| |
| |||||||
Log-Analyse und Auswertung: Windows 10: Browser-Hijacker nach Download von audacity.deWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.02.2021, 22:01
| #1 |
| |  Windows 10: Browser-Hijacker nach Download von audacity.de Guten Abend, auch ich bin beim Download von Audacity auf die Fakeseite audacity.de hereingefallen, welche mir anschließend erfolgreich Malware ins System schleusen konnte. Bei mir äußert sich dies wie folgt: Nach einer Suchanfrage bei Firefox werden mir in den häufigsten Fällen Ergebnisse von zapmeta oder izito an erster Stelle angezeigt. Des Weiteren wird mir eine namenlose Browsererweiterung angezeigt, welche sich zwar deaktivieren aber nicht entfernen lässt. Anbei sende ich Logs von FRST, Spybot und Malwarebytes. FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
durchgeführt von leola (Administrator) auf DESKTOP-47HNGR6 (14-02-2021 21:35:35)
Gestartet von C:\Users\leola\Downloads
Geladene Profile: leola
Platform: Windows 10 Pro Version 1909 18363.1379 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(0) [Datei ist nicht signiert] C:\Program Files\GloriousPCGamingRace\GMMK\GMMK Keyboard Editor.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Andrey Shcherbakov) C:\Program Files\WindowsApps\51041SafeInCloud.PasswordManagerSafeInCloud_21.0.4.0_x86__wh7zearnzvtm6\SafeInCloud\SafeInCloud.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <4>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7269\Agent.exe
(Discord Inc. -> Discord Inc.) C:\Users\leola\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(DroidMonkey Apps, LLC -> ) C:\Program Files\KeePassXC\keepassxc-proxy.exe
(DroidMonkey Apps, LLC -> KeePassXC Team) C:\Program Files\KeePassXC\KeePassXC.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\leola\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Users\leola\AppData\Local\GoToMeeting\18962\g2mcomm.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Users\leola\AppData\Local\GoToMeeting\18962\g2mlauncher.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Users\leola\AppData\Local\GoToMeeting\18962\g2mstart.exe
(MacPaw INC -> MacPaw Inc.) C:\Program Files\Encrypto\Encrypto.Service.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\leola\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_feed726c6560f7a7\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Robert McNeel & Associates (TLM, Inc.) -> Robert McNeel & Associates) [Datei ist nicht signiert] C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-11-24] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-18] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97703592 2020-02-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Genshin Impact_Launcher] => [X]
HKLM-x32\...\Run: [Launch 0 FwCustom] => C:\Program Files\GloriousPCGamingRace\GMMK\GMMK Keyboard Editor.exe [4058624 2019-02-21] (0) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680720 2021-02-04] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [GoToMeeting] => C:\Users\leola\AppData\Local\GoToMeeting\18962\g2mstart.exe [31320 2020-10-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50011008 2021-01-20] (Google LLC -> )
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [Wox] => C:\Users\leola\AppData\Local\Wox\app-1.4.1196\Wox.exe
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [f.lux] => C:\Users\leola\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5537448 2021-02-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5537448 2021-02-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [KeePassXC] => C:\Program Files\KeePassXC\KeePassXC.exe [7110800 2021-01-31] (DroidMonkey Apps, LLC -> KeePassXC Team)
HKU\S-1-5-21-490006789-2306570936-2833241694-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090464 2021-02-12] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKLM\...\Windows x64\Print Processors\hpcpp140: C:\Windows\System32\spool\prtprocs\x64\hpcpp140.DLL [559616 2012-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2020-12-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2020-04-24]
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (Keine Datei)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2021-01-21]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2020-04-24]
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (Keine Datei)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2021-01-21]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung - Chrome <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0CB2E179-E550-4684-BE45-A0351954397E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {20F1A0D3-3CCF-484F-964A-9A05DFA94628} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057968 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {28A15DD6-95A7-4363-80F6-A2CB56588DCE} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Task: {2F30FEB2-DCC8-44EB-A5E8-0D76AE8A5A03} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [7177168 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {327672B4-51D1-4227-B118-55266B54AA80} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Task: {32F97DF2-A052-44D1-9C36-0290B1AFEC5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3586F5EF-DB30-4895-B0CB-9A276CAB0D6D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {3A1440E0-EBC6-4DF7-87D1-CF20F4E6E5E0} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.4.0\AutoUpdate.exe [2369808 2020-03-06] (IObit Information Technology -> IObit)
Task: {3D385232-05E1-4BFA-9CEB-B6FE27CA1729} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {46815CAE-3B3E-4CE7-AABB-43A413EFADF5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1683344 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A540F37-3ADB-4907-A05D-EC52600D09A0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145760 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {674F3B35-4465-41FA-A0F8-98AADE5421C8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22763912 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DB1091F-506F-4503-865C-7B2932FBA599} - System32\Tasks\G2MUpdateTask-S-1-5-21-490006789-2306570936-2833241694-1001 => C:\Users\leola\AppData\Local\GoToMeeting\19228\g2mupdate.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {8C5A30D2-8C8B-4860-A628-B165D635967E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {8EB62622-1AC0-4411-971B-BDAFC5451C5C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145760 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F91A7EE-CB46-4503-A627-6CF627F05D90} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {9DB9FEF7-EE38-42DA-B351-FDA611E649D6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22763912 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9DCA8A1-FADC-487D-8F7B-00899D95B99A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C5C3ECAA-66CE-40B8-87EF-8859A5E21E08} - System32\Tasks\G2MUploadTask-S-1-5-21-490006789-2306570936-2833241694-1001 => C:\Users\leola\AppData\Local\GoToMeeting\19228\g2mupload.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {C7D6C971-DE73-4701-B4E4-2394726D1CF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CB48D213-D478-48FF-B2EB-941552C1A468} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6189624 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {D9017DD1-7254-4D9F-BB77-55176C45C32D} - System32\Tasks\Gruppenrichtlinienclient Kernel AppX-Bereitstellungsdienst => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{88403E39-710C-4564-9E02-9CAA40145C9D}\{0395A025-CA76-4A8B-A4E8-0E9215E26495}" <==== ACHTUNG
