Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Vram 85-99%+ ausgelastet. Mining Bot?

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

 
Alt 01.12.2021, 11:11   #1
Wovan
 
Vram 85-99%+ ausgelastet. Mining Bot? - Standard

Problem: Vram 85-99%+ ausgelastet. Mining Bot?



Guten Morgen Leute,

seit ein paar Tagen plagt mich, schätze ich, ein Trojaner.
Angefangen hat es mit ständigen Internet problemen (z.B. Zoom -> Internet Instabil (WG und Elternhaus lief vorher stabil)) oder abbrüche.

Nun ist mir aufgefallen dass mein Vram immer bei 85-99%+ (AMD Software) auslastung hat. Programme die GPU verwenden haben im Taskmanager erhöhte werte sowie "Stromverbrauch" ist auf Mittel und Hoch. Vorher war alles auf Niedrig/Sehr Niedrig. Lüfter geht dreht hoch und wieder runter wenn keine anderen Programme laufen, wenn man jedoch den Browser o.ä. startet dann legt der püsterich los.

Mein System:
  • Lenovo Flex 5
  • Ryzen 7 4700U
  • 16 GB Ram
  • Windows 11 64-Bit


Bis jetzt probiert:
  • Avira: Keine Funde
  • Malewarebytes: 2-3 Funde, jedoch keine besserung
  • FRST: logs folgen
  • Roguekiller: 3 Funde, keine besserung.
  • ESET: logs folgen
  • EMSISoft: keine Funde
  • Spybot: keine Funde

Schon mal vielen Dank euch!
Wovan

FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
durchgeführt von wowts (Administrator) auf WOWTSCHIK (LENOVO 81X2) (01-12-2021 10:43:35)
Gestartet von C:\Users\wowts\AppData\Local\Temp\scoped_dir17072_825760356
Geladene Profile: wowts
Plattform: Microsoft Windows 11 Home Version 21H2 22000.348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\atiesrxx.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\YMC.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.SmartAppearance_1.1.10.0_neutral__5grkq8ppsgwt4\CameraConfiguration\CameraConfiguration.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.34\msedgewebview2.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_10.2103.6.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe
(Opera Software AS -> Opera Software) C:\Users\wowts\AppData\Local\Programs\Opera\81.0.4196.60\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\wowts\AppData\Local\Programs\Opera\opera.exe <27>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(UFRO INCORPORATION -> Ufro) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_043e8a72e05dd9f4\ColorWatcher.exe
(Wacom Co., Ltd. -> Wacom Technology, Corp.) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_043e8a72e05dd9f4\WTabletServiceISD.exe <2>
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\wowts\AppData\Roaming\Zoom\bin\CptHost.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\wowts\AppData\Roaming\Zoom\bin\Zoom.exe <2>

