - 000799104 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-02-15 22:39 - 2020-08-06 10:54 - 000000000 ____D C:\Windows\system32\MRT
2021-02-15 22:37 - 2020-08-06 10:54 - 130141752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-02-09 15:43 - 2020-08-06 01:51 - 000002170 _____ C:\Users\maxmu\Documents\ooshutup10.cfg
2021-02-08 04:07 - 2020-08-15 22:29 - 000001583 _____ C:\ProgramData\Desktop\League of Legends.lnk
2021-02-08 03:57 - 2020-08-15 22:28 - 000000000 ____D C:\Users\maxmu\AppData\Local\Riot Games
2021-02-07 19:05 - 2020-10-11 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-02-26 11:53 - 2021-02-26 11:53 - 000010144 _____ () C:\Users\maxmu\AppData\Local\recently-used.xbel
2020-08-07 12:35 - 2021-03-06 14:53 - 000007680 _____ () C:\Users\maxmu\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
| Themen zu Setup mit Malware/Adware ausgeführt, seitdem ärger |
| abgesicherte, abgesicherten, adwcleaner, ausgeführt, avast, bitdefender, browser, defender, einfach, eset, gefunde, gescannt, installer, laufe, laufen, mehrere, mehrfach, nichts, runtergeladen, scanner, seitdem, setup, spybot, verseuchte, ärger |
Hybrid-Darstellung
