| |
| |||||||
Alles rund um Windows: Vram 85-99%+ ausgelastet. Mining Bot?Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
01.12.2021, 11:11
| #1 |
 |  Problem: Vram 85-99%+ ausgelastet. Mining Bot? Guten Morgen Leute, seit ein paar Tagen plagt mich, schätze ich, ein Trojaner. Angefangen hat es mit ständigen Internet problemen (z.B. Zoom -> Internet Instabil (WG und Elternhaus lief vorher stabil)) oder abbrüche. Nun ist mir aufgefallen dass mein Vram immer bei 85-99%+ (AMD Software) auslastung hat. Programme die GPU verwenden haben im Taskmanager erhöhte werte sowie "Stromverbrauch" ist auf Mittel und Hoch. Vorher war alles auf Niedrig/Sehr Niedrig. Lüfter geht dreht hoch und wieder runter wenn keine anderen Programme laufen, wenn man jedoch den Browser o.ä. startet dann legt der püsterich los. Mein System:
Bis jetzt probiert:
Schon mal vielen Dank euch! Wovan FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
durchgeführt von wowts (Administrator) auf WOWTSCHIK (LENOVO 81X2) (01-12-2021 10:43:35)
Gestartet von C:\Users\wowts\AppData\Local\Temp\scoped_dir17072_825760356
Geladene Profile: wowts
Plattform: Microsoft Windows 11 Home Version 21H2 22000.348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\atiesrxx.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\YMC.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.SmartAppearance_1.1.10.0_neutral__5grkq8ppsgwt4\CameraConfiguration\CameraConfiguration.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.34\msedgewebview2.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_10.2103.6.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe
(Opera Software AS -> Opera Software) C:\Users\wowts\AppData\Local\Programs\Opera\81.0.4196.60\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\wowts\AppData\Local\Programs\Opera\opera.exe <27>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(UFRO INCORPORATION -> Ufro) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_043e8a72e05dd9f4\ColorWatcher.exe
(Wacom Co., Ltd. -> Wacom Technology, Corp.) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_043e8a72e05dd9f4\WTabletServiceISD.exe <2>
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\wowts\AppData\Roaming\Zoom\bin\CptHost.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\wowts\AppData\Roaming\Zoom\bin\Zoom.exe <2>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1141552 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2015-01-29] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\wowts\AppData\Local\Microsoft\Teams\Update.exe [2459280 2021-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Amazon Music Helper] => C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music Helper.exe [2356312 2021-09-17] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Amazon Music] => C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music.exe [21370456 2021-09-17] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIREE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Discord] => C:\Users\wowts\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [2739008 2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Opera Browser Assistant] => C:\Users\wowts\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [] => [X]
HKLM\...\Print\Monitors\EPSON XP-342 343 345 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBREE.DLL [182784 2015-12-09] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\95.1.13052.72\Installer\chrmstp.exe [2021-11-25] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-10-16]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xxx.exe.lnk [2021-04-15]
ShortcutTarget: xxx.exe.lnk -> C:\Windows\System32\net.exe (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03F07486-C0CB-4C90-B85F-FA414BE53CBC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {06F0F01B-6273-4087-B329-6BE218DCF0B5} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
Task: {18F8950B-F4E0-4B2C-8E8B-31195C06F079} - System32\Tasks\Opera scheduled Autoupdate 1608812151 => C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe [1753808 2021-11-23] (Opera Software AS -> Opera Software)
Task: {1FB52FAD-EEC7-497B-BC46-B24D5D63EA54} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Keine Datei)
Task: {21C9A622-AA70-45B5-9D75-74079446771E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-23] (Google LLC -> Google LLC)