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1141552 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2015-01-29] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\wowts\AppData\Local\Microsoft\Teams\Update.exe [2459280 2021-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Amazon Music Helper] => C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music Helper.exe [2356312 2021-09-17] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Amazon Music] => C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music.exe [21370456 2021-09-17] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIREE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Discord] => C:\Users\wowts\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [2739008 2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Opera Browser Assistant] => C:\Users\wowts\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [] => [X]
HKLM\...\Print\Monitors\EPSON XP-342 343 345 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBREE.DLL [182784 2015-12-09] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\95.1.13052.72\Installer\chrmstp.exe [2021-11-25] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-10-16]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xxx.exe.lnk [2021-04-15]
ShortcutTarget: xxx.exe.lnk -> C:\Windows\System32\net.exe (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03F07486-C0CB-4C90-B85F-FA414BE53CBC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {06F0F01B-6273-4087-B329-6BE218DCF0B5} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
Task: {18F8950B-F4E0-4B2C-8E8B-31195C06F079} - System32\Tasks\Opera scheduled Autoupdate 1608812151 => C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe [1753808 2021-11-23] (Opera Software AS -> Opera Software)
Task: {1FB52FAD-EEC7-497B-BC46-B24D5D63EA54} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Keine Datei)
Task: {21C9A622-AA70-45B5-9D75-74079446771E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-23] (Google LLC -> Google LLC)
Task: {239A1A46-AF4F-47B2-B042-A8AE5FFAE370} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {246D2A2F-6508-4B14-A7A7-8D5134D6E57B} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4190800 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {29219B9B-C059-4ADF-8E70-904A40083A61} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {2D38D28F-50D2-4FEC-A450-A7225056836B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-10] (Avast Software s.r.o. -> Avast Software)
Task: {323C8F6D-6FDB-4A0F-AD29-9EDBE8A115CE} - System32\Tasks\CCleanerSkipUAC - wowts => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {34BB7D71-EA5D-41D4-86EB-5EB752DA7AA4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C899A3B-5DDD-43CE-97BB-14764136F913} - System32\Tasks\Lenovo\Lenovo MigrationAssistant start event task => C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe [291216 2020-11-11] (Lenovo -> )
Task: {4125DEFD-A8F3-4412-AEB6-24F6A0795C87} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {4970B72F-FA6C-489E-B9DF-F13B7293EABE} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Auffrischen der Anti-Beacon-Immunisierung => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe [8790696 2019-12-18] (Safer-Networking Ltd. -> )
Task: {541ED3B8-4DC0-4F59-8F71-C9BCA3A4FE33} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [81920 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {54F176B0-3B92-443E-B25A-76182A28D4FB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {587253DE-D92C-4730-98F8-5E1C36EDFC2E} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {5C20F4C5-D57B-42A3-9E9B-071DC8196ECA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6189624 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {5E68E165-9DAA-41E0-8272-F19324B00ABF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {62A3D3AF-3C2C-41B5-A666-FF1CA33D2E1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-23] (Google LLC -> Google LLC)
Task: {6B35CDD0-F331-4A2F-889E-B81A0D79BA9C} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2515248 2021-11-13] (Piriform Software Ltd -> Piriform Software)
Task: {6E959406-A2C1-4C1D-A2A9-CE47F618BCB4} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {71DD2352-C63D-4F74-BB81-1972F958EBC3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {75CFED51-D11E-4674-8330-FDD1898DC283} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {79CEF269-205F-4630-9CBD-89A3634C826C} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2515248 2021-11-13] (Piriform Software Ltd -> Piriform Software)
Task: {820D4038-BB8D-4390-8189-0692B530D1CF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [7177168 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {8D31A86D-8A11-4007-9511-4FD92A416C72} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (Keine Datei)
Task: {90FE37F6-C391-4BF9-96C8-D047B8A3EB56} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {9188FD63-9FAB-4B0D-8C5E-DC2AD8FABBE5} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-04-21] () [Datei ist nicht signiert]
Task: {9361E511-201D-4D05-A00E-D56DA024A0F2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1600416 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E115AB0-D9D7-460D-B159-B62EE6C74BE2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0691F33-8890-4099-9EC4-7A389F9E6AF7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (Keine Datei)
Task: {A4541692-1577-42A9-806A-0DA395A34FEB} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
Task: {A7576BFE-7C5B-41C5-A995-B5B8089F1D8F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e214837f-a20e-4fe7-bd34-8d7fd397109d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {A8F668CC-AF81-4E90-BE33-1791252FC85B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {AB39CFED-C536-4D25-9CD2-8804E70D243B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAA18872-1A38-4BF6-9327-9CA0D261A690} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE49D86D-FF90-4DC1-AB7D-A3B43F9E900F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\11bf35b2-7352-4c33-ac61-111e3096fc49 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {C3805D6C-E3CB-4419-B372-0FA6F79BAC81} - System32\Tasks\Opera scheduled assistant Autoupdate 1608812155 => C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe [1753808 2021-11-23] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\wowts\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {CB8D3780-C150-44B2-829A-2A890CFD0179} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1673272 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {CB8E1798-23ED-4523-8ABF-F8A54B6E2FD7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Keine Datei)
Task: {CD55368D-9846-48D6-B0DF-27F72EFC093A} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {D8608D73-0EFB-4777-8E02-F6AFFC48AAF2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a781c118-6932-4721-8109-d0629a5df60e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {D8CFC531-69CC-4D8A-9A3A-E0172235513C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f440c66d-5a05-4737-a356-38c0964976e2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {DD9424D8-84F6-403C-8DE0-9B82F99A93A5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {E04D1A24-4418-4BFB-AA3C-D54D09044835} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {E0D17D85-EB28-4D37-AB0F-85A78E8ECF9E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {EA7DCE23-1A3D-421E-9C70-6396CAF3C1AC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-778103176-1376588227-3002950867-1001 => C:\Users\wowts\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87896 2021-10-30] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {F89EBA5D-9851-4B2E-8F70-F0BB1264E868} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [237952 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {FA7820A8-7D42-416F-8F6B-E9A3C1BC4AD1} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{194b8a07-8a49-42e0-ba56-e2c84f8f5540}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{69129b5f-2abf-4956-9cb1-0da2b391e6f7}: [DhcpNameServer] 192.168.32.102
Tcpip\..\Interfaces\{6a13e067-204c-4049-b75d-0e9e01c79d60}: [DhcpNameServer] 192.168.0.38
Tcpip\..\Interfaces\{8532842c-0128-4504-a307-46ec5dcf05db}: [DhcpNameServer] 172.168.127.2

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\wowts\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-30]
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Microsoft-Editor: Rechtschreibung- und Grammatikprüfung) - C:\Users\wowts\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2021-11-03]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]

FireFox:
========
FF DefaultProfile: 3ztst3tj.default
FF ProfilePath: C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3ztst3tj.default [2020-12-21]
FF ProfilePath: C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release [2021-11-30]
FF NetworkProxy: Mozilla\Firefox\Profiles\3cjbr8d3.default-release -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\3cjbr8d3.default-release -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\3cjbr8d3.default-release -> hxxps://calendar.google.com; hxxps://app.libertex.com
FF Extension: (Dark Reader) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\addon@darkreader.org.xpi [2021-11-08]
FF Extension: (OneNote Web Clipper) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\Clipper@OneNote.com.xpi [2020-12-21]
FF Extension: (Ninja Cookie) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\debug@ninja-cookie.com.xpi [2021-11-17]
FF Extension: (uBlock Origin) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-11-26]
FF Extension: (Dark Mode) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{3f746ae8-9575-4e62-9855-aae624b11082}.xpi [2020-12-21]
FF Extension: (NoScript) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-28]
FF Extension: (ClearURLs) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2021-03-24]
FF Extension: (YouTube Playlist Download) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{753bfcdc-8bcc-4626-89f0-6d22dc209561}.xpi [2021-04-14]
FF Extension: (Google Docs Viewer) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{a734ba68-4aac-41e0-9141-9f8d00373d93}.xpi [2021-01-23]
FF Extension: (Matte Black (Red)) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2021-10-06]
FF Extension: (The universe of ancient times.) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{b6d370bd-f532-4049-9a82-f53b47f369b3}.xpi [2020-12-21]
FF Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2021-11-28]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-24]
FF ProfilePath: C:\Users\wowts\AppData\Roaming\kompozer.net\KompoZer\Profiles\l6xmpoac.default [2021-08-26]
FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-07-09]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-02-25] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-02-25] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\antibeacon.js [2021-12-01] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)