Task: {DBF0F3C5-A31E-4837-9924-FE645ABF5FC3} - System32\Tasks\Driver Booster SkipUAC (leola) => C:\Program Files (x86)\IObit\Driver Booster\7.4.0\DriverBooster.exe [7929616 2020-04-03] (IObit Information Technology -> IObit)
Task: {E9C31DB4-9E7B-4C25-8992-3A1D3613C610} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057968 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEC9C8F7-0FB2-424E-95F8-1CF19BC9F212} - System32\Tasks\BenutzerdienstfürBitLocker-Laufwerkverschlüsselungsdienst => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> C:\Windows\Installer\{57DBC657-0A40-4AFA-9EC1-3A8E87F485AB}\{0379E9D5-FB7C-47FB-9088-C90A7CD60E3A} <==== ACHTUNG
Task: {F1161DEA-5656-4D2B-B7F1-F520F3E56000} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F7906B58-CFF4-4B2E-860B-D3723E3D79F7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-490006789-2306570936-2833241694-1001.job => C:\Users\leola\AppData\Local\GoToMeeting\19228\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-490006789-2306570936-2833241694-1001.job => C:\Users\leola\AppData\Local\GoToMeeting\19228\g2mupload.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 127.0.0.1 cryptomator-vault
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2f44371c-7491-4575-b9a9-fd679a236a88}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a9f54fb1-c39f-40a3-ae5b-93fc90cf1199}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Profile: C:\Users\leola\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-14]
FireFox:
========
FF DefaultProfile: nxa01xqe.default
FF DefaultProfile: nco99es6.default
FF ProfilePath: C:\Users\leola\AppData\Roaming\Zotero\Zotero\Profiles\nxa01xqe.default [2020-12-02]
FF ProfilePath: C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\nco99es6.default [2021-02-14]
FF user.js: detected! => C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\nco99es6.default\user.js [2021-02-14]
FF Homepage: Mozilla\Firefox\Profiles\nco99es6.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\nco99es6.default -> hxxps://myfiresearch.com/homepage?hp=1&bitmask=9996&pId=AC191101&iDate=2021-02-09 03:08:12&bName=
FF ProfilePath: C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release [2021-02-14]
FF user.js: detected! => C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\user.js [2021-02-14]
FF NewTab: Mozilla\Firefox\Profiles\a3fzjye3.default-release -> hxxps://myfiresearch.com/homepage?hp=1&bitmask=9996&pId=AC191101&iDate=2021-02-09 03:08:12&bName=
FF Extension: (BetterTTV) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\firefox@betterttv.net.xpi [2020-12-18]
FF Extension: (HTTPS Everywhere) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\https-everywhere@eff.org.xpi [2021-01-29]
FF Extension: (Decentraleyes) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-11-05]
FF Extension: (Privacy Badger) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-02-03]
FF Extension: (KeePassXC-Browser) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\keepassxc-browser@keepassxc.org.xpi [2021-02-04]
FF Extension: (Neat URL) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\neaturl@hugsmile.eu.xpi [2020-11-02]
FF Extension: (uBlock Origin) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-02-03]
FF Extension: (Zotero Connector) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\zotero@chnm.gmu.edu.xpi [2021-02-03] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]
FF Extension: (Dark theme for Firefox) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\{1afaee19-8dde-4b0e-8c84-f46ca0f02f06}.xpi [2020-11-03]
FF Extension: (Startpage.com — Datenschutz-Suchmaschine) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-11-10]
FF Extension: (Merveilles) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\{25738e3e-67d1-4847-ad30-c7aff6e3bfaf}.xpi [2020-11-03]
FF Extension: (A powerful reverse image search tool, with support for various search engines, such as Google, Bing, Yandex, Baidu and TinEye.) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2021-02-09]
FF Extension: (Save to Notion) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\{4b547b2c-e114-4344-9b70-09b2fe0785f3}.xpi [2021-01-10]
FF Extension: (Matte Black (Sky Blue)) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\{a7d78215-c3ea-4ecb-aaed-10bbe30f8ecb}.xpi [2020-11-03]
FF Extension: (Video DownloadHelper) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-16]
FF Extension: (Save time by asking Buster to solve captchas for you.) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2020-11-02]
FF Extension: (Unpaywall) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\Extensions\{f209234a-76f0-4735-9920-eb62507a54cd}.xpi [2021-02-11]
FF Extension: (Reset Search Defaults) - C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\features\{a71d9910-44b4-462f-b147-19ddb5609bbd}\reset-search-defaults@mozilla.com.xpi [2021-02-12]
FF SearchPlugin: C:\Users\leola\AppData\Roaming\Mozilla\Firefox\Profiles\a3fzjye3.default-release\searchplugins\My Firefox Search.xml [2021-02-09]
FF HKLM\...\Firefox\Extensions: [{9A755B4E-8529-4D38-AD3E-5470104F43F8}] - C:\Windows\Installer\{F75CE30D-B9D2-4049-9FA8-539CB300A2C9}\{9A755B4E-8529-4D38-AD3E-5470104F43F8}.xpi
FF Extension: ( ) - C:\Windows\Installer\{F75CE30D-B9D2-4049-9FA8-539CB300A2C9}\{9A755B4E-8529-4D38-AD3E-5470104F43F8}.xpi [2021-02-14]
FF HKLM-x32\...\Firefox\Extensions: [{9A755B4E-8529-4D38-AD3E-5470104F43F8}] - C:\Windows\Installer\{F75CE30D-B9D2-4049-9FA8-539CB300A2C9}\{9A755B4E-8529-4D38-AD3E-5470104F43F8}.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-18] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-18] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-490006789-2306570936-2833241694-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\leola\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-18] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default [2020-11-02]