Task: {239A1A46-AF4F-47B2-B042-A8AE5FFAE370} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {246D2A2F-6508-4B14-A7A7-8D5134D6E57B} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4190800 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {29219B9B-C059-4ADF-8E70-904A40083A61} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {2D38D28F-50D2-4FEC-A450-A7225056836B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-10] (Avast Software s.r.o. -> Avast Software)
Task: {323C8F6D-6FDB-4A0F-AD29-9EDBE8A115CE} - System32\Tasks\CCleanerSkipUAC - wowts => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {34BB7D71-EA5D-41D4-86EB-5EB752DA7AA4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C899A3B-5DDD-43CE-97BB-14764136F913} - System32\Tasks\Lenovo\Lenovo MigrationAssistant start event task => C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe [291216 2020-11-11] (Lenovo -> )
Task: {4125DEFD-A8F3-4412-AEB6-24F6A0795C87} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {4970B72F-FA6C-489E-B9DF-F13B7293EABE} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Auffrischen der Anti-Beacon-Immunisierung => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe [8790696 2019-12-18] (Safer-Networking Ltd. -> )
Task: {541ED3B8-4DC0-4F59-8F71-C9BCA3A4FE33} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [81920 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {54F176B0-3B92-443E-B25A-76182A28D4FB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {587253DE-D92C-4730-98F8-5E1C36EDFC2E} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {5C20F4C5-D57B-42A3-9E9B-071DC8196ECA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6189624 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {5E68E165-9DAA-41E0-8272-F19324B00ABF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {62A3D3AF-3C2C-41B5-A666-FF1CA33D2E1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-23] (Google LLC -> Google LLC)
Task: {6B35CDD0-F331-4A2F-889E-B81A0D79BA9C} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2515248 2021-11-13] (Piriform Software Ltd -> Piriform Software)
Task: {6E959406-A2C1-4C1D-A2A9-CE47F618BCB4} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {71DD2352-C63D-4F74-BB81-1972F958EBC3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {75CFED51-D11E-4674-8330-FDD1898DC283} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {79CEF269-205F-4630-9CBD-89A3634C826C} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2515248 2021-11-13] (Piriform Software Ltd -> Piriform Software)
Task: {820D4038-BB8D-4390-8189-0692B530D1CF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [7177168 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {8D31A86D-8A11-4007-9511-4FD92A416C72} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (Keine Datei)
Task: {90FE37F6-C391-4BF9-96C8-D047B8A3EB56} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {9188FD63-9FAB-4B0D-8C5E-DC2AD8FABBE5} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-04-21] () [Datei ist nicht signiert]
Task: {9361E511-201D-4D05-A00E-D56DA024A0F2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1600416 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E115AB0-D9D7-460D-B159-B62EE6C74BE2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0691F33-8890-4099-9EC4-7A389F9E6AF7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (Keine Datei)
Task: {A4541692-1577-42A9-806A-0DA395A34FEB} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
Task: {A7576BFE-7C5B-41C5-A995-B5B8089F1D8F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e214837f-a20e-4fe7-bd34-8d7fd397109d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {A8F668CC-AF81-4E90-BE33-1791252FC85B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {AB39CFED-C536-4D25-9CD2-8804E70D243B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAA18872-1A38-4BF6-9327-9CA0D261A690} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE49D86D-FF90-4DC1-AB7D-A3B43F9E900F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\11bf35b2-7352-4c33-ac61-111e3096fc49 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {C3805D6C-E3CB-4419-B372-0FA6F79BAC81} - System32\Tasks\Opera scheduled assistant Autoupdate 1608812155 => C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe [1753808 2021-11-23] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\wowts\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {CB8D3780-C150-44B2-829A-2A890CFD0179} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1673272 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {CB8E1798-23ED-4523-8ABF-F8A54B6E2FD7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Keine Datei)