Chrome: 
=======
CHR Profile: C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default [2021-11-30]
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Präsentationen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-23]
CHR Extension: (Docs) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-23]
CHR Extension: (Google Drive) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-23]
CHR Extension: (YouTube) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-23]
CHR Extension: (Slinky Vornehm) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2021-01-23]
CHR Extension: (Avira Password Manager) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-10-14]
CHR Extension: (Adblock für Youtube™) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-10-04]
CHR Extension: (Dark Reader) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2021-10-14]
CHR Extension: (Tabellen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-23]
CHR Extension: (Google Docs Offline) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-10-14]
CHR Extension: (StudentBook) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiimjijildjkajollpjecaocbbjfobed [2021-01-23]
CHR Extension: (TiltShiftMaker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo [2021-01-23]
CHR Extension: (SnapPages) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\iedpncdncgcneohjpggphlkhjofphgkf [2021-01-23]
CHR Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2021-10-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Citavi Picker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-08-15]
CHR Extension: (Weather Underground) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2021-01-23]
CHR Extension: (Google Mail) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-23]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]

Opera: 
=======
OPR Profile: C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable [2021-12-01]
OPR Notifications: Opera Stable -> hxxps://app.libertex.com; hxxps://web.whatsapp.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-29]
OPR Extension: (I don't care about cookies) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\iambaeepkgdclnmbfdnnohkjjpdglbeo [2021-11-30]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (uBlock Origin) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2021-10-15]
OPR Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2021-11-29]
OPR Extension: (Install Chrome Extensions) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2021-01-24]
OPR Extension: (Ninja Cookie) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\naomjjbmcadiepggkdoknhklmklcobna [2021-11-17]
OPR Extension: (Avira Password Manager) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2021-02-12]
OPR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-10-04]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [272448 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [275088 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\95.1.13052.72\elevation_service.exe [1713640 2021-11-13] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
S3 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [12002208 2019-12-16] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2020-12-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-06-30] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-06-30] (GOG Sp. z o.o. -> GOG.com)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe [539128 2021-08-26] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-11-29] (Malwarebytes Inc -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475672 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
R3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-18] (ADLICE (ASCOET JULIEN) -> )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2747312 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4583240 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10163312 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 YMC; C:\WINDOWS\System32\YMC.exe [856920 2020-06-17] (Lenovo -> Lenovo Group Ltd.)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 64347b00; C:\WINDOWS\System32\Drivers\64347b00.sys [299544 2021-11-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\amdkmdag.sys [82677912 2021-04-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-02-27] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [184424 2020-07-14] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [192824 2021-10-14] (Microsoft Windows -> Microsoft Corporation)
S1 gvm; C:\WINDOWS\system32\DRIVERS\gvm.sys [393712 2021-05-03] (Google LLC -> Google LLC)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 klupd_64347b00a_arkmon_6D66C841; C:\KVRT2020_Data\Temp\6D66C841DE4E80E48D94B67F324D5423\klupd_64347b00a_arkmon.sys [276064 2021-11-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2021-02-27] (IBM Polska Sp. z o.o. -> IBM)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-29] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-30] (Malwarebytes Inc -> Malwarebytes)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74744 2021-04-21] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Windows (R) Win 7 DDK provider)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2020-05-28] (Symantec Corporation -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-12-01] (Adlice -> )
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8217168 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [90112 2021-10-14] (Microsoft Windows -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; kein ImagePath
S0 klupd_64347b00a_arkmon; System32\Drivers\klupd_64347b00a_arkmon.sys [X]
S3 klupd_64347b00a_klark; System32\Drivers\klupd_64347b00a_klark.sys [X]
S0 klupd_64347b00a_klbg; System32\Drivers\klupd_64347b00a_klbg.sys [X]
