| |
| |||||||
Log-Analyse und Auswertung: Audacity.de Izitio / Zapmeta Hijack in BrowserWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.01.2021, 12:24
| #1 |
| |  Audacity.de Izitio / Zapmeta Hijack in Browser Hallo Forum, leider hat es mich auch erwischt. Ich habe von Audacity.de runtergeladen. Seit dem habe ich in allen Browsern Izitio und Zapmeta Suchtreffer als Anzeige. Wenn ich das entferne oder Browser neu installiere ist es 2-5 Tage OK, und dann sind die Suchanzeigen wieder da. Ich würde mich sehr freuen wenn mir jemand helfen könnte. Danke im voraus. Zett FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
durchgeführt von Nils (Administrator) auf DESKTOP-6ON73KE (30-01-2021 12:18:40)
Gestartet von C:\Users\Nils\Downloads
Geladene Profile: Nils
Platform: Windows 10 Enterprise Version 1909 18363.1316 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser nicht gefunden!
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe
(ESET, spol. s r.o. -> ESET spol. s r.o.) C:\Users\Nils\Downloads\esetonlinescanner.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Plarium Global Ltd -> ) D:\Games\Raid_Shadowlegends\Plarium\PlariumPlay\6.3.0-1.0.0\PlariumPlayClientService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\Nils\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-01-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM\...\RunOnce: [amreboot] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4060298189-159591141-3017253812-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-4060298189-159591141-3017253812-1001\...\Run: [EpicGamesLauncher] => D:\Games\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32883768 2021-01-27] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4060298189-159591141-3017253812-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2478848 2021-01-19] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-4060298189-159591141-3017253812-1001\...\Run: [Snap Camera] => C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe [67068448 2020-12-04] (Snapchat Inc. (Snap Inc.) -> Snap Inc)
HKU\S-1-5-21-4060298189-159591141-3017253812-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1752920 2021-01-24] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4060298189-159591141-3017253812-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Nils\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-01-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\sst9cPC: C:\Windows\System32\spool\prtprocs\x64\sst9cpc.dll [43520 2015-04-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116224 2017-04-20] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\sst9c Langmon: C:\WINDOWS\system32\sst9clm.dll [22528 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-03-18]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
Startup: C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2020-12-10]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {015A63AC-4582-4DD7-B3EF-999E29C294E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {02FF4C08-15F8-490E-882E-A7461520D3AE} - System32\Tasks\Server Netzwerkverbindungsbroker Corsair => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{23E4205C-98D3-4781-9451-5E2E1E31AEC4}\{DA1DA853-1640-417F-87B9-B50D82602090}" <==== ACHTUNG
Task: {14AC34BD-4F13-4EE1-96D4-9D78D0588996} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C9D097D-E405-4990-8581-8D9E70B5104C} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1874712 2015-07-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {21EE5FDC-5C3E-4D41-BF2C-E16780D0E676} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {25113FC4-D8E7-42E4-A088-CDFFB18B5408} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1459152 2015-09-10] (ASUSTeK Computer Inc. -> )
Task: {29A4824B-71F8-4E55-A8EE-1E63533238F3} - System32\Tasks\G2MUploadTask-S-1-5-21-4060298189-159591141-3017253812-1001 => C:\Users\Nils\AppData\Local\GoToMeeting\19228\g2mupload.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3B5450E2-A67F-4F34-88BD-EB4B6DAD4718} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4331288 2015-07-02] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {3E3EA681-060C-416C-9410-BE8E59F31750} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1275672 2015-07-06] (ASUSTeK Computer Inc. -> )