Task: {CD55368D-9846-48D6-B0DF-27F72EFC093A} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {D8608D73-0EFB-4777-8E02-F6AFFC48AAF2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a781c118-6932-4721-8109-d0629a5df60e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {D8CFC531-69CC-4D8A-9A3A-E0172235513C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f440c66d-5a05-4737-a356-38c0964976e2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {DD9424D8-84F6-403C-8DE0-9B82F99A93A5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {E04D1A24-4418-4BFB-AA3C-D54D09044835} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {E0D17D85-EB28-4D37-AB0F-85A78E8ECF9E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {EA7DCE23-1A3D-421E-9C70-6396CAF3C1AC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-778103176-1376588227-3002950867-1001 => C:\Users\wowts\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87896 2021-10-30] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {F89EBA5D-9851-4B2E-8F70-F0BB1264E868} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [237952 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {FA7820A8-7D42-416F-8F6B-E9A3C1BC4AD1} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{194b8a07-8a49-42e0-ba56-e2c84f8f5540}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{69129b5f-2abf-4956-9cb1-0da2b391e6f7}: [DhcpNameServer] 192.168.32.102
Tcpip\..\Interfaces\{6a13e067-204c-4049-b75d-0e9e01c79d60}: [DhcpNameServer] 192.168.0.38
Tcpip\..\Interfaces\{8532842c-0128-4504-a307-46ec5dcf05db}: [DhcpNameServer] 172.168.127.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\wowts\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-30]
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Microsoft-Editor: Rechtschreibung- und Grammatikprüfung) - C:\Users\wowts\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2021-11-03]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF DefaultProfile: 3ztst3tj.default
FF ProfilePath: C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3ztst3tj.default [2020-12-21]
FF ProfilePath: C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release [2021-11-30]
FF NetworkProxy: Mozilla\Firefox\Profiles\3cjbr8d3.default-release -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\3cjbr8d3.default-release -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\3cjbr8d3.default-release -> hxxps://calendar.google.com; hxxps://app.libertex.com
FF Extension: (Dark Reader) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\addon@darkreader.org.xpi [2021-11-08]
FF Extension: (OneNote Web Clipper) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\Clipper@OneNote.com.xpi [2020-12-21]
FF Extension: (Ninja Cookie) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\debug@ninja-cookie.com.xpi [2021-11-17]
FF Extension: (uBlock Origin) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-11-26]
FF Extension: (Dark Mode) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{3f746ae8-9575-4e62-9855-aae624b11082}.xpi [2020-12-21]
FF Extension: (NoScript) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-28]
FF Extension: (ClearURLs) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2021-03-24]
FF Extension: (YouTube Playlist Download) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{753bfcdc-8bcc-4626-89f0-6d22dc209561}.xpi [2021-04-14]
FF Extension: (Google Docs Viewer) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{a734ba68-4aac-41e0-9141-9f8d00373d93}.xpi [2021-01-23]
FF Extension: (Matte Black (Red)) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2021-10-06]
FF Extension: (The universe of ancient times.) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{b6d370bd-f532-4049-9a82-f53b47f369b3}.xpi [2020-12-21]
FF Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2021-11-28]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-24]
FF ProfilePath: C:\Users\wowts\AppData\Roaming\kompozer.net\KompoZer\Profiles\l6xmpoac.default [2021-08-26]
FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-07-09]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-02-25] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-02-25] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\antibeacon.js [2021-12-01] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
Chrome:
=======
CHR Profile: C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default [2021-11-30]
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Präsentationen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-23]
CHR Extension: (Docs) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-23]