S3 klupd_64347b00a_mark; System32\Drivers\klupd_64347b00a_mark.sys [X]
U4 npcap_wifi; kein ImagePath
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-12-01 10:42 - 2021-12-01 10:43 - 027509160 _____ (Adlice Software ) C:\Users\wowts\Downloads\UCheck_setup.exe
2021-12-01 10:28 - 2021-12-01 10:40 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-12-01 10:28 - 2021-12-01 10:36 - 000000000 ____D C:\ProgramData\RogueKiller
2021-12-01 10:28 - 2021-12-01 10:28 - 000000910 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-12-01 10:28 - 2021-12-01 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-12-01 10:28 - 2021-12-01 10:28 - 000000000 ____D C:\Program Files\RogueKiller
2021-11-30 18:15 - 2021-11-30 17:10 - 000455026 _____ C:\WINDOWS\system32\Drivers\etc\hosts.original-30.11.2021
2021-11-30 18:14 - 2021-11-30 17:10 - 000455026 _____ C:\Users\wowts\Desktop\hosts.original-30.11.2021
2021-11-30 17:59 - 2021-11-30 17:59 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\wowts\Downloads\rkill.exe
2021-11-30 17:58 - 2021-11-30 17:59 - 041660008 _____ (Adlice Software ) C:\Users\wowts\Downloads\RogueKiller_setup.exe
2021-11-30 17:58 - 2021-11-30 17:58 - 008540344 _____ (Malwarebytes) C:\Users\wowts\Downloads\AdwCleaner.exe
2021-11-30 17:57 - 2021-12-01 10:43 - 000000000 ____D C:\FRST
2021-11-30 17:56 - 2021-11-30 17:56 - 002311680 _____ (Farbar) C:\Users\wowts\Downloads\FRST64.exe
2021-11-30 17:17 - 2021-11-30 17:55 - 000000000 ___HD C:\$SysReset
2021-11-29 15:10 - 2021-11-29 15:10 - 000352568 _____ C:\WINDOWS\system32\vp9fs.dll
2021-11-29 15:10 - 2021-11-29 15:10 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2021-11-29 15:10 - 2021-11-29 15:10 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-29 15:10 - 2021-11-29 15:10 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
2021-11-29 15:09 - 2021-11-29 15:09 - 000000000 ___HD C:\$WinREAgent
2021-11-29 15:04 - 2021-11-29 15:04 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2021-11-29 13:30 - 2021-11-29 13:30 - 000000000 ____D C:\ProgramData\Emsisoft
2021-11-29 13:29 - 2021-11-29 14:30 - 000000000 ____D C:\EEK
2021-11-29 13:26 - 2021-11-29 13:26 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\64347b00.sys
2021-11-29 13:26 - 2021-11-29 13:26 - 000000000 ____D C:\KVRT2020_Data
2021-11-29 13:23 - 2021-11-29 13:26 - 110789120 _____ (AO Kaspersky Lab) C:\Users\wowts\Downloads\KVRT.exe
2021-11-29 13:13 - 2021-11-29 13:13 - 000040960 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2021-11-29 13:12 - 2021-11-29 13:13 - 000000000 ____D C:\ProgramData\HitmanPro
2021-11-29 13:11 - 2021-11-29 13:11 - 011332032 _____ (SurfRight B.V.) C:\Users\wowts\Downloads\HitmanPro_x64.exe
2021-11-29 13:10 - 2021-11-29 13:28 - 327981224 _____ C:\Users\wowts\Downloads\EmsisoftEmergencyKit.exe
2021-11-29 12:45 - 2021-11-29 14:43 - 000000000 ____D C:\ProgramData\AVG
2021-11-29 12:44 - 2021-11-29 12:44 - 000224072 _____ (AVG Technologies CZ, s.r.o.) C:\Users\wowts\Downloads\avg_antivirus_free_setup.exe
2021-11-29 12:20 - 2021-11-29 12:20 - 000425230 _____ C:\Users\wowts\Downloads\OneDrive_1_29.11.2021.zip
2021-11-29 10:36 - 2021-12-01 10:27 - 000000681 _____ C:\Users\wowts\Desktop\ESET Online Scanner.lnk
2021-11-29 10:35 - 2021-11-29 10:35 - 014562400 _____ (ESET spol. s r.o.) C:\Users\wowts\Downloads\ESETOnlineScanner_DEU.exe
2021-11-29 10:35 - 2021-11-29 10:35 - 000000780 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-29 10:35 - 2021-11-29 10:35 - 000000000 ____D C:\Users\wowts\AppData\Local\ESET
2021-11-29 09:46 - 2021-11-29 09:46 - 001790024 _____ (Malwarebytes) C:\Users\wowts\Downloads\JRT (1).exe
2021-11-29 09:42 - 2021-11-29 09:42 - 001798976 ____N (Malwarebytes) C:\Users\wowts\Downloads\JRT.exe
2021-11-29 09:34 - 2021-11-29 09:35 - 007025360 ____N (Malwarebytes) C:\Users\wowts\Downloads\adwcleaner_7.3.exe
2021-11-29 09:20 - 2021-11-30 17:03 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-29 09:20 - 2021-11-29 09:20 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-29 09:20 - 2021-11-29 09:20 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-11-29 09:20 - 2021-11-29 09:20 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-29 09:20 - 2021-11-29 09:20 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-29 09:20 - 2021-11-29 09:20 - 000000000 ____D C:\Users\wowts\AppData\Local\mbam
2021-11-29 09:17 - 2021-11-29 09:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-29 09:17 - 2021-11-29 09:17 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-29 09:13 - 2021-11-29 09:13 - 002101944 _____ (Malwarebytes) C:\Users\wowts\Downloads\MBSetup.exe
2021-11-28 23:51 - 2021-11-28 21:21 - 000454567 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20211128-235106.backup
2021-11-27 22:24 - 2021-11-27 22:24 - 000000000 ____D C:\Users\wowts\AppData\Local\Bigpoint GmbH
2021-11-27 22:22 - 2021-11-27 22:22 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarkOrbit
2021-11-27 22:19 - 2021-11-27 22:24 - 000000000 ____D C:\Users\wowts\Dark Orbit
2021-11-27 22:18 - 2021-11-27 22:19 - 021649640 _____ C:\Users\wowts\Downloads\DarkOrbitInstaller.392.172257406.exe
2021-11-26 16:40 - 2021-11-26 16:42 - 009451378 _____ C:\Users\wowts\Downloads\Feedback-Stieben-Milyayev-V3.pdf
2021-11-26 14:18 - 2021-11-26 14:18 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Delphi
2021-11-26 14:18 - 2021-11-26 14:18 - 000000000 ____D C:\ProgramData\Delphi
2021-11-26 14:11 - 2021-11-26 14:12 - 000000000 ____D C:\Users\wowts\Desktop\Diagnose
2021-11-26 13:49 - 2021-11-26 13:50 - 1585034671 _____ C:\Users\wowts\Downloads\Delphi Cars 2015.R3.zip
2021-11-26 11:37 - 2021-11-26 14:18 - 000000249 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Autocom