Task: {41CC3506-8238-4A3B-BDB3-1BD4BF46E1A8} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {446915CB-A3E4-46BA-AB2A-E7AC2D32CD05} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Task: {49AD8BAA-FEC1-4688-B90C-B7465A177CE2} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2489176 2021-01-24] (Overwolf Ltd -> Overwolf LTD)
Task: {53847383-C949-4061-8380-2750CF5E80B3} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c401c59c9b1f => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Task: {564564DA-A70F-4651-8287-6CEB2FA61087} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22763912 2021-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {67992C57-65B8-4304-ACED-D85A8C57BDDB} - System32\Tasks\G2MUpdateTask-S-1-5-21-4060298189-159591141-3017253812-1001 => C:\Users\Nils\AppData\Local\GoToMeeting\19228\g2mupdate.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {694D1557-4089-4958-989E-A168FFC885FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6ACEA1B3-D418-491C-BB76-615B0ACCFCB9} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6C99627F-6AA2-48DB-8C7E-3464820580FE} - System32\Tasks\AgentActivationAcrobat => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> C:\WINDOWS\Installer\{6ED89228-8D82-42B3-B4A3-E48A7846CF10}\{1BA08D9E-E328-4F65-A75A-483D222E16CA} <==== ACHTUNG
Task: {7468D8A4-3929-4AFD-A2E5-311A4013765D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {88766E23-7F15-46DC-9F68-88C0D86FD7C2} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9C8A1A84-E358-4E01-8A9E-D7DE31295339} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A7E911A3-73BA-4C3B-8AEC-1A903D69A5CA} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [3646264 2014-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {AF08E8E7-90B4-4137-9958-0D00F4BC0A95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B2C84EFF-DCCC-4593-B57D-A355EFB16A26} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0097B09-92B5-4E31-ABCF-96BD0D5F5789} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE03BCE6-DD2E-48AC-818E-98C40EBFF956} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {DFFE1D8E-2FB2-403E-B185-510E07242B54} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22763912 2021-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEF61BA5-0B0E-41ED-BEF1-F048D6FA0FFA} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {F2678E0D-6B5A-46F0-939B-662B0AF383A4} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-09-18] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {F98F5C08-3814-43F7-B0F7-D26882EAC3C0} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Task: {FA688946-5D6A-4C61-A6F7-78D926C130ED} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4060298189-159591141-3017253812-1001.job => C:\Users\Nils\AppData\Local\GoToMeeting\19228\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4060298189-159591141-3017253812-1001.job => C:\Users\Nils\AppData\Local\GoToMeeting\19228\g2mupload.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{362acb02-5527-4394-bed6-a7d1de062b9c}: [NameServer] 192.168.0.1,8.8.8.8
Tcpip\..\Interfaces\{362acb02-5527-4394-bed6-a7d1de062b9c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d69ed55e-6f3c-4593-91a6-363671f69c4d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e61d3b11-604a-4a0e-97ab-dc1c9d7818b3}: [DhcpNameServer] 10.10.10.100
Edge:
=======
Edge Profile: C:\Users\Nils\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-30]
Edge Notifications: Default -> hxxps://dsagnet.de
Edge Extension: ( ) - C:\Users\Nils\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gpehbmpbianemhmmenkjabehiigjecpk [2021-01-30]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{546D1C0B-02E8-45FF-9765-BF3FDF310DE8}] - C:\WINDOWS\Installer\{70F66366-9587-4949-8EA0-346663D40937}\{546D1C0B-02E8-45FF-9765-BF3FDF310DE8}.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{546D1C0B-02E8-45FF-9765-BF3FDF310DE8}] - C:\WINDOWS\Installer\{70F66366-9587-4949-8EA0-346663D40937}\{546D1C0B-02E8-45FF-9765-BF3FDF310DE8}.xpi => nicht gefunden
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4060298189-159591141-3017253812-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Nils\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-18] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default [2020-02-06]
CHR Extension: (Präsentationen) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Docs) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-19]