CHR DefaultSearchURL: Default -> hxxps://unsplash.com/android-chrome-192x192.png
CHR Extension: (ProxFlow) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2020-06-12]
CHR Extension: (Präsentationen) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-24]
CHR Extension: (BetterTTV) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-10-18]
CHR Extension: (Docs) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-24]
CHR Extension: (Google Drive) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-24]
CHR Extension: (uBlock Origin) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-10-21]
CHR Extension: (Unsplash) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnlnpjpkobmmbdnpbdceplbemhibbhll [2020-04-24]
CHR Extension: (AHA Music - Song Finder für Browser) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2020-06-07]
CHR Extension: (KissFC) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpnfknficgldmilnkddfhmbafkcipkkh [2020-04-24]
CHR Extension: (Zotero Connector) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2020-10-27]
CHR Extension: (Tabellen) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-22]
CHR Extension: (AirDroid) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2020-04-24]
CHR Extension: (SafeInCloud Password Manager) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchdigjbcmdgcfeijpfkpadacbijihjl [2020-10-21]
CHR Extension: (Baseflight - Configurator) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppkgnedeapfejgfimkdoninnofofigk [2020-04-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-24]
CHR Extension: (PlayMemories Camera Apps Downloader) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlghnkgcadghcdodlcjfhogekonhdei [2020-04-24]
CHR Extension: (Google Mail) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\leola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8854920 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-11-17] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Encrypto.Service; C:\Program Files\Encrypto\Encrypto.Service.exe [83160 2018-05-24] (MacPaw INC -> MacPaw Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2020-12-18] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-10-01] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-22] (Malwarebytes Inc -> Malwarebytes)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [71936 2020-08-25] (Robert McNeel & Associates (TLM, Inc.) -> Robert McNeel & Associates) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [Datei ist nicht signiert]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2533952 2021-02-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3479624 2021-02-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2020-12-11] (Even Balance, Inc. -> )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2747312 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4583240 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264144 2021-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2021-01-20] (SteelSeries ApS -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 edgeupdate; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc [X]
S4 edgeupdatem; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc [X]
S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_feed726c6560f7a7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_feed726c6560f7a7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [Datei ist nicht signiert]
R1 dokan1; C:\Windows\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-04-25] (Martin Malik - REALiX -> REALiX(tm))
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-20] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220600 2021-02-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-01-22] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-02-13] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl4f37d79a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A7255CB0-30D5-41AD-BC5F-A5D053A91016}\MpKslDrv.sys [47344 2021-02-14] (Microsoft Windows -> Microsoft Corporation)
U0 Spybot3ELAM; C:\Windows\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Windows (R) Win 7 DDK provider)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [57440 2020-11-02] (SteelSeries ApS -> SteelSeries ApS)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2020-12-02] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 VBAudioVMVAIOMME; C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-11-26] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [118200 2019-06-21] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2020-12-02] (WireGuard LLC -> WireGuard LLC)
S3 VBAudioVMAUXVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmauxvaio64_win10.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-14 21:11 - 2021-02-14 21:35 - 000039002 _____ C:\Users\leola\Downloads\FRST.txt
2021-02-14 21:11 - 2021-02-14 21:35 - 000039002 _____ C:\Users\leola\Downloads\FRST.txt
2021-02-14 21:11 - 2021-02-14 21:11 - 000000000 ____D C:\Users\leola\Downloads\FRST-OlderVersion
2021-02-14 21:11 - 2021-02-14 21:11 - 000000000 ____D C:\Users\leola\Downloads\FRST-OlderVersion
2021-02-14 19:08 - 2021-02-14 19:08 - 000000000 ____D C:\Users\leola\AppData\Local\Safer-Networking Ltd
2021-02-14 19:08 - 2021-02-14 19:08 - 000000000 ____D C:\Users\leola\AppData\Local\Safer-Networking Ltd
2021-02-14 19:07 - 2021-02-14 19:32 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-02-14 19:07 - 2021-02-14 19:32 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-02-14 19:07 - 2021-02-14 19:08 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-14 19:07 - 2021-02-14 19:07 - 000001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2021-02-14 19:07 - 2021-02-14 19:07 - 000001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2021-02-14 19:07 - 2021-02-14 19:07 - 000001448 _____ C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2021-02-14 19:07 - 2021-02-14 19:07 - 000001448 _____ C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2021-02-14 19:07 - 2021-02-14 19:07 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2021-02-14 19:07 - 2021-02-14 19:07 - 000000000 ____D C:\Safer-Networking Ltd
2021-02-14 19:07 - 2021-02-14 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2021-02-14 19:07 - 2021-02-14 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2021-02-14 19:07 - 2019-06-21 08:34 - 000019904 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Spybot3ELAM.sys