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\ProgramData\Common Diagnostics
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\ProgramData\Autocom
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\Documents\CarPort
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Obsidium
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Roaming\MPP-Engineering
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Local\MPP-Engineering
2021-11-25 13:52 - 2021-11-25 13:52 - 000000000 _____ C:\Users\wowts\Downloads\Eraser_6.2.0.2993.exe.part
2021-11-25 13:22 - 2021-11-25 13:22 - 1554618368 _____ C:\Users\wowts\Downloads\AUTOCOM 2017.1 CAR.iso
2021-11-24 17:21 - 2021-11-24 17:21 - 071373831 _____ C:\Users\wowts\Downloads\21.3.0 DE unupdatable.zip
2021-11-23 19:05 - 2021-11-23 19:06 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1) (2).pdf
2021-11-23 10:07 - 2021-11-23 12:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-22 18:21 - 2021-11-22 18:24 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1) (1).pdf
2021-11-22 12:53 - 2021-11-22 12:53 - 000159961 _____ C:\Users\wowts\Downloads\202111091348408430_2213437_200919.pdf
2021-11-22 12:52 - 2021-11-22 12:53 - 000410438 _____ C:\Users\wowts\Downloads\202111091921079470_2239425_200919.eml
2021-11-22 09:24 - 2021-11-22 09:24 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1).pdf
2021-11-19 16:13 - 2021-11-19 16:13 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-11-19 14:19 - 2021-11-19 14:21 - 023061073 _____ C:\Users\wowts\Downloads\01 Vorlesungsunterlagen.zip
2021-11-18 13:00 - 2019-06-05 04:43 - 000135667 _____ C:\WINDOWS\system32\Drivers\rtldata.txt
2021-11-18 10:49 - 2021-11-07 22:36 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-11-18 03:31 - 2021-11-18 03:31 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7c0f368e88e72
2021-11-16 20:43 - 2021-11-16 20:44 - 048334535 _____ C:\Users\wowts\Downloads\405.pdf
2021-11-15 10:15 - 2021-11-15 10:15 - 000000018 _____ C:\Users\wowts\delte
2021-11-15 10:14 - 2021-11-15 10:14 - 000000011 _____ C:\Users\wowts\delete
2021-11-12 12:38 - 2021-11-12 12:38 - 000401898 _____ C:\Users\wowts\Desktop\SHA-Antragsformular_Version_SARS-CoV-2.pdf
2021-11-12 03:13 - 2021-04-23 08:23 - 001865880 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001865880 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001446544 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001446544 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001101752 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 001101752 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000954920 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000954920 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000744600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000628888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000098456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000083096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000054408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000051336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000504472 _____ C:\WINDOWS\system32\GameManager64.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000500888 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000440448 _____ C:\WINDOWS\system32\EEURestart.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000387712 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000354432 _____ C:\WINDOWS\system32\clinfo.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000253064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000220808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000174752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000174216 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000148608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000027888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000027864 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 081591432 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 067170952 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 005528184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 001510008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 001339504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000829064 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000476296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000464008 _____ C:\WINDOWS\system32\atieah64.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000359560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000190088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000166360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000143480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000138880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000133256 _____ C:\WINDOWS\system32\atidxx64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000123528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000115336 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000077936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 072489608 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000948888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000776344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000497288 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000474272 _____ C:\WINDOWS\system32\amdlogum.exe
2021-11-12 03:13 - 2021-04-23 08:20 - 000387720 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 001708432 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 001384944 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000559704 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000145304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000139576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000139576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000129464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000117304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000117288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-11-12 03:13 - 2021-04-23 07:49 - 059070488 _____ C:\WINDOWS\system32\amdxc64.so