CHR Extension: (YouTube) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-19]
CHR Extension: (Tabellen) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-23]
CHR Extension: (Google Mail) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-23]
CHR Extension: (Chrome Media Router) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-02]
CHR Profile: C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-26]
CHR Profile: C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-02-06]
CHR Extension: (Präsentationen) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-26]
CHR Extension: (Docs) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-26]
CHR Extension: (Google Drive) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-26]
CHR Extension: (YouTube) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-26]
CHR Extension: (Tabellen) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-26]
CHR Extension: (Google Docs Offline) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-11]
CHR Extension: (CKP - KeePass integration for Chrome™) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lnfepbjehgokldcaljagbmchhnaaogpc [2019-02-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Google Mail) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-27]
CHR Extension: (Chrome Media Router) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-19]
CHR Profile: C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-01-30]
CHR Notifications: Profile 2 -> hxxps://community.linkando.co; hxxps://dsag.linkando.co; hxxps://dsagnet.de; hxxps://dsagnet.linkando.co
CHR Extension: (Präsentationen) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-11]
CHR Extension: (Docs) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-11]
CHR Extension: (Google Drive) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-11]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (Tabellen) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-11]
CHR Extension: (Google Docs Offline) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-01-21]
CHR Extension: (Google*Hangouts) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\knipolnnllmklapflnccelgolnpehhpl [2020-01-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-21]
CHR Extension: ( ) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\plkobkdcdmmmflmhbnaldhhenicgailf [2021-01-30]
CHR Profile: C:\Users\Nils\AppData\Local\Google\Chrome\User Data\System Profile [2020-02-06]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3668944 2020-08-08] (philandro Software GmbH -> philandro Software GmbH)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe [398648 2015-07-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8352184 2019-01-18] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8854920 2021-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-01-18] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-01-10] (Bayerisches Landesamt fuer Steuern -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-14] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2533952 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3479624 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2489176 2021-01-24] (Overwolf Ltd -> Overwolf LTD)
R2 Plarium Play Client Service; D:\Games\Raid_Shadowlegends\Plarium\PlariumPlay\6.3.0-1.0.0\PlariumPlayClientService.exe [90232 2020-12-15] (Plarium Global Ltd -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264144 2021-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 edgeupdate; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc [X]
S4 edgeupdatem; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R4 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [28600 2015-08-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudio64.sys [60312 2020-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
S3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2020-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2020-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-14] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-14] (Malwarebytes Inc -> Malwarebytes)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-03-21] (Snap Inc. -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-30 12:18 - 2021-01-30 12:19 - 000028630 _____ C:\Users\Nils\Downloads\FRST.txt
2021-01-30 12:18 - 2021-01-30 12:18 - 000000000 ____D C:\FRST