CHR Extension: (Google Drive) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-23]
CHR Extension: (YouTube) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-23]
CHR Extension: (Slinky Vornehm) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2021-01-23]
CHR Extension: (Avira Password Manager) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-10-14]
CHR Extension: (Adblock für Youtube™) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-10-04]
CHR Extension: (Dark Reader) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2021-10-14]
CHR Extension: (Tabellen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-23]
CHR Extension: (Google Docs Offline) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-10-14]
CHR Extension: (StudentBook) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiimjijildjkajollpjecaocbbjfobed [2021-01-23]
CHR Extension: (TiltShiftMaker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo [2021-01-23]
CHR Extension: (SnapPages) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\iedpncdncgcneohjpggphlkhjofphgkf [2021-01-23]
CHR Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2021-10-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Citavi Picker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-08-15]
CHR Extension: (Weather Underground) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2021-01-23]
CHR Extension: (Google Mail) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-23]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
Opera:
=======
OPR Profile: C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable [2021-12-01]
OPR Notifications: Opera Stable -> hxxps://app.libertex.com; hxxps://web.whatsapp.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-29]
OPR Extension: (I don't care about cookies) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\iambaeepkgdclnmbfdnnohkjjpdglbeo [2021-11-30]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (uBlock Origin) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2021-10-15]
OPR Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2021-11-29]
OPR Extension: (Install Chrome Extensions) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2021-01-24]
OPR Extension: (Ninja Cookie) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\naomjjbmcadiepggkdoknhklmklcobna [2021-11-17]
OPR Extension: (Avira Password Manager) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2021-02-12]
OPR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-10-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [272448 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [275088 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\95.1.13052.72\elevation_service.exe [1713640 2021-11-13] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
S3 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [12002208 2019-12-16] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2020-12-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-06-30] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-06-30] (GOG Sp. z o.o. -> GOG.com)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe [539128 2021-08-26] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-11-29] (Malwarebytes Inc -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475672 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
R3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-18] (ADLICE (ASCOET JULIEN) -> )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2747312 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4583240 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10163312 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 YMC; C:\WINDOWS\System32\YMC.exe [856920 2020-06-17] (Lenovo -> Lenovo Group Ltd.)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 64347b00; C:\WINDOWS\System32\Drivers\64347b00.sys [299544 2021-11-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\amdkmdag.sys [82677912 2021-04-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-02-27] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [184424 2020-07-14] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [192824 2021-10-14] (Microsoft Windows -> Microsoft Corporation)