2021-11-12 03:13 - 2021-04-23 07:49 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-11-12 03:13 - 2021-04-23 07:49 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-11-12 03:13 - 2021-04-23 07:49 - 000557888 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-11-12 03:13 - 2021-04-23 07:49 - 000557888 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-11-12 03:13 - 2021-04-23 07:49 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-11-12 03:13 - 2021-04-23 07:49 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-11-12 03:13 - 2021-04-23 07:49 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2021-11-12 03:13 - 2021-04-23 07:49 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2021-11-12 03:13 - 2021-04-23 07:49 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2021-11-12 03:13 - 2021-04-23 07:49 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2021-11-12 00:15 - 2021-11-12 00:15 - 000106344 _____ C:\Users\wowts\Documents\Praktikum1.mw
2021-11-12 00:00 - 2021-11-12 00:00 - 000699151 _____ C:\Users\wowts\Documents\Praktikum 2.mw
2021-11-11 21:26 - 2021-11-11 21:26 - 000048681 _____ C:\Users\wowts\Documents\Mathe 2 Praktikum Aufgabe 7 DGl 2.O. Randwert.mw
2021-11-11 19:16 - 2021-11-11 19:16 - 000000000 ____D C:\Users\wowts\Maple
2021-11-11 18:58 - 2021-11-11 18:58 - 000001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021.lnk
2021-11-11 18:58 - 2021-11-11 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021
2021-11-11 18:51 - 2021-11-11 19:08 - 000000000 ____D C:\Program Files\Maple 2021
2021-11-11 18:29 - 2021-11-12 17:01 - 000035841 _____ C:\Users\wowts\Documents\Aufgabe 7.2.mw
2021-11-11 18:29 - 2021-11-12 17:01 - 000035507 _____ C:\Users\wowts\Documents\aufgabe 7.mw
2021-11-11 15:26 - 2021-11-11 15:26 - 011349663 _____ C:\Users\wowts\Downloads\Endfeedback-Stieben-Milyayev-V2.pdf
2021-11-11 13:47 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-11-11 10:25 - 2021-11-11 10:25 - 000190883 _____ C:\Users\wowts\Downloads\KL_Kran-Projektaufgabe_WS 21-22.pdf
2021-11-11 10:25 - 2021-11-11 10:25 - 000169344 _____ C:\Users\wowts\Downloads\KL_Kran-Projektaufgabe_Deckblatt_WS 21-22.pdf
2021-11-10 18:58 - 2021-11-11 20:34 - 000036049 _____ C:\Users\wowts\Documents\,,,.mw
2021-11-10 12:57 - 2021-11-10 12:57 - 000000000 ____D C:\Users\wowts\AppData\Roaming\VS Revo Group
2021-11-10 09:53 - 2021-12-01 09:40 - 000000000 ____D C:\Users\wowts\Desktop\Alles
2021-11-10 02:58 - 2021-11-10 02:58 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe
2021-11-10 02:58 - 2021-11-10 02:58 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-09 20:00 - 2021-11-09 20:00 - 000157859 _____ C:\Users\wowts\Downloads\202110062004282930_2150114_200919.pdf
2021-11-09 14:40 - 2021-11-09 14:41 - 015920937 _____ C:\Users\wowts\Downloads\Praktikum  Absorbtion.V2.pdf
2021-11-09 00:52 - 2021-11-09 00:52 - 000118814 _____ C:\Users\wowts\Documents\asxaxasxa.mw
2021-11-06 00:45 - 2021-11-06 00:45 - 000032768 _____ C:\WINDOWS\system32\hnsproxy.dll
2021-11-06 00:44 - 2021-11-06 00:44 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-06 00:44 - 2021-11-06 00:44 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2021-11-06 00:44 - 2021-11-06 00:44 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-04 23:25 - 2021-11-04 23:25 - 000001935 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2021-11-04 22:40 - 2021-11-29 10:26 - 000000000 ____D C:\Users\wowts\AppData\Roaming\FileZilla
2021-11-04 22:40 - 2021-11-28 11:25 - 000000000 ____D C:\Users\wowts\AppData\Local\FileZilla
2021-11-04 22:37 - 2021-11-04 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-11-04 22:37 - 2021-11-04 22:37 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2021-11-04 09:40 - 2021-11-04 09:40 - 000040763 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).pdf
2021-11-04 09:40 - 2021-11-04 09:40 - 000005456 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).html
2021-11-04 09:40 - 2021-11-04 09:40 - 000005298 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).txt
2021-11-04 09:39 - 2021-11-04 09:39 - 000056309 _____ C:\Users\wowts\Downloads\EBAY-AGB_BASIC-INKL.DATENSCHUTZ (1).pdf
2021-11-04 09:39 - 2021-11-04 09:39 - 000023370 _____ C:\Users\wowts\Downloads\EBAY-AGB_BASIC-INKL.DATENSCHUTZ (4).html
2021-11-04 09:27 - 2021-11-04 09:27 - 000310915 _____ C:\Users\wowts\Downloads\Retourenformular (1).pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000299132 _____ C:\Users\wowts\Downloads\Muster_Versand-_und_Zahlungsinformationen (1).pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000225153 _____ C:\Users\wowts\Downloads\Zugangsbestaetigung.pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000197292 _____ C:\Users\wowts\Downloads\Auftragsbestaetigung.pdf
2021-11-04 09:26 - 2021-11-04 09:27 - 000177885 _____ C:\Users\wowts\Downloads\Muster-Rechnungen (1).pdf
2021-11-04 09:26 - 2021-11-04 09:26 - 000180429 _____ C:\Users\wowts\Downloads\Vertrag_ueber_die_Ueberlassung_und_Verwendung_von_Model-Bildern_mit_Datenschutzhinweisen.pdf
2021-11-04 09:25 - 2021-11-04 09:25 - 000226971 _____ C:\Users\wowts\Downloads\Muster_fuer_eine_Geheimhaltungsvereinbarung.pdf
2021-11-04 09:25 - 2021-11-04 09:25 - 000150333 _____ C:\Users\wowts\Downloads\E-Mail_Signatur_fuer_Kaufleute (1).pdf
2021-11-04 09:24 - 2021-11-04 09:24 - 000155203 _____ C:\Users\wowts\Downloads\E-Mail_Signatur_fuer_GmbH_und_UG.pdf