2021-01-30 11:31 - 2021-01-30 11:31 - 000000085 _____ C:\WINDOWS\wininit.ini
2021-01-30 11:31 - 2021-01-30 11:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2021-01-30 11:14 - 2021-01-30 11:15 - 002297856 _____ (Farbar) C:\Users\Nils\Downloads\FRST64.exe
2021-01-30 10:50 - 2021-01-30 10:50 - 000000777 _____ C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-01-30 10:50 - 2021-01-30 10:50 - 000000649 _____ C:\Users\Nils\Desktop\ESET Online Scanner.lnk
2021-01-30 10:50 - 2021-01-30 10:50 - 000000000 ____D C:\Users\Nils\AppData\Local\ESET
2021-01-30 10:47 - 2021-01-30 10:47 - 015012440 _____ (ESET spol. s r.o.) C:\Users\Nils\Downloads\esetonlinescanner.exe
2021-01-30 09:51 - 2021-01-30 09:51 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-30 09:51 - 2021-01-30 09:51 - 000000000 ____D C:\WINDOWS\Panther
2021-01-27 15:42 - 2021-01-27 15:42 - 000087378 _____ C:\Users\Nils\Downloads\0E94322969.pdf
2021-01-27 15:42 - 2021-01-27 15:42 - 000087378 _____ C:\Users\Nils\Downloads\0E94322969 (1).pdf
2021-01-27 12:48 - 2021-01-27 12:48 - 001321688 _____ (Google LLC) C:\Users\Nils\Downloads\ChromeSetup (1).exe
2021-01-27 12:05 - 2021-01-27 12:05 - 006565432 _____ (EnigmaSoft Limited) C:\Users\Nils\Downloads\SpyHunter-5.10-15-7042-Installer.exe
2021-01-27 11:12 - 2021-01-27 11:12 - 000401975 _____ C:\Users\Nils\Downloads\Angebot-1002100043-AuftragNr1002100043-27.01.2021.pdf
2021-01-22 09:58 - 2021-01-22 09:58 - 000001490 _____ C:\Users\Nils\Downloads\Neu.csv
2021-01-22 09:58 - 2021-01-22 09:58 - 000001183 _____ C:\Users\Nils\Downloads\Alt.csv
2021-01-22 09:47 - 2021-01-22 10:11 - 000000000 ____D C:\ESD
2021-01-22 09:45 - 2021-01-22 09:45 - 000000000 ___HD C:\$Windows.~WS
2021-01-21 07:46 - 2021-01-21 07:46 - 000000828 _____ C:\Users\Nils\Documents\test.reg
2021-01-21 07:38 - 2021-01-21 07:39 - 000000000 ____D C:\AdwCleaner
2021-01-21 07:38 - 2021-01-21 07:38 - 008457584 _____ (Malwarebytes) C:\Users\Nils\Downloads\adwcleaner_8.0.9.1.exe
2021-01-19 13:04 - 2021-01-19 13:04 - 029285264 _____ (TeamViewer Germany GmbH) C:\Users\Nils\Downloads\TeamViewer_Setup (1).exe
2021-01-19 09:57 - 2021-01-19 09:57 - 000000000 ____D C:\Users\Nils\AppData\Local\Safer-Networking Ltd
2021-01-19 09:56 - 2021-01-30 11:31 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-01-19 09:56 - 2021-01-30 11:31 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-01-19 09:55 - 2021-01-19 09:55 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\Nils\Downloads\spybotsd-2.8.68.0.exe
2021-01-19 09:41 - 2021-01-19 09:41 - 000043967 _____ C:\Users\Nils\Downloads\Alle Tickets-2021-01-19-09-41-33.csv
2021-01-19 09:30 - 2021-01-19 09:30 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-01-19 09:30 - 2021-01-19 09:30 - 000001076 _____ C:\Users\Public\Desktop\Audacity.lnk
2021-01-19 09:30 - 2021-01-19 09:30 - 000001076 _____ C:\ProgramData\Desktop\Audacity.lnk
2021-01-19 09:30 - 2021-01-19 09:30 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-01-19 09:29 - 2021-01-19 09:29 - 028141904 _____ (Audacity Team ) C:\Users\Nils\Downloads\audacity-win-2.4.2.exe
2021-01-19 07:25 - 2021-01-19 07:25 - 000172250 _____ C:\Users\Nils\Downloads\Ihr IT-Status.pdf
2021-01-18 14:34 - 2021-01-29 14:55 - 000002359 _____ C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-18 14:34 - 2021-01-29 14:55 - 000002351 _____ C:\Users\Nils\Desktop\Microsoft Teams.lnk
2021-01-18 13:43 - 2021-01-18 13:43 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-01-18 13:43 - 2021-01-18 13:43 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-01-18 13:43 - 2021-01-18 13:43 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-01-18 13:43 - 2021-01-18 13:43 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-18 13:43 - 2021-01-18 13:43 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-01-18 13:43 - 2021-01-18 13:43 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-01-18 13:43 - 2021-01-18 13:43 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-01-18 13:43 - 2021-01-18 13:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-18 13:40 - 2021-01-18 13:40 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-01-15 16:09 - 2021-01-15 16:09 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-01-14 18:34 - 2021-01-14 18:42 - 000000000 ____D C:\Users\Nils\Documents\STAR WARS Battlefront II
2021-01-14 18:34 - 2021-01-14 18:34 - 000000804 _____ C:\Users\Public\Desktop\STAR WARS Battlefront II.lnk