2021-02-14 19:07 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2021-02-14 19:06 - 2021-02-14 19:06 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\leola\Downloads\spybotsd-2.8.68.0.exe
2021-02-14 19:06 - 2021-02-14 19:06 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\leola\Downloads\spybotsd-2.8.68.0.exe
2021-02-14 18:03 - 2021-02-14 21:35 - 000000000 ____D C:\FRST
2021-02-14 18:02 - 2021-02-14 21:11 - 002297856 _____ (Farbar) C:\Users\leola\Downloads\FRST64.exe
2021-02-14 18:02 - 2021-02-14 21:11 - 002297856 _____ (Farbar) C:\Users\leola\Downloads\FRST64.exe
2021-02-14 16:41 - 2021-02-14 16:41 - 000220600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-02-14 16:31 - 2021-02-14 16:31 - 000002476 _____ C:\Users\leola\Desktop\Rkill.txt
2021-02-14 16:31 - 2021-02-14 16:31 - 000002476 _____ C:\Users\leola\Desktop\Rkill.txt
2021-02-14 16:30 - 2021-02-14 16:40 - 000000000 ____D C:\AdwCleaner
2021-02-14 16:30 - 2021-02-14 16:30 - 008457584 _____ (Malwarebytes) C:\Users\leola\Downloads\adwcleaner_8.0.9.1.exe
2021-02-14 16:30 - 2021-02-14 16:30 - 008457584 _____ (Malwarebytes) C:\Users\leola\Downloads\adwcleaner_8.0.9.1.exe
2021-02-14 16:29 - 2021-02-14 16:29 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\leola\Downloads\rkill.exe
2021-02-14 16:29 - 2021-02-14 16:29 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\leola\Downloads\rkill.exe
2021-02-13 20:22 - 2021-02-13 20:22 - 000000000 ____D C:\Users\leola\Documents\DuckGame
2021-02-13 20:22 - 2021-02-13 20:22 - 000000000 ____D C:\Users\leola\Documents\DuckGame
2021-02-13 20:22 - 2021-02-13 20:22 - 000000000 ____D C:\Users\leola\AppData\Roaming\DuckGame
2021-02-13 20:22 - 2021-02-13 20:22 - 000000000 ____D C:\Users\leola\AppData\Roaming\DuckGame
2021-02-13 14:34 - 2021-02-13 14:34 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-02-13 14:34 - 2021-02-13 14:34 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-02-13 14:34 - 2021-02-13 14:34 - 000001076 _____ C:\ProgramData\Desktop\Audacity.lnk
2021-02-13 14:34 - 2021-02-13 14:34 - 000001076 _____ C:\ProgramData\Desktop\Audacity.lnk
2021-02-13 14:33 - 2021-02-13 14:34 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-02-13 14:32 - 2021-02-13 14:32 - 028141904 _____ (Audacity Team ) C:\Users\leola\Downloads\audacity-win-2.4.2.exe
2021-02-13 14:32 - 2021-02-13 14:32 - 028141904 _____ (Audacity Team ) C:\Users\leola\Downloads\audacity-win-2.4.2.exe
2021-02-13 14:25 - 2021-02-13 14:25 - 000001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2020.lnk
2021-02-13 14:25 - 2021-02-13 14:25 - 000001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2020.lnk
2021-02-12 23:49 - 2021-02-12 23:49 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-02-12 23:49 - 2021-02-12 23:49 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-02-12 23:49 - 2021-02-12 23:49 - 000232752 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2021-02-12 23:49 - 2021-02-12 23:49 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2021-02-12 21:04 - 2021-02-12 21:04 - 000420088 _____ C:\Users\leola\Downloads\Thema_1_Länder.pdf
2021-02-12 21:04 - 2021-02-12 21:04 - 000420088 _____ C:\Users\leola\Downloads\Thema_1_Länder.pdf
2021-02-12 16:33 - 2021-02-12 16:33 - 000000000 ____D C:\Users\leola\Desktop\tidal-rpc-win
2021-02-12 16:33 - 2021-02-12 16:33 - 000000000 ____D C:\Users\leola\Desktop\tidal-rpc-win
2021-02-12 16:32 - 2021-02-12 16:32 - 023630712 _____ C:\Users\leola\Desktop\tidal-rpc-win.zip
2021-02-12 16:32 - 2021-02-12 16:32 - 023630712 _____ C:\Users\leola\Desktop\tidal-rpc-win.zip
2021-02-10 22:35 - 2021-02-10 22:35 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-02-10 11:14 - 2021-02-10 11:14 - 000000000 ____D C:\Users\leola\AppData\Roaming\WalletWasabi
2021-02-10 11:14 - 2021-02-10 11:14 - 000000000 ____D C:\Users\leola\AppData\Roaming\WalletWasabi
2021-02-10 11:11 - 2021-02-14 11:27 - 000000000 ____D C:\Users\leola\AppData\Roaming\Exodus
2021-02-10 11:11 - 2021-02-14 11:27 - 000000000 ____D C:\Users\leola\AppData\Roaming\Exodus
2021-02-10 11:11 - 2021-02-14 11:26 - 000002223 _____ C:\Users\leola\Desktop\Exodus.lnk
2021-02-10 11:11 - 2021-02-14 11:26 - 000002223 _____ C:\Users\leola\Desktop\Exodus.lnk
2021-02-10 11:11 - 2021-02-14 11:26 - 000000000 ____D C:\Users\leola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2021-02-10 11:11 - 2021-02-14 11:26 - 000000000 ____D C:\Users\leola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2021-02-10 11:11 - 2021-02-14 11:26 - 000000000 ____D C:\Users\leola\AppData\Local\exodus
2021-02-10 11:11 - 2021-02-14 11:26 - 000000000 ____D C:\Users\leola\AppData\Local\exodus
2021-02-10 11:11 - 2021-02-10 11:11 - 087707648 _____ C:\Users\leola\Downloads\Wasabi-1.1.12.3.msi
2021-02-10 11:11 - 2021-02-10 11:11 - 087707648 _____ C:\Users\leola\Downloads\Wasabi-1.1.12.3.msi
2021-02-10 11:10 - 2021-02-10 11:10 - 118119224 _____ (Exodus Movement Inc) C:\Users\leola\Downloads\exodus-windows-x64-21.1.29.exe
2021-02-10 11:10 - 2021-02-10 11:10 - 118119224 _____ (Exodus Movement Inc) C:\Users\leola\Downloads\exodus-windows-x64-21.1.29.exe
2021-02-10 10:32 - 2021-02-10 10:46 - 000000000 ____D C:\Users\leola\AppData\Roaming\Electrum
2021-02-10 10:32 - 2021-02-10 10:46 - 000000000 ____D C:\Users\leola\AppData\Roaming\Electrum
2021-02-10 10:31 - 2021-02-10 10:31 - 028459936 _____ (Electrum) C:\Users\leola\Downloads\electrum-4.0.9-setup.exe
2021-02-10 10:31 - 2021-02-10 10:31 - 028459936 _____ (Electrum) C:\Users\leola\Downloads\electrum-4.0.9-setup.exe
2021-02-09 20:57 - 2021-02-14 01:06 - 000000000 ____D C:\Users\leola\AppData\Roaming\TIDAL
2021-02-09 20:57 - 2021-02-14 01:06 - 000000000 ____D C:\Users\leola\AppData\Roaming\TIDAL
2021-02-09 20:57 - 2021-02-11 14:55 - 000000000 ____D C:\Users\leola\AppData\Local\TIDAL
2021-02-09 20:57 - 2021-02-11 14:55 - 000000000 ____D C:\Users\leola\AppData\Local\TIDAL
2021-02-09 20:57 - 2021-02-09 20:57 - 100183056 _____ (TIDAL Music AS) C:\Users\leola\Downloads\TIDALSetup.exe
2021-02-09 20:57 - 2021-02-09 20:57 - 100183056 _____ (TIDAL Music AS) C:\Users\leola\Downloads\TIDALSetup.exe
2021-02-09 20:57 - 2021-02-09 20:57 - 000002199 _____ C:\Users\leola\Desktop\TIDAL.lnk
2021-02-09 20:57 - 2021-02-09 20:57 - 000002199 _____ C:\Users\leola\Desktop\TIDAL.lnk
2021-02-09 20:57 - 2021-02-09 20:57 - 000000000 ____D C:\Users\leola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TIDAL Music AS
2021-02-09 20:57 - 2021-02-09 20:57 - 000000000 ____D C:\Users\leola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TIDAL Music AS
2021-02-09 17:37 - 2021-02-09 17:37 - 031677852 _____ C:\Users\leola\Downloads\ES_Sweep (Instrumental Version) - Naiad.zip