S1 gvm; C:\WINDOWS\system32\DRIVERS\gvm.sys [393712 2021-05-03] (Google LLC -> Google LLC)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 klupd_64347b00a_arkmon_6D66C841; C:\KVRT2020_Data\Temp\6D66C841DE4E80E48D94B67F324D5423\klupd_64347b00a_arkmon.sys [276064 2021-11-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2021-02-27] (IBM Polska Sp. z o.o. -> IBM)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-29] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-30] (Malwarebytes Inc -> Malwarebytes)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74744 2021-04-21] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Windows (R) Win 7 DDK provider)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2020-05-28] (Symantec Corporation -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-12-01] (Adlice -> )
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8217168 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [90112 2021-10-14] (Microsoft Windows -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; kein ImagePath
S0 klupd_64347b00a_arkmon; System32\Drivers\klupd_64347b00a_arkmon.sys [X]
S3 klupd_64347b00a_klark; System32\Drivers\klupd_64347b00a_klark.sys [X]
S0 klupd_64347b00a_klbg; System32\Drivers\klupd_64347b00a_klbg.sys [X]
S3 klupd_64347b00a_mark; System32\Drivers\klupd_64347b00a_mark.sys [X]
U4 npcap_wifi; kein ImagePath
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-12-01 10:42 - 2021-12-01 10:43 - 027509160 _____ (Adlice Software ) C:\Users\wowts\Downloads\UCheck_setup.exe
2021-12-01 10:28 - 2021-12-01 10:40 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-12-01 10:28 - 2021-12-01 10:36 - 000000000 ____D C:\ProgramData\RogueKiller
2021-12-01 10:28 - 2021-12-01 10:28 - 000000910 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-12-01 10:28 - 2021-12-01 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-12-01 10:28 - 2021-12-01 10:28 - 000000000 ____D C:\Program Files\RogueKiller
2021-11-30 18:15 - 2021-11-30 17:10 - 000455026 _____ C:\WINDOWS\system32\Drivers\etc\hosts.original-30.11.2021
2021-11-30 18:14 - 2021-11-30 17:10 - 000455026 _____ C:\Users\wowts\Desktop\hosts.original-30.11.2021
2021-11-30 17:59 - 2021-11-30 17:59 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\wowts\Downloads\rkill.exe
2021-11-30 17:58 - 2021-11-30 17:59 - 041660008 _____ (Adlice Software ) C:\Users\wowts\Downloads\RogueKiller_setup.exe
2021-11-30 17:58 - 2021-11-30 17:58 - 008540344 _____ (Malwarebytes) C:\Users\wowts\Downloads\AdwCleaner.exe
2021-11-30 17:57 - 2021-12-01 10:43 - 000000000 ____D C:\FRST
2021-11-30 17:56 - 2021-11-30 17:56 - 002311680 _____ (Farbar) C:\Users\wowts\Downloads\FRST64.exe
2021-11-30 17:17 - 2021-11-30 17:55 - 000000000 ___HD C:\$SysReset
2021-11-29 15:10 - 2021-11-29 15:10 - 000352568 _____ C:\WINDOWS\system32\vp9fs.dll
2021-11-29 15:10 - 2021-11-29 15:10 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2021-11-29 15:10 - 2021-11-29 15:10 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-29 15:10 - 2021-11-29 15:10 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
2021-11-29 15:09 - 2021-11-29 15:09 - 000000000 ___HD C:\$WinREAgent
2021-11-29 15:04 - 2021-11-29 15:04 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2021-11-29 13:30 - 2021-11-29 13:30 - 000000000 ____D C:\ProgramData\Emsisoft
2021-11-29 13:29 - 2021-11-29 14:30 - 000000000 ____D C:\EEK
2021-11-29 13:26 - 2021-11-29 13:26 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\64347b00.sys
2021-11-29 13:26 - 2021-11-29 13:26 - 000000000 ____D C:\KVRT2020_Data
2021-11-29 13:23 - 2021-11-29 13:26 - 110789120 _____ (AO Kaspersky Lab) C:\Users\wowts\Downloads\KVRT.exe
2021-11-29 13:13 - 2021-11-29 13:13 - 000040960 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2021-11-29 13:12 - 2021-11-29 13:13 - 000000000 ____D C:\ProgramData\HitmanPro
2021-11-29 13:11 - 2021-11-29 13:11 - 011332032 _____ (SurfRight B.V.) C:\Users\wowts\Downloads\HitmanPro_x64.exe
2021-11-29 13:10 - 2021-11-29 13:28 - 327981224 _____ C:\Users\wowts\Downloads\EmsisoftEmergencyKit.exe
2021-11-29 12:45 - 2021-11-29 14:43 - 000000000 ____D C:\ProgramData\AVG
2021-11-29 12:44 - 2021-11-29 12:44 - 000224072 _____ (AVG Technologies CZ, s.r.o.) C:\Users\wowts\Downloads\avg_antivirus_free_setup.exe
2021-11-29 12:20 - 2021-11-29 12:20 - 000425230 _____ C:\Users\wowts\Downloads\OneDrive_1_29.11.2021.zip
2021-11-29 10:36 - 2021-12-01 10:27 - 000000681 _____ C:\Users\wowts\Desktop\ESET Online Scanner.lnk
2021-11-29 10:35 - 2021-11-29 10:35 - 014562400 _____ (ESET spol. s r.o.) C:\Users\wowts\Downloads\ESETOnlineScanner_DEU.exe
2021-11-29 10:35 - 2021-11-29 10:35 - 000000780 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-29 10:35 - 2021-11-29 10:35 - 000000000 ____D C:\Users\wowts\AppData\Local\ESET
2021-11-29 09:46 - 2021-11-29 09:46 - 001790024 _____ (Malwarebytes) C:\Users\wowts\Downloads\JRT (1).exe