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-12-01 10:44 - 2020-12-02 02:01 - 000000512 _____ C:\Users\Public\amdsfhdcd.bin
2021-12-01 10:40 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-01 10:24 - 2020-12-24 12:52 - 000000000 ____D C:\Program Files\CCleaner
2021-12-01 10:04 - 2021-10-14 13:01 - 001768198 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-01 10:04 - 2021-06-05 18:53 - 000766156 _____ C:\WINDOWS\system32\perfh007.dat
2021-12-01 10:04 - 2021-06-05 18:53 - 000158958 _____ C:\WINDOWS\system32\perfc007.dat
2021-12-01 10:04 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2021-12-01 10:04 - 2021-01-18 13:34 - 000000000 ____D C:\Users\wowts\Documents\Outlook-Dateien
2021-12-01 10:01 - 2021-04-19 08:41 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Nextcloud
2021-12-01 10:01 - 2020-12-02 02:07 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-12-01 10:00 - 2021-10-14 13:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-12-01 10:00 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-12-01 10:00 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\Lenovo
2021-12-01 10:00 - 2020-12-02 02:00 - 000000000 ____D C:\ProgramData\Lenovo
2021-12-01 09:58 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-01 09:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-01 09:58 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\Packages
2021-12-01 09:58 - 2020-12-21 13:30 - 000000000 ____D C:\ProgramData\Packages
2021-12-01 09:57 - 2021-10-14 13:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-01 09:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2021-12-01 09:57 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-01 09:57 - 2021-06-05 13:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-01 09:57 - 2021-04-14 13:05 - 000001524 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Delphi Toasts App.lnk
2021-12-01 09:57 - 2021-04-14 13:05 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-12-01 09:57 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2021-12-01 09:40 - 2020-12-21 20:53 - 000000000 ___RD C:\Users\wowts\Desktop\Spiele
2021-12-01 09:30 - 2021-03-01 12:30 - 000000000 ____D C:\Users\wowts\AppData\Local\CrashDumps
2021-12-01 09:28 - 2020-12-23 15:51 - 000007630 _____ C:\Users\wowts\AppData\Local\Resmon.ResmonCfg
2021-11-30 22:17 - 2020-12-21 14:45 - 000000000 ____D C:\Users\wowts\AppData\LocalLow\Mozilla
2021-11-30 22:00 - 2020-12-21 14:45 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-30 21:05 - 2021-04-19 10:31 - 000000000 ___SD C:\Homecloud
2021-11-30 21:04 - 2021-10-14 13:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-30 18:40 - 2020-12-02 02:07 - 000000000 ____D C:\WINDOWS\TempInst
2021-11-30 18:37 - 2021-10-14 12:13 - 000000000 ____D C:\Users\wowts
2021-11-30 17:14 - 2020-12-02 02:01 - 000000000 ____D C:\Program Files\Lenovo
2021-11-30 17:12 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-30 17:11 - 2020-12-24 15:39 - 000000000 ___RD C:\Users\wowts\Desktop\Programe
2021-11-30 17:10 - 2021-10-14 13:00 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2021-11-30 17:10 - 2021-10-14 12:12 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-11-30 17:10 - 2019-12-07 10:14 - 000455026 _____ C:\WINDOWS\system32\Drivers\etc\.hosts
2021-11-29 21:38 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-29 21:38 - 2021-02-01 20:18 - 000000000 ____D C:\Users\wowts\AppData\Local\ElevatedDiagnostics
2021-11-29 19:44 - 2020-12-02 01:59 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-29 15:48 - 2021-10-14 13:00 - 000545736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-29 15:48 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\lxss
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-29 15:47 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing
2021-11-29 15:04 - 2021-10-14 13:01 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-11-29 14:43 - 2021-01-24 17:12 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-11-29 14:33 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\D3DSCache
2021-11-29 12:46 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-29 11:05 - 2021-02-14 23:12 - 000000000 ____D C:\Users\wowts\Documents\Citavi 6
2021-11-29 11:02 - 2021-02-25 17:44 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-11-29 10:24 - 2021-10-14 13:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-29 10:23 - 2021-06-05 13:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-11-29 10:18 - 2020-12-24 13:10 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-11-29 09:38 - 2021-08-26 20:19 - 000000000 ____D C:\Users\wowts\AppData\LocalLow\IObit
2021-11-29 09:38 - 2021-05-06 12:30 - 000000000 ____D C:\Program Files (x86)\IObit
2021-11-29 09:38 - 2021-05-06 12:14 - 000000000 ____D C:\ProgramData\IObit
2021-11-29 09:38 - 2021-05-06 12:13 - 000000000 ____D C:\Users\wowts\AppData\Roaming\IObit
2021-11-28 18:10 - 2021-02-12 17:50 - 000000128 _____ C:\Users\wowts\AppData\Local\PUTTY.RND
2021-11-28 12:16 - 2020-12-24 13:12 - 000000000 ____D C:\Program Files (x86)\Avira
2021-11-28 11:58 - 2020-12-24 13:12 - 000000000 ____D C:\ProgramData\Avira
2021-11-26 14:40 - 2021-10-14 13:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-26 11:30 - 2021-08-26 20:18 - 000000000 ____D C:\ProgramData\WinZip
2021-11-26 11:27 - 2021-02-14 23:09 - 000000000 ____D C:\Users\wowts\AppData\Local\Docker
2021-11-26 10:53 - 2020-12-21 14:29 - 000000000 ____D C:\Program Files\Maple 2020
2021-11-25 22:42 - 2020-12-21 15:39 - 000000000 ____D C:\Users\wowts\Downloads\Uni
2021-11-25 16:21 - 2021-02-25 17:45 - 000002390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-11-25 12:49 - 2021-10-14 13:12 - 000004196 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1608812151
2021-11-25 12:49 - 2020-12-24 13:15 - 000001400 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-11-25 09:36 - 2020-12-02 01:59 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-25 00:43 - 2020-12-21 15:39 - 000000000 ____D C:\Users\wowts\Downloads\Programe
2021-11-23 12:04 - 2020-12-21 14:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-23 11:55 - 2020-12-21 14:45 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-22 18:49 - 2021-10-20 08:15 - 000005202 _____ C:\WINDOWS\storelibdebug.txt
2021-11-22 14:59 - 2021-10-14 13:12 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-778103176-1376588227-3002950867-1001
2021-11-22 14:59 - 2020-12-21 13:34 - 000002406 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-19 16:13 - 2020-12-21 16:38 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Zoom
2021-11-19 09:59 - 2021-01-23 02:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-11-18 22:07 - 2021-10-14 13:12 - 000003636 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-11-18 22:07 - 2021-05-06 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-11-18 03:31 - 2021-10-14 13:12 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-16 20:59 - 2021-10-16 11:28 - 000002380 _____ C:\Users\wowts\Desktop\WK2.lnk
2021-11-14 14:27 - 2020-12-02 02:01 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-12 17:01 - 2021-01-02 10:46 - 000000000 ____D C:\Users\wowts\.maplesoft
2021-11-11 19:08 - 2021-01-02 19:08 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Maple
2021-11-10 12:55 - 2021-04-14 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-11-10 12:52 - 2021-08-26 20:20 - 000000000 ____D C:\Program Files (x86)\KompoZer
2021-11-10 09:53 - 2021-10-16 11:28 - 000002037 _____ C:\Users\wowts\Desktop\Physik 2.lnk
2021-11-10 09:52 - 2021-10-09 10:34 - 000001860 _____ C:\Users\wowts\Desktop\Semester 4 WS21.lnk
2021-11-10 09:52 - 2020-12-21 14:33 - 000001542 _____ C:\Users\wowts\Desktop\OneDrive.lnk
2021-11-10 05:00 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-11-10 05:00 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 03:07 - 2020-12-24 12:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 03:01 - 2020-12-24 12:31 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-07 22:36 - 2021-08-17 23:01 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-11-07 22:36 - 2021-08-17 23:01 - 000063728 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-11-07 22:36 - 2020-12-02 02:00 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-11-07 02:40 - 2021-08-21 13:11 - 000001040 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2021-11-06 22:00 - 2021-10-31 15:13 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2021-11-06 04:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-11-06 04:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-11-06 04:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-06 00:55 - 2021-04-28 07:32 - 000000000 ____D C:\Users\wowts\AppData\Roaming\vlc
2021-11-04 23:57 - 2021-02-21 23:50 - 000002286 ____H C:\Users\wowts\Documents\Default.rdp
2021-11-04 23:25 - 2021-10-13 16:47 - 000000000 ____D C:\Program Files\Nextcloud
2021-11-04 22:54 - 2021-01-24 15:53 - 000000439 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-11-04 22:30 - 2021-05-14 22:12 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-11-03 09:28 - 2020-12-21 16:38 - 000002375 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-12-26 15:12 - 2021-07-23 10:16 - 000000128 _____ () C:\Users\wowts\AppData\Roaming\winscp.rnd
2021-02-06 10:12 - 2021-02-10 12:20 - 000018267 _____ () C:\Users\wowts\AppData\Local\PlariumPlay.log
2021-02-12 17:50 - 2021-11-28 18:10 - 000000128 _____ () C:\Users\wowts\AppData\Local\PUTTY.RND
2021-05-15 09:26 - 2021-05-15 09:26 - 000015975 _____ () C:\Users\wowts\AppData\Local\recently-used.xbel
2020-12-23 15:51 - 2021-12-01 09:28 - 000007630 _____ () C:\Users\wowts\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         