2021-02-09 17:37 - 2021-02-09 17:37 - 031677852 _____ C:\Users\leola\Downloads\ES_Sweep (Instrumental Version) - Naiad.zip
2021-02-09 16:42 - 2021-02-09 16:42 - 000000000 ____D C:\Users\leola\Documents\Audacity
2021-02-09 16:42 - 2021-02-09 16:42 - 000000000 ____D C:\Users\leola\Documents\Audacity
2021-02-09 16:18 - 2021-02-14 16:44 - 000001152 __RSH C:\ProgramData\ntuser.pol
2021-02-09 16:18 - 2021-02-14 16:44 - 000001152 __RSH C:\ProgramData\ntuser.pol
2021-02-09 16:18 - 2021-02-09 16:18 - 000004338 _____ C:\Windows\system32\Tasks\BenutzerdienstfürBitLocker-Laufwerkverschlüsselungsdienst
2021-02-09 16:09 - 2021-02-14 19:35 - 000000000 ____D C:\Users\leola\AppData\Roaming\audacity
2021-02-09 16:09 - 2021-02-14 19:35 - 000000000 ____D C:\Users\leola\AppData\Roaming\audacity
2021-02-09 16:09 - 2021-02-09 16:09 - 000000000 ____D C:\Users\leola\AppData\Local\Audacity
2021-02-09 16:09 - 2021-02-09 16:09 - 000000000 ____D C:\Users\leola\AppData\Local\Audacity
2021-02-09 16:08 - 2021-02-12 18:31 - 000000000 ____D C:\Users\leola\Desktop\ProjectionMapping
2021-02-09 16:08 - 2021-02-12 18:31 - 000000000 ____D C:\Users\leola\Desktop\ProjectionMapping
2021-02-09 16:08 - 2021-02-09 16:08 - 000004456 _____ C:\Windows\system32\Tasks\Gruppenrichtlinienclient Kernel AppX-Bereitstellungsdienst
2021-02-09 16:08 - 2021-02-09 16:08 - 000000000 ____D C:\Users\leola\AppData\Roaming\npm
2021-02-09 16:08 - 2021-02-09 16:08 - 000000000 ____D C:\Users\leola\AppData\Roaming\npm
2021-02-09 16:08 - 2021-02-09 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2021-02-09 16:08 - 2021-02-09 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2021-02-09 16:08 - 2021-02-09 16:08 - 000000000 ____D C:\Program Files (x86)\nodejs
2021-02-09 16:06 - 2021-02-09 16:06 - 031582264 _____ (Audacity Team) C:\Users\leola\Downloads\audacity2-4-2.exe
2021-02-09 16:06 - 2021-02-09 16:06 - 031582264 _____ (Audacity Team) C:\Users\leola\Downloads\audacity2-4-2.exe
2021-02-09 12:02 - 2021-02-09 12:02 - 068238478 _____ C:\Users\leola\Downloads\geth-windows-amd64-1.9.25-e7872729.exe
2021-02-09 12:02 - 2021-02-09 12:02 - 068238478 _____ C:\Users\leola\Downloads\geth-windows-amd64-1.9.25-e7872729.exe
2021-02-09 12:00 - 2021-02-14 16:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-05 22:17 - 2021-02-06 10:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-02-05 18:44 - 2021-02-05 19:30 - 000268734 _____ C:\Users\leola\Desktop\ENGLISH_EBW1_Klausur.pdf
2021-02-05 18:44 - 2021-02-05 19:30 - 000268734 _____ C:\Users\leola\Desktop\ENGLISH_EBW1_Klausur.pdf
2021-02-05 11:49 - 2021-02-05 11:49 - 065716224 _____ C:\Users\leola\Downloads\Karamba3D_1_3_3_RH6_201012(1).msi
2021-02-05 11:49 - 2021-02-05 11:49 - 065716224 _____ C:\Users\leola\Downloads\Karamba3D_1_3_3_RH6_201012(1).msi
2021-02-04 21:40 - 2021-02-04 21:40 - 006049313 _____ C:\Users\leola\Downloads\wallpapers.zip
2021-02-04 21:40 - 2021-02-04 21:40 - 006049313 _____ C:\Users\leola\Downloads\wallpapers.zip
2021-02-04 15:06 - 2021-02-04 15:06 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2021-02-04 15:06 - 2021-02-04 15:06 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2021-02-04 15:04 - 2021-02-14 21:32 - 000000000 ____D C:\Users\leola\AppData\Local\Battle.net
2021-02-04 15:04 - 2021-02-14 21:32 - 000000000 ____D C:\Users\leola\AppData\Local\Battle.net
2021-02-04 15:04 - 2021-02-12 10:11 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-02-04 15:04 - 2021-02-04 15:06 - 000000000 ____D C:\Users\leola\AppData\Roaming\Battle.net
2021-02-04 15:04 - 2021-02-04 15:06 - 000000000 ____D C:\Users\leola\AppData\Roaming\Battle.net
2021-02-04 15:04 - 2021-02-04 15:04 - 000000950 _____ C:\ProgramData\Desktop\Battle.net.lnk
2021-02-04 15:04 - 2021-02-04 15:04 - 000000950 _____ C:\ProgramData\Desktop\Battle.net.lnk
2021-02-04 15:04 - 2021-02-04 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-02-04 15:04 - 2021-02-04 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-02-04 15:03 - 2021-02-04 15:03 - 000000000 ____D C:\Users\leola\AppData\Local\Blizzard Entertainment
2021-02-04 15:03 - 2021-02-04 15:03 - 000000000 ____D C:\Users\leola\AppData\Local\Blizzard Entertainment
2021-02-04 15:03 - 2021-02-04 15:03 - 000000000 ____D C:\ProgramData\Battle.net
2021-02-04 15:03 - 2021-02-04 15:03 - 000000000 ____D C:\ProgramData\Battle.net
2021-02-04 15:02 - 2021-02-04 15:02 - 004951024 _____ (Blizzard Entertainment) C:\Users\leola\Downloads\Battle.net-Setup.exe
2021-02-04 15:02 - 2021-02-04 15:02 - 004951024 _____ (Blizzard Entertainment) C:\Users\leola\Downloads\Battle.net-Setup.exe
2021-02-04 11:27 - 2021-02-04 11:27 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2021.lnk
2021-02-04 11:27 - 2021-02-04 11:27 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2021.lnk
2021-02-03 20:53 - 2021-02-03 20:53 - 000000000 ____D C:\Users\leola\AppData\LocalLow\Breadcrumbs
2021-02-03 20:53 - 2021-02-03 20:53 - 000000000 ____D C:\Users\leola\AppData\LocalLow\Breadcrumbs
2021-02-03 16:21 - 2021-02-03 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePassXC
2021-02-03 16:21 - 2021-02-03 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePassXC
2021-02-03 16:21 - 2021-02-03 16:21 - 000000000 ____D C:\Program Files\KeePassXC
2021-02-03 16:20 - 2021-02-03 16:20 - 045019136 _____ C:\Users\leola\Downloads\KeePassXC-2.6.4-Win64.msi
2021-02-03 16:20 - 2021-02-03 16:20 - 045019136 _____ C:\Users\leola\Downloads\KeePassXC-2.6.4-Win64.msi
2021-02-03 12:19 - 2021-02-03 13:01 - 000000000 ____D C:\Users\leola\Desktop\Simon
2021-02-03 12:19 - 2021-02-03 13:01 - 000000000 ____D C:\Users\leola\Desktop\Simon
2021-02-03 01:21 - 2021-02-03 01:23 - 000174941 _____ C:\Users\leola\Downloads\Blatt02_SchnittAA.pdf
2021-02-03 01:21 - 2021-02-03 01:23 - 000174941 _____ C:\Users\leola\Downloads\Blatt02_SchnittAA.pdf
2021-02-03 01:21 - 2021-02-03 01:23 - 000105611 _____ C:\Users\leola\Downloads\Blatt01_Grundriss.pdf
2021-02-03 01:21 - 2021-02-03 01:23 - 000105611 _____ C:\Users\leola\Downloads\Blatt01_Grundriss.pdf
2021-02-03 01:21 - 2021-02-03 01:22 - 000114782 _____ C:\Users\leola\Downloads\Blatt06_DetailSockel.pdf
2021-02-03 01:21 - 2021-02-03 01:22 - 000114782 _____ C:\Users\leola\Downloads\Blatt06_DetailSockel.pdf
2021-02-03 01:21 - 2021-02-03 01:22 - 000103534 _____ C:\Users\leola\Downloads\Blatt05_DetailTur.pdf
2021-02-03 01:21 - 2021-02-03 01:22 - 000103534 _____ C:\Users\leola\Downloads\Blatt05_DetailTur.pdf
2021-02-03 01:21 - 2021-02-03 01:22 - 000085851 _____ C:\Users\leola\Downloads\Blatt07_DetailAttika.pdf
2021-02-03 01:21 - 2021-02-03 01:22 - 000085851 _____ C:\Users\leola\Downloads\Blatt07_DetailAttika.pdf