2021-11-29 09:42 - 2021-11-29 09:42 - 001798976 ____N (Malwarebytes) C:\Users\wowts\Downloads\JRT.exe
2021-11-29 09:34 - 2021-11-29 09:35 - 007025360 ____N (Malwarebytes) C:\Users\wowts\Downloads\adwcleaner_7.3.exe
2021-11-29 09:20 - 2021-11-30 17:03 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-29 09:20 - 2021-11-29 09:20 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-29 09:20 - 2021-11-29 09:20 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-11-29 09:20 - 2021-11-29 09:20 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-29 09:20 - 2021-11-29 09:20 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-29 09:20 - 2021-11-29 09:20 - 000000000 ____D C:\Users\wowts\AppData\Local\mbam
2021-11-29 09:17 - 2021-11-29 09:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-29 09:17 - 2021-11-29 09:17 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-29 09:13 - 2021-11-29 09:13 - 002101944 _____ (Malwarebytes) C:\Users\wowts\Downloads\MBSetup.exe
2021-11-28 23:51 - 2021-11-28 21:21 - 000454567 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20211128-235106.backup
2021-11-27 22:24 - 2021-11-27 22:24 - 000000000 ____D C:\Users\wowts\AppData\Local\Bigpoint GmbH
2021-11-27 22:22 - 2021-11-27 22:22 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarkOrbit
2021-11-27 22:19 - 2021-11-27 22:24 - 000000000 ____D C:\Users\wowts\Dark Orbit
2021-11-27 22:18 - 2021-11-27 22:19 - 021649640 _____ C:\Users\wowts\Downloads\DarkOrbitInstaller.392.172257406.exe
2021-11-26 16:40 - 2021-11-26 16:42 - 009451378 _____ C:\Users\wowts\Downloads\Feedback-Stieben-Milyayev-V3.pdf
2021-11-26 14:18 - 2021-11-26 14:18 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Delphi
2021-11-26 14:18 - 2021-11-26 14:18 - 000000000 ____D C:\ProgramData\Delphi
2021-11-26 14:11 - 2021-11-26 14:12 - 000000000 ____D C:\Users\wowts\Desktop\Diagnose
2021-11-26 13:49 - 2021-11-26 13:50 - 1585034671 _____ C:\Users\wowts\Downloads\Delphi Cars 2015.R3.zip
2021-11-26 11:37 - 2021-11-26 14:18 - 000000249 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Autocom
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\ProgramData\Common Diagnostics
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\ProgramData\Autocom
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\Documents\CarPort
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Obsidium
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Roaming\MPP-Engineering
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Local\MPP-Engineering
2021-11-25 13:52 - 2021-11-25 13:52 - 000000000 _____ C:\Users\wowts\Downloads\Eraser_6.2.0.2993.exe.part
2021-11-25 13:22 - 2021-11-25 13:22 - 1554618368 _____ C:\Users\wowts\Downloads\AUTOCOM 2017.1 CAR.iso
2021-11-24 17:21 - 2021-11-24 17:21 - 071373831 _____ C:\Users\wowts\Downloads\21.3.0 DE unupdatable.zip
2021-11-23 19:05 - 2021-11-23 19:06 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1) (2).pdf
2021-11-23 10:07 - 2021-11-23 12:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-22 18:21 - 2021-11-22 18:24 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1) (1).pdf
2021-11-22 12:53 - 2021-11-22 12:53 - 000159961 _____ C:\Users\wowts\Downloads\202111091348408430_2213437_200919.pdf
2021-11-22 12:52 - 2021-11-22 12:53 - 000410438 _____ C:\Users\wowts\Downloads\202111091921079470_2239425_200919.eml
2021-11-22 09:24 - 2021-11-22 09:24 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1).pdf
2021-11-19 16:13 - 2021-11-19 16:13 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-11-19 14:19 - 2021-11-19 14:21 - 023061073 _____ C:\Users\wowts\Downloads\01 Vorlesungsunterlagen.zip
2021-11-18 13:00 - 2019-06-05 04:43 - 000135667 _____ C:\WINDOWS\system32\Drivers\rtldata.txt
2021-11-18 10:49 - 2021-11-07 22:36 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-11-18 03:31 - 2021-11-18 03:31 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7c0f368e88e72
2021-11-16 20:43 - 2021-11-16 20:44 - 048334535 _____ C:\Users\wowts\Downloads\405.pdf
2021-11-15 10:15 - 2021-11-15 10:15 - 000000018 _____ C:\Users\wowts\delte
2021-11-15 10:14 - 2021-11-15 10:14 - 000000011 _____ C:\Users\wowts\delete
2021-11-12 12:38 - 2021-11-12 12:38 - 000401898 _____ C:\Users\wowts\Desktop\SHA-Antragsformular_Version_SARS-CoV-2.pdf