2021-01-14 18:34 - 2021-01-14 18:34 - 000000804 _____ C:\ProgramData\Desktop\STAR WARS Battlefront II.lnk
2021-01-14 18:34 - 2021-01-14 18:34 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2021-01-14 18:34 - 2021-01-14 18:34 - 000000000 ____D C:\Users\Nils\AppData\Local\STAR WARS Battlefront II
2021-01-14 18:34 - 2021-01-14 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II
2021-01-14 18:12 - 2021-01-14 18:34 - 000000000 ____D C:\ProgramData\Electronic Arts
2021-01-14 18:08 - 2021-01-26 19:52 - 000000000 ____D C:\Program Files (x86)\Origin
2021-01-14 18:08 - 2021-01-14 18:08 - 000001062 _____ C:\Users\Public\Desktop\Origin.lnk
2021-01-14 18:08 - 2021-01-14 18:08 - 000001062 _____ C:\ProgramData\Desktop\Origin.lnk
2021-01-14 18:08 - 2021-01-14 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2021-01-14 18:07 - 2021-01-26 19:51 - 000000000 ____D C:\ProgramData\Origin
2021-01-14 18:07 - 2021-01-15 23:34 - 000000000 ____D C:\Users\Nils\AppData\Roaming\Origin
2021-01-14 18:07 - 2021-01-15 16:08 - 000000000 ____D C:\Users\Nils\AppData\Local\Origin
2021-01-14 18:07 - 2021-01-14 18:07 - 000000000 ____D C:\Users\Nils\.Origin
2021-01-14 14:34 - 2021-01-14 14:34 - 001321688 _____ (Google LLC) C:\Users\Nils\Downloads\ChromeSetup.exe
2021-01-14 14:24 - 2021-01-14 14:24 - 000023925 _____ C:\Users\Nils\Downloads\Alle Tickets-2021-01-14-14-24-49.csv
2021-01-14 11:56 - 2021-01-14 11:56 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-14 11:55 - 2021-01-14 11:55 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-14 11:53 - 2021-01-14 11:53 - 000004256 _____ C:\WINDOWS\system32\Tasks\AgentActivationAcrobat
2021-01-14 11:46 - 2021-01-14 11:46 - 000000000 ____D C:\Users\Nils\Documents\Audacity
2021-01-14 11:43 - 2021-01-19 09:30 - 000000000 ____D C:\Users\Nils\AppData\Roaming\audacity
2021-01-14 11:43 - 2021-01-14 11:43 - 000004512 _____ C:\WINDOWS\system32\Tasks\Server Netzwerkverbindungsbroker Corsair
2021-01-14 11:43 - 2021-01-14 11:43 - 000000000 ____D C:\Users\Nils\AppData\Local\Audacity
2021-01-14 11:42 - 2021-01-14 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2021-01-14 11:42 - 2021-01-14 11:43 - 000000000 ____D C:\Program Files (x86)\nodejs
2021-01-14 11:42 - 2021-01-14 11:42 - 000000000 ____D C:\Users\Nils\AppData\Roaming\npm
2021-01-14 07:50 - 2021-01-14 07:50 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-14 07:50 - 2021-01-14 07:50 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-14 07:50 - 2021-01-14 07:50 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-14 07:50 - 2021-01-14 07:50 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-14 07:50 - 2021-01-14 07:50 - 000502784 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-14 07:50 - 2021-01-14 07:50 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-14 07:50 - 2021-01-14 07:50 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 07:50 - 2021-01-14 07:50 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-14 07:50 - 2021-01-14 07:50 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-14 07:50 - 2021-01-14 07:50 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-14 07:50 - 2021-01-14 07:50 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-14 07:50 - 2021-01-14 07:50 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-14 07:50 - 2021-01-14 07:50 - 000151040 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-14 07:50 - 2021-01-14 07:50 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-14 07:50 - 2021-01-14 07:50 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-14 07:50 - 2021-01-14 07:50 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-14 07:50 - 2021-01-14 07:50 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-14 07:50 - 2021-01-14 07:50 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-14 07:50 - 2021-01-14 07:50 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-14 07:50 - 2021-01-14 07:50 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-14 07:50 - 2021-01-14 07:50 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 07:50 - 2021-01-14 07:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-14 07:49 - 2021-01-14 07:49 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 07:49 - 2021-01-14 07:49 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 07:49 - 2021-01-14 07:49 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 