2021-02-03 00:03 - 2021-02-13 11:12 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-02-03 00:03 - 2021-02-13 11:12 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-02-03 00:03 - 2021-02-13 11:12 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-02-03 00:03 - 2021-02-13 11:12 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-02-03 00:03 - 2021-02-03 00:03 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-02-03 00:03 - 2021-02-03 00:03 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-02-02 23:05 - 2021-02-02 23:05 - 000025247 _____ C:\Users\leola\Downloads\Layoutvorlage_alternative Prüfungsleistung.dwg
2021-02-02 23:05 - 2021-02-02 23:05 - 000025247 _____ C:\Users\leola\Downloads\Layoutvorlage_alternative Prüfungsleistung.dwg
2021-02-02 23:01 - 2021-02-02 23:01 - 001567393 _____ C:\Users\leola\Downloads\Layoutvorlage_alternative Prüfungsleistung.pdf
2021-02-02 23:01 - 2021-02-02 23:01 - 001567393 _____ C:\Users\leola\Downloads\Layoutvorlage_alternative Prüfungsleistung.pdf
2021-01-30 00:24 - 2021-01-30 00:24 - 000009439 _____ C:\Users\leola\Documents\Coinbase.odt
2021-01-30 00:24 - 2021-01-30 00:24 - 000009439 _____ C:\Users\leola\Documents\Coinbase.odt
2021-01-29 22:54 - 2021-01-29 22:54 - 000004591 _____ C:\Users\leola\Documents\Bitpanda_2FA_Code_2021_01_29__22_54_45.pdf
2021-01-29 22:54 - 2021-01-29 22:54 - 000004591 _____ C:\Users\leola\Documents\Bitpanda_2FA_Code_2021_01_29__22_54_45.pdf
2021-01-27 01:12 - 2021-01-27 01:12 - 000000000 ____D C:\Users\leola\AppData\Roaming\CubeParadox
2021-01-27 01:12 - 2021-01-27 01:12 - 000000000 ____D C:\Users\leola\AppData\Roaming\CubeParadox
2021-01-26 23:29 - 2021-01-26 23:29 - 000000000 ____D C:\Users\leola\Documents\Rusty Lake
2021-01-26 23:29 - 2021-01-26 23:29 - 000000000 ____D C:\Users\leola\Documents\Rusty Lake
2021-01-26 23:29 - 2021-01-26 23:29 - 000000000 ____D C:\Users\leola\AppData\Roaming\Macromedia
2021-01-26 23:29 - 2021-01-26 23:29 - 000000000 ____D C:\Users\leola\AppData\Roaming\Macromedia
2021-01-25 00:19 - 2021-01-25 09:30 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software
2021-01-25 00:19 - 2021-01-25 00:19 - 001187040 _____ (NCH Software) C:\Users\leola\Downloads\vxlsetup.exe
2021-01-25 00:19 - 2021-01-25 00:19 - 001187040 _____ (NCH Software) C:\Users\leola\Downloads\vxlsetup.exe
2021-01-25 00:19 - 2021-01-25 00:19 - 000055976 _____ C:\Windows\system32\Drivers\voxaldriverx64.sys
2021-01-25 00:19 - 2021-01-25 00:19 - 000000000 ____D C:\Users\leola\AppData\Roaming\NCH Software
2021-01-25 00:19 - 2021-01-25 00:19 - 000000000 ____D C:\Users\leola\AppData\Roaming\NCH Software
2021-01-22 21:09 - 2021-02-13 10:57 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-01-22 21:09 - 2021-01-22 21:09 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-01-22 21:09 - 2021-01-22 21:09 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-01-22 21:09 - 2021-01-22 21:09 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-22 21:09 - 2021-01-22 21:09 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-22 21:09 - 2021-01-22 21:09 - 000000000 ____D C:\Users\leola\AppData\Local\mbam
2021-01-22 21:09 - 2021-01-22 21:09 - 000000000 ____D C:\Users\leola\AppData\Local\mbam
2021-01-22 21:09 - 2021-01-22 21:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-22 21:09 - 2021-01-22 21:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-22 21:07 - 2021-01-22 21:07 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-22 21:05 - 2021-01-22 21:05 - 002086424 _____ (Malwarebytes) C:\Users\leola\Downloads\MBSetup.exe
2021-01-22 21:05 - 2021-01-22 21:05 - 002086424 _____ (Malwarebytes) C:\Users\leola\Downloads\MBSetup.exe
2021-01-22 10:58 - 2021-01-22 10:58 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2021-01-22 10:58 - 2021-01-22 10:58 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2021-01-22 10:58 - 2021-01-22 10:58 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2021-01-22 10:58 - 2021-01-22 10:58 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2021-01-21 15:44 - 2021-01-21 15:44 - 021997239 _____ C:\Users\leola\Downloads\ngon243.zip
2021-01-21 15:44 - 2021-01-21 15:44 - 021997239 _____ C:\Users\leola\Downloads\ngon243.zip
2021-01-21 15:41 - 2021-01-21 15:41 - 000070880 _____ C:\Users\leola\Downloads\chamferPolyline.ghx
2021-01-21 15:41 - 2021-01-21 15:41 - 000070880 _____ C:\Users\leola\Downloads\chamferPolyline.ghx
2021-01-21 15:01 - 2021-01-21 15:01 - 000923289 _____ C:\Users\leola\Downloads\mv2103.zip
2021-01-21 15:01 - 2021-01-21 15:01 - 000923289 _____ C:\Users\leola\Downloads\mv2103.zip
2021-01-21 14:57 - 2021-01-21 14:57 - 000371810 _____ C:\Users\leola\Downloads\kangaroo242.zip
2021-01-21 14:57 - 2021-01-21 14:57 - 000371810 _____ C:\Users\leola\Downloads\kangaroo242.zip
2021-01-21 14:41 - 2021-01-21 14:41 - 065716224 _____ C:\Users\leola\Downloads\Karamba3D_1_3_3_RH6_201012.msi
2021-01-21 14:41 - 2021-01-21 14:41 - 065716224 _____ C:\Users\leola\Downloads\Karamba3D_1_3_3_RH6_201012.msi
2021-01-20 22:08 - 2021-01-20 22:08 - 000000000 ____D C:\Users\leola\AppData\Roaming\Skype
2021-01-20 22:08 - 2021-01-20 22:08 - 000000000 ____D C:\Users\leola\AppData\Roaming\Skype
2021-01-20 22:08 - 2021-01-20 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-01-20 22:08 - 2021-01-20 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-01-20 22:07 - 2021-01-20 22:07 - 074513664 _____ (Skype Technologies S.A.) C:\Users\leola\Downloads\Skype-8.67.0.99.exe
2021-01-20 22:07 - 2021-01-20 22:07 - 074513664 _____ (Skype Technologies S.A.) C:\Users\leola\Downloads\Skype-8.67.0.99.exe
2021-01-18 22:41 - 2021-01-18 22:43 - 000000000 ____D C:\Users\leola\Documents\STAR WARS Battlefront II
2021-01-18 22:41 - 2021-01-18 22:43 - 000000000 ____D C:\Users\leola\Documents\STAR WARS Battlefront II
2021-01-18 22:41 - 2021-01-18 22:41 - 000000000 ____D C:\Users\leola\AppData\Local\STAR WARS Battlefront II
2021-01-18 22:41 - 2021-01-18 22:41 - 000000000 ____D C:\Users\leola\AppData\Local\STAR WARS Battlefront II
2021-01-18 22:41 - 2021-01-18 22:41 - 000000000 ____D C:\Users\leola\ansel
2021-01-18 22:41 - 2021-01-18 22:41 - 000000000 ____D C:\Users\leola\ansel
2021-01-18 20:41 - 2021-01-18 20:41 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2021-01-18 13:59 - 2021-01-18 13:59 - 001817770 _____ C:\Users\leola\Downloads\St+(1)(1).skp
2021-01-18 13:59 - 2021-01-18 13:59 - 001817770 _____ C:\Users\leola\Downloads\St+(1)(1).skp
2021-01-18 13:58 - 2021-01-18 13:58 - 001820007 _____ C:\Users\leola\Downloads\St+(1).skp
2021-01-18 13:58 - 2021-01-18 13:58 - 001820007 _____ C:\Users\leola\Downloads\St+(1).skp