2021-11-12 03:13 - 2021-04-23 08:23 - 001865880 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001865880 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001446544 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001446544 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001101752 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 001101752 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000954920 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000954920 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000744600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000628888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000098456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000083096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000054408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000051336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000504472 _____ C:\WINDOWS\system32\GameManager64.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000500888 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000440448 _____ C:\WINDOWS\system32\EEURestart.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000387712 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000354432 _____ C:\WINDOWS\system32\clinfo.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000253064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000220808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000174752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000174216 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000148608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000027888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000027864 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 081591432 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 067170952 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 005528184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 001510008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 001339504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000829064 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000476296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000464008 _____ C:\WINDOWS\system32\atieah64.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000359560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000190088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000166360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000143480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000138880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000133256 _____ C:\WINDOWS\system32\atidxx64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000123528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000115336 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000077936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 072489608 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000948888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000776344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000497288 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000474272 _____ C:\WINDOWS\system32\amdlogum.exe
2021-11-12 03:13 - 2021-04-23 08:20 - 000387720 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 001708432 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 001384944 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000559704 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000145304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000139576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000139576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000129464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000117304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000117288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-11-12 03:13 - 2021-04-23 07:49 - 059070488 _____ C:\WINDOWS\system32\amdxc64.so
2021-11-12 03:13 - 2021-04-23 07:49 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-11-12 03:13 - 2021-04-23 07:49 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-11-12 03:13 - 2021-04-23 07:49 - 000557888 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-11-12 03:13 - 2021-04-23 07:49 - 000557888 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-11-12 03:13 - 2021-04-23 07:49 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-11-12 03:13 - 2021-04-23 07:49 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-11-12 03:13 - 2021-04-23 07:49 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2021-11-12 03:13 - 2021-04-23 07:49 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2021-11-12 03:13 - 2021-04-23 07:49 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2021-11-12 03:13 - 2021-04-23 07:49 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2021-11-12 00:15 - 2021-11-12 00:15 - 000106344 _____ C:\Users\wowts\Documents\Praktikum1.mw