07:49 - 2021-01-14 07:49 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 07:49 - 2021-01-14 07:49 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 07:49 - 2021-01-14 07:49 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 07:49 - 2021-01-14 07:49 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 07:49 - 2021-01-14 07:49 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 07:49 - 2021-01-14 07:49 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 07:49 - 2021-01-14 07:49 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 07:49 - 2021-01-14 07:49 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 07:49 - 2021-01-14 07:49 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 07:49 - 2021-01-14 07:49 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 07:49 - 2021-01-14 07:49 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 07:49 - 2021-01-14 07:49 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 07:49 - 2021-01-14 07:49 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 08:09 - 2021-01-13 08:09 - 000809812 _____ C:\Users\Nils\Downloads\00001460.wav
2021-01-12 07:58 - 2021-01-12 07:58 - 000625357 _____ C:\Users\Nils\Downloads\SCAN_20010104_045611 (1).pdf
2021-01-11 12:09 - 2021-01-11 12:09 - 017883576 _____ (Totusoft ) C:\Users\Nils\Downloads\LAN_SpeedTest_Setup.exe
2021-01-11 12:09 - 2021-01-11 12:09 - 000000000 ____D C:\Users\Nils\AppData\Roaming\Totusoft
2021-01-07 08:27 - 2021-01-07 08:27 - 000012705 _____ C:\Users\Nils\Downloads\Kalender (2).pdf
2021-01-04 15:24 - 2021-01-04 15:24 - 000012709 _____ C:\Users\Nils\Downloads\Kalender (1).pdf
2021-01-04 15:20 - 2021-01-04 15:20 - 000062619 _____ C:\Users\Nils\Downloads\WSPayPayPer.pdf
2021-01-04 10:37 - 2021-01-04 10:37 - 000423666 _____ C:\Users\Nils\Downloads\FRITZ.Box 7560 149.07.12_04.01.21_1037.export
2021-01-02 19:03 - 2021-01-02 19:03 - 010692225 _____ C:\Users\Nils\Downloads\IC_Camping_Park_Umag_camp_map 2020.pdf
2020-12-31 13:27 - 2020-12-31 13:27 - 000097399 _____ C:\Users\Nils\Downloads\Dinkel-Joghurt Brot - Rezeptbild - 2016-01-20.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-30 12:15 - 2017-05-09 16:00 - 000000000 ____D C:\Users\Nils\Documents\Outlook-Dateien
2021-01-30 12:02 - 2018-08-06 17:51 - 000000000 ____D C:\Users\Nils\AppData\Local\D3DSCache
2021-01-30 11:46 - 2020-11-27 12:34 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2021-01-30 11:31 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-30 10:57 - 2017-04-19 14:29 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-30 10:55 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-30 10:50 - 2020-11-27 12:34 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2021-01-30 10:23 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-30 10:19 - 2017-04-19 14:32 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-30 09:57 - 2020-11-26 15:43 - 001723292 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-30 09:57 - 2019-03-19 13:16 - 000743888 _____ C:\WINDOWS\system32\perfh007.dat
2021-01-30 09:57 - 2019-03-19 13:16 - 000150212 _____ C:\WINDOWS\system32\perfc007.dat
2021-01-30 09:57 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-30 09:54 - 2018-12-26 10:56 - 000001152 __RSH C:\ProgramData\ntuser.pol
2021-01-30 09:52 - 2020-12-22 17:54 - 000002170 _____ C:\Users\Nils\Desktop\CurseForge.lnk
2021-01-30 09:52 - 2020-12-22 17:50 - 000000000 ____D C:\Users\Nils\AppData\Local\Overwolf
2021-01-30 09:52 - 2017-04-19 14:30 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-30 09:52 - 2017-04-19 12:09 - 000000000 ___RD C:\Users\Nils\OneDrive
2021-01-30 09:51 - 2020-11-26 15:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-30 09:51 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-30 09:51 - 2017-04-20 08:40 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-01-30 09:50 - 2020-11-26 15:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-30 00:21 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-30 00:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-30 00:21 - 2018-02-26 20:56 - 000000000 ____D C:\Users\Nils\AppData\Local\Packages
2021-01-30 00:01 - 2019-01-26 15:51 - 000000000 ____D C:\Users\Nils\AppData\Roaming\WhatsApp
2021-01-30 00:01 - 2018-06-28 16:23 - 000000000 ____D C:\Users\Nils\AppData\Local\CrashDumps
2021-01-29 15:14 - 2017-04-19 13:52 - 000000000 ____D C:\Users\Nils\AppData\Roaming\TeamViewer