Geändert von Wovan (01.12.2021 um 11:25 Uhr)

 

Themen zu Vram 85-99%+ ausgelastet. Mining Bot?
amd, andere, anderen, auslastung, avira, bot, browser, eset, folge, guten, interne, internet, internet probleme, laufen, leute, lüfter, morgen, probleme, programme, runter, software, starte, startet, system, taskmanager, windows 11




Ähnliche Themen: Vram 85-99%+ ausgelastet. Mining Bot?


  1. Heimliches Krypto-Mining im Browser ist laut Forschern derzeit kaum existent
    Nachrichten - 18.03.2020 (0)
  2. Win 10, Mining u. Schadsoftware Funde, Eigenständiges Einschalten
    Log-Analyse und Auswertung - 28.02.2020 (16)
  3. Verstecktes Coin Mining durch Javascript im Browser (z.B. coin hive)
    Überwachung, Datenschutz und Spam - 21.03.2018 (13)
  4. HKUS\S-1-5-18, Mining Software, registry
    Plagegeister aller Art und deren Bekämpfung - 04.03.2018 (4)
  5. Mining Virus eingefangen, nicht sicher ob er entfernt wurde ?
    Plagegeister aller Art und deren Bekämpfung - 13.10.2017 (2)
  6. Geld mit Krypto-Mining auf meinem Blog verdienen
    Mülltonne - 19.09.2017 (0)
  7. Kryptogeld: Geldstrafe für Macher von Mining-Malware
    Nachrichten - 30.06.2015 (0)
  8. Bitcoin: Erstmals gefährliche Konzentration der Mining-Leistung
    Nachrichten - 16.06.2014 (0)
  9. Botnetz für Altcoin-Mining nutzt Lücke in Nagios-Überwachung aus
    Nachrichten - 30.04.2014 (0)
  10. Mining-Malware jetzt auch bei Google Play
    Nachrichten - 25.04.2014 (0)
  11. Ich bin Opfer eines Bitcoin Mining-Netzes
    Plagegeister aller Art und deren Bekämpfung - 15.12.2013 (5)
  12. Spieleanbieter muss Strafe wegen Bitcoin-Mining-Virus zahlen
    Nachrichten - 20.11.2013 (0)
  13. Cpu-ausgelastet!
    Plagegeister aller Art und deren Bekämpfung - 02.06.2013 (2)
  14. "Bit Coin" Mining
    Plagegeister aller Art und deren Bekämpfung - 02.01.2013 (1)
  15. CPU oft 100 % ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (1)
  16. CPU ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 27.06.2011 (16)
  17. CPU zu 100% Ausgelastet
    Mülltonne - 13.06.2008 (0)

Zum Thema Vram 85-99%+ ausgelastet. Mining Bot? - Guten Morgen Leute, seit ein paar Tagen plagt mich, schätze ich, ein Trojaner. Angefangen hat es mit ständigen Internet problemen (z.B. Zoom -> Internet Instabil (WG und Elternhaus lief vorher - Vram 85-99%+ ausgelastet. Mining Bot?...
Archiv
Du betrachtest: Vram 85-99%+ ausgelastet. Mining Bot? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.