2021-01-18 13:54 - 2021-01-18 13:54 - 006026472 _____ C:\Users\leola\Downloads\ParishChurchOfSaintPeterAndPaulTheApostleOsijekCroatiaRomanCatholicChurch.kmz
2021-01-18 13:54 - 2021-01-18 13:54 - 006026472 _____ C:\Users\leola\Downloads\ParishChurchOfSaintPeterAndPaulTheApostleOsijekCroatiaRomanCatholicChurch.kmz
2021-01-18 13:35 - 2021-01-18 13:35 - 002816597 _____ C:\Users\leola\Downloads\Church_-_Hamburger_Michel_-_St._Michaelis.zip
2021-01-18 13:35 - 2021-01-18 13:35 - 002816597 _____ C:\Users\leola\Downloads\Church_-_Hamburger_Michel_-_St._Michaelis.zip
2021-01-17 22:16 - 2021-01-17 22:16 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2020.lnk
2021-01-17 22:16 - 2021-01-17 22:16 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2020.lnk
2021-01-17 22:13 - 2021-01-17 22:13 - 000001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2021-01-17 22:13 - 2021-01-17 22:13 - 000001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2021-01-17 22:10 - 2021-01-17 22:10 - 000000986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2021.lnk
2021-01-17 22:10 - 2021-01-17 22:10 - 000000986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2021.lnk
2021-01-17 22:09 - 2021-01-17 22:09 - 000001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk
2021-01-17 22:09 - 2021-01-17 22:09 - 000001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000002353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-01-17 22:06 - 2021-01-17 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-17 22:06 - 2021-01-17 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-17 22:05 - 2021-01-17 22:05 - 000001024 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-01-17 22:05 - 2021-01-17 22:05 - 000001024 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-14 21:35 - 2020-04-24 21:35 - 000000000 ____D C:\Users\leola\AppData\Roaming\discord
2021-02-14 21:35 - 2020-04-24 21:35 - 000000000 ____D C:\Users\leola\AppData\Roaming\discord
2021-02-14 21:23 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-14 21:23 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-14 21:06 - 2020-11-09 17:32 - 000000000 ___RD C:\Users\leola\Google Drive
2021-02-14 21:06 - 2020-11-09 17:32 - 000000000 ___RD C:\Users\leola\Google Drive
2021-02-14 20:19 - 2020-04-25 12:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-02-14 18:57 - 2020-04-24 21:48 - 000000000 ____D C:\Users\leola\AppData\LocalLow\Mozilla
2021-02-14 18:57 - 2020-04-24 21:48 - 000000000 ____D C:\Users\leola\AppData\LocalLow\Mozilla
2021-02-14 16:52 - 2020-11-12 20:17 - 000000000 ____D C:\Windows\system32\appmgmt
2021-02-14 16:47 - 2020-04-24 21:24 - 001724292 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-14 16:47 - 2019-03-19 13:16 - 000744126 _____ C:\Windows\system32\perfh007.dat
2021-02-14 16:47 - 2019-03-19 13:16 - 000150450 _____ C:\Windows\system32\perfc007.dat
2021-02-14 16:47 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2021-02-14 16:41 - 2020-04-25 12:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-14 16:41 - 2020-04-24 21:25 - 000000000 ___RD C:\Users\leola\OneDrive
2021-02-14 16:41 - 2020-04-24 21:25 - 000000000 ___RD C:\Users\leola\OneDrive
2021-02-14 16:40 - 2020-04-25 10:39 - 000000000 ____D C:\ProgramData\IObit
2021-02-14 16:40 - 2020-04-25 10:39 - 000000000 ____D C:\ProgramData\IObit
2021-02-14 13:38 - 2020-10-27 14:57 - 000000000 ____D C:\Users\leola\AppData\Roaming\Notion
2021-02-14 13:38 - 2020-10-27 14:57 - 000000000 ____D C:\Users\leola\AppData\Roaming\Notion
2021-02-14 11:25 - 2020-04-24 22:24 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-14 01:06 - 2020-11-09 17:22 - 000000000 ____D C:\Users\leola\AppData\Local\KeePassXC
2021-02-14 01:06 - 2020-11-09 17:22 - 000000000 ____D C:\Users\leola\AppData\Local\KeePassXC
2021-02-13 21:47 - 2020-05-07 21:36 - 000000000 ____D C:\Users\leola\Prismatik
2021-02-13 21:47 - 2020-05-07 21:36 - 000000000 ____D C:\Users\leola\Prismatik
2021-02-13 20:22 - 2020-04-24 22:12 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-13 20:22 - 2020-04-24 22:12 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-13 17:01 - 2020-05-09 16:13 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-13 16:39 - 2020-11-12 14:17 - 000000000 ____D C:\Users\leola\AppData\Roaming\Grasshopper
2021-02-13 16:39 - 2020-11-12 14:17 - 000000000 ____D C:\Users\leola\AppData\Roaming\Grasshopper
2021-02-13 14:25 - 2020-04-24 22:12 - 000000000 ____D C:\Program Files\Adobe
2021-02-13 14:25 - 2020-04-24 21:24 - 000000000 ____D C:\Users\leola\AppData\Roaming\Adobe
2021-02-13 14:25 - 2020-04-24 21:24 - 000000000 ____D C:\Users\leola\AppData\Roaming\Adobe
2021-02-13 14:24 - 2020-04-24 22:16 - 000000000 __RHD C:\Users\leola\Creative Cloud Files
2021-02-13 14:24 - 2020-04-24 22:16 - 000000000 __RHD C:\Users\leola\Creative Cloud Files
2021-02-13 11:12 - 2020-04-24 23:38 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-02-13 11:02 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2021-02-13 10:58 - 2020-04-24 21:24 - 000000000 ___RD C:\Users\leola\3D Objects
2021-02-13 10:58 - 2020-04-24 21:24 - 000000000 ___RD C:\Users\leola\3D Objects
2021-02-13 10:57 - 2020-04-25 12:12 - 000664896 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-13 01:19 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-02-13 01:19 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-02-13 01:19 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2021-02-13 01:19 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe
2021-02-13 01:19 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\es-MX
2021-02-13 01:19 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Dism
2021-02-13 01:19 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2021-02-13 01:19 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-02-13 01:19 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2021-02-13 01:19 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-13 01:19 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI
2021-02-12 23:51 - 2019-03-19 13:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2021-02-12 23:51 - 2019-03-19 13:19 - 000019469 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2021-02-12 23:51 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2021-02-12 12:00 - 2020-04-24 23:38 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-12 12:00 - 2020-04-24 23:38 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-12 10:21 - 2020-04-25 12:12 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-02-12 10:16 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-12 10:10 - 2020-04-24 21:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-11 23:01 - 2020-06-24 08:34 - 000000000 ____D C:\Users\leola\AppData\Roaming\.minecraft