2021-01-29 14:55 - 2019-01-26 15:50 - 000000000 ____D C:\Users\Nils\AppData\Local\SquirrelTemp
2021-01-29 07:45 - 2020-12-22 17:54 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-01-27 15:54 - 2017-05-07 18:24 - 000000000 ____D C:\Users\Nils\AppData\Roaming\Samsung
2021-01-27 15:44 - 2017-05-09 13:50 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-01-27 12:08 - 2018-05-06 14:46 - 000000000 ____D C:\Users\Nils\AppData\Local\Battle.net
2021-01-24 19:39 - 2020-10-11 13:49 - 000000000 ____D C:\Users\Nils\Documents\rezepte
2021-01-22 09:24 - 2020-12-11 06:37 - 000000000 ____D C:\Users\Nils\AppData\Local\AMD_Common
2021-01-21 11:18 - 2020-03-18 08:07 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-01-20 11:22 - 2017-04-19 14:31 - 000015196 _____ C:\Users\Nils\Documents\Database.kdb
2021-01-20 11:05 - 2019-01-26 15:50 - 000000000 ____D C:\Users\Nils\AppData\Local\WhatsApp
2021-01-18 21:43 - 2020-11-26 15:31 - 000439744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-18 13:42 - 2017-04-19 14:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-18 13:40 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-17 10:48 - 2019-09-17 16:53 - 000000000 ____D C:\Users\Nils\AppData\Roaming\Twitch
2021-01-15 12:10 - 2020-11-11 23:09 - 000000638 _____ C:\Users\Nils\Desktop\todo.txt
2021-01-14 18:07 - 2020-11-26 15:06 - 000000000 ____D C:\Users\Nils
2021-01-14 12:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-14 12:05 - 2018-02-26 21:00 - 000000000 ___RD C:\Users\Nils\3D Objects
2021-01-14 12:05 - 2016-11-20 22:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-14 12:04 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-14 12:04 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-14 12:04 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-14 12:04 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-14 11:56 - 2020-11-07 13:12 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-14 11:56 - 2020-11-07 13:12 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-01-14 11:56 - 2020-08-14 14:21 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-14 11:55 - 2020-11-07 13:11 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-14 11:55 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-14 11:53 - 2020-11-30 06:23 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c401c59c9b1f
2021-01-14 11:53 - 2020-11-26 15:39 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-14 11:53 - 2020-11-26 15:39 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-14 11:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-01-14 11:43 - 2017-04-20 08:40 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-14 08:41 - 2017-05-03 13:46 - 000007591 _____ C:\Users\Nils\AppData\Local\Resmon.ResmonCfg
2021-01-14 07:56 - 2017-04-19 14:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-14 07:53 - 2017-04-19 14:41 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 07:49 - 2020-11-26 15:32 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 16:53 - 2020-07-30 15:00 - 000001024 _____ C:\Users\Public\Desktop\Snap Camera.lnk
2021-01-13 16:53 - 2020-07-30 15:00 - 000001024 _____ C:\ProgramData\Desktop\Snap Camera.lnk
2021-01-13 16:53 - 2020-07-30 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snap Inc
2021-01-09 20:18 - 2020-09-04 06:47 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-09 13:27 - 2018-05-06 14:49 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-01-02 01:15 - 2019-10-11 17:20 - 000000000 ____D C:\Users\Nils\AppData\Roaming\Discord
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-12-18 11:15 - 2020-12-18 11:17 - 000006046 _____ () C:\Users\Nils\AppData\Roaming\Durch Trennzeichen getrennte Werte.EML
2020-11-10 13:50 - 2020-11-10 14:02 - 000000128 _____ () C:\Users\Nils\AppData\Roaming\winscp.rnd
2020-07-31 11:01 - 2020-07-31 11:02 - 000011092 _____ () C:\Users\Nils\AppData\Local\PlariumPlay.log
2020-10-10 15:57 - 2020-10-10 15:57 - 000000128 _____ () C:\Users\Nils\AppData\Local\PUTTY.RND
2017-05-03 13:46 - 2021-01-14 08:41 - 000007591 _____ () C:\Users\Nils\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von Zett (30.01.2021 um 12:44 Uhr) |
| Themen zu Audacity.de Izitio / Zapmeta Hijack in Browser |
| browse, browser, browsern, entferne, forum, freue, hijack, installiere, msascuil.exe, neu, würde, zapmeta |
Baum-Darstellung