2021-02-11 23:01 - 2020-06-24 08:34 - 000000000 ____D C:\Users\leola\AppData\Roaming\.minecraft
2021-02-11 22:43 - 2020-06-24 08:33 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-02-11 09:54 - 2020-04-25 23:00 - 000000000 ____D C:\Windows\system32\MRT
2021-02-11 09:52 - 2020-04-25 23:00 - 130141752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-02-10 22:43 - 2020-04-24 22:31 - 000000000 ____D C:\Program Files (x86)\Origin
2021-02-10 22:42 - 2020-04-24 22:30 - 000000000 ____D C:\ProgramData\Origin
2021-02-10 22:42 - 2020-04-24 22:30 - 000000000 ____D C:\ProgramData\Origin
2021-02-10 22:35 - 2020-11-02 21:44 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-10 22:35 - 2020-11-02 21:44 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-10 18:03 - 2020-04-25 18:38 - 000000000 ____D C:\Users\leola\AppData\Local\ElevatedDiagnostics
2021-02-10 18:03 - 2020-04-25 18:38 - 000000000 ____D C:\Users\leola\AppData\Local\ElevatedDiagnostics
2021-02-10 11:11 - 2020-04-24 21:35 - 000000000 ____D C:\Users\leola\AppData\Local\SquirrelTemp
2021-02-10 11:11 - 2020-04-24 21:35 - 000000000 ____D C:\Users\leola\AppData\Local\SquirrelTemp
2021-02-10 10:46 - 2020-04-29 10:44 - 000000000 ____D C:\Users\leola\AppData\Local\CrashDumps
2021-02-10 10:46 - 2020-04-29 10:44 - 000000000 ____D C:\Users\leola\AppData\Local\CrashDumps
2021-02-09 17:59 - 2020-04-24 21:27 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-09 16:18 - 2020-11-09 17:28 - 000003618 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-09 16:18 - 2020-11-09 17:28 - 000003394 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-09 16:18 - 2020-06-26 09:33 - 000003688 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-09 16:18 - 2020-06-26 09:33 - 000003464 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-09 16:18 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-02-09 16:18 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2021-02-09 16:09 - 2020-04-24 21:48 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-09 16:09 - 2020-04-24 21:48 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-09 14:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\LiveKernelReports
2021-02-06 10:44 - 2020-04-24 21:48 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-02-06 10:44 - 2020-04-24 21:48 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-02-06 01:19 - 2020-04-24 21:22 - 000000000 ____D C:\Users\leola
2021-02-05 21:37 - 2020-06-26 09:34 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-05 21:37 - 2020-06-26 09:34 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-04 17:02 - 2020-04-24 22:30 - 000000000 ____D C:\Users\leola\AppData\Roaming\Origin
2021-02-04 17:02 - 2020-04-24 22:30 - 000000000 ____D C:\Users\leola\AppData\Roaming\Origin
2021-02-04 15:25 - 2020-12-11 19:17 - 000226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2021-02-04 15:21 - 2020-04-24 22:33 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-02-04 15:21 - 2020-04-24 22:30 - 000000000 ____D C:\Users\leola\AppData\Local\Origin
2021-02-04 15:21 - 2020-04-24 22:30 - 000000000 ____D C:\Users\leola\AppData\Local\Origin
2021-02-04 11:27 - 2020-04-24 22:12 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-02-03 01:38 - 2020-04-24 22:59 - 000000000 ____D C:\Users\leola\AppData\Local\GRAPHISOFT
2021-02-03 01:38 - 2020-04-24 22:59 - 000000000 ____D C:\Users\leola\AppData\Local\GRAPHISOFT
2021-02-03 01:38 - 2020-04-24 22:32 - 000000000 ____D C:\Users\leola\GRAPHISOFT
2021-02-03 01:38 - 2020-04-24 22:32 - 000000000 ____D C:\Users\leola\GRAPHISOFT
2021-02-03 00:08 - 2020-04-24 21:24 - 000000000 ____D C:\Users\leola\AppData\Local\Packages
2021-02-03 00:08 - 2020-04-24 21:24 - 000000000 ____D C:\Users\leola\AppData\Local\Packages
2021-02-03 00:08 - 2020-04-24 21:23 - 000000000 ____D C:\ProgramData\Packages
2021-02-03 00:08 - 2020-04-24 21:23 - 000000000 ____D C:\ProgramData\Packages
2021-02-03 00:02 - 2020-04-24 22:12 - 000000000 ____D C:\ProgramData\Adobe
2021-02-03 00:02 - 2020-04-24 22:12 - 000000000 ____D C:\ProgramData\Adobe
2021-02-03 00:02 - 2020-04-24 22:12 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-02-02 22:24 - 2020-04-24 21:25 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-490006789-2306570936-2833241694-1001
2021-02-02 22:24 - 2020-04-24 21:22 - 000002379 _____ C:\Users\leola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-02 22:24 - 2020-04-24 21:22 - 000002379 _____ C:\Users\leola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-28 19:08 - 2020-12-11 19:17 - 000226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2021-01-27 21:21 - 2020-07-05 19:57 - 000000000 ____D C:\Users\leola\Documents\My Games
2021-01-27 21:21 - 2020-07-05 19:57 - 000000000 ____D C:\Users\leola\Documents\My Games
2021-01-25 00:21 - 2020-09-15 11:45 - 000000000 ____D C:\ProgramData\Sophos
2021-01-25 00:21 - 2020-09-15 11:45 - 000000000 ____D C:\ProgramData\Sophos
2021-01-22 21:18 - 2020-04-24 22:31 - 000000000 ____D C:\ProgramData\CodeMeter
2021-01-22 21:18 - 2020-04-24 22:31 - 000000000 ____D C:\ProgramData\CodeMeter
2021-01-22 21:09 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-01-22 21:06 - 2020-04-24 23:57 - 000799104 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-01-22 10:59 - 2020-11-09 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-01-22 10:59 - 2020-11-09 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-01-18 22:41 - 2020-04-24 22:13 - 000000000 ____D C:\Users\leola\AppData\Local\D3DSCache
2021-01-18 22:41 - 2020-04-24 22:13 - 000000000 ____D C:\Users\leola\AppData\Local\D3DSCache
2021-01-18 16:00 - 2020-12-03 16:20 - 000000000 ____D C:\Users\leola\AppData\Roaming\obs-studio
2021-01-18 16:00 - 2020-12-03 16:20 - 000000000 ____D C:\Users\leola\AppData\Roaming\obs-studio
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-11-26 18:10 - 2020-11-26 18:21 - 000034826 _____ () C:\Users\leola\AppData\Roaming\VoiceMeeterBananaDefault.xml
2020-04-24 22:12 - 2020-04-24 22:12 - 000000410 _____ () C:\Users\leola\AppData\Local\oobelibMkey.log
2020-08-09 16:12 - 2020-08-09 16:12 - 000007605 _____ () C:\Users\leola\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Für jegliche Hilfe wäre ich sehr dankbar. Liebe Grüße, Leo |
| Themen zu Windows 10: Browser-Hijacker nach Download von audacity.de |
| .dll, administrator, adobe, adware, computer, defender, downloader, firefox, frage, google, hijack, homepage, internet, malware, mozilla, netzwerk, nvidia, photoshop, port, prozesse, registry, rundll, scan, software, system, usb, windows |
Baum-Darstellung