2021-11-12 00:00 - 2021-11-12 00:00 - 000699151 _____ C:\Users\wowts\Documents\Praktikum 2.mw
2021-11-11 21:26 - 2021-11-11 21:26 - 000048681 _____ C:\Users\wowts\Documents\Mathe 2 Praktikum Aufgabe 7 DGl 2.O. Randwert.mw
2021-11-11 19:16 - 2021-11-11 19:16 - 000000000 ____D C:\Users\wowts\Maple
2021-11-11 18:58 - 2021-11-11 18:58 - 000001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021.lnk
2021-11-11 18:58 - 2021-11-11 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021
2021-11-11 18:51 - 2021-11-11 19:08 - 000000000 ____D C:\Program Files\Maple 2021
2021-11-11 18:29 - 2021-11-12 17:01 - 000035841 _____ C:\Users\wowts\Documents\Aufgabe 7.2.mw
2021-11-11 18:29 - 2021-11-12 17:01 - 000035507 _____ C:\Users\wowts\Documents\aufgabe 7.mw
2021-11-11 15:26 - 2021-11-11 15:26 - 011349663 _____ C:\Users\wowts\Downloads\Endfeedback-Stieben-Milyayev-V2.pdf
2021-11-11 13:47 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-11-11 10:25 - 2021-11-11 10:25 - 000190883 _____ C:\Users\wowts\Downloads\KL_Kran-Projektaufgabe_WS 21-22.pdf
2021-11-11 10:25 - 2021-11-11 10:25 - 000169344 _____ C:\Users\wowts\Downloads\KL_Kran-Projektaufgabe_Deckblatt_WS 21-22.pdf
2021-11-10 18:58 - 2021-11-11 20:34 - 000036049 _____ C:\Users\wowts\Documents\,,,.mw
2021-11-10 12:57 - 2021-11-10 12:57 - 000000000 ____D C:\Users\wowts\AppData\Roaming\VS Revo Group
2021-11-10 09:53 - 2021-12-01 09:40 - 000000000 ____D C:\Users\wowts\Desktop\Alles
2021-11-10 02:58 - 2021-11-10 02:58 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe
2021-11-10 02:58 - 2021-11-10 02:58 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-09 20:00 - 2021-11-09 20:00 - 000157859 _____ C:\Users\wowts\Downloads\202110062004282930_2150114_200919.pdf
2021-11-09 14:40 - 2021-11-09 14:41 - 015920937 _____ C:\Users\wowts\Downloads\Praktikum Absorbtion.V2.pdf
2021-11-09 00:52 - 2021-11-09 00:52 - 000118814 _____ C:\Users\wowts\Documents\asxaxasxa.mw
2021-11-06 00:45 - 2021-11-06 00:45 - 000032768 _____ C:\WINDOWS\system32\hnsproxy.dll
2021-11-06 00:44 - 2021-11-06 00:44 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-06 00:44 - 2021-11-06 00:44 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2021-11-06 00:44 - 2021-11-06 00:44 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-04 23:25 - 2021-11-04 23:25 - 000001935 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2021-11-04 22:40 - 2021-11-29 10:26 - 000000000 ____D C:\Users\wowts\AppData\Roaming\FileZilla
2021-11-04 22:40 - 2021-11-28 11:25 - 000000000 ____D C:\Users\wowts\AppData\Local\FileZilla
2021-11-04 22:37 - 2021-11-04 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-11-04 22:37 - 2021-11-04 22:37 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2021-11-04 09:40 - 2021-11-04 09:40 - 000040763 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).pdf
2021-11-04 09:40 - 2021-11-04 09:40 - 000005456 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).html
2021-11-04 09:40 - 2021-11-04 09:40 - 000005298 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).txt
2021-11-04 09:39 - 2021-11-04 09:39 - 000056309 _____ C:\Users\wowts\Downloads\EBAY-AGB_BASIC-INKL.DATENSCHUTZ (1).pdf
2021-11-04 09:39 - 2021-11-04 09:39 - 000023370 _____ C:\Users\wowts\Downloads\EBAY-AGB_BASIC-INKL.DATENSCHUTZ (4).html
2021-11-04 09:27 - 2021-11-04 09:27 - 000310915 _____ C:\Users\wowts\Downloads\Retourenformular (1).pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000299132 _____ C:\Users\wowts\Downloads\Muster_Versand-_und_Zahlungsinformationen (1).pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000225153 _____ C:\Users\wowts\Downloads\Zugangsbestaetigung.pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000197292 _____ C:\Users\wowts\Downloads\Auftragsbestaetigung.pdf
2021-11-04 09:26 - 2021-11-04 09:27 - 000177885 _____ C:\Users\wowts\Downloads\Muster-Rechnungen (1).pdf
2021-11-04 09:26 - 2021-11-04 09:26 - 000180429 _____ C:\Users\wowts\Downloads\Vertrag_ueber_die_Ueberlassung_und_Verwendung_von_Model-Bildern_mit_Datenschutzhinweisen.pdf
2021-11-04 09:25 - 2021-11-04 09:25 - 000226971 _____ C:\Users\wowts\Downloads\Muster_fuer_eine_Geheimhaltungsvereinbarung.pdf
2021-11-04 09:25 - 2021-11-04 09:25 - 000150333 _____ C:\Users\wowts\Downloads\E-Mail_Signatur_fuer_Kaufleute (1).pdf
2021-11-04 09:24 - 2021-11-04 09:24 - 000155203 _____ C:\Users\wowts\Downloads\E-Mail_Signatur_fuer_GmbH_und_UG.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-12-01 10:44 - 2020-12-02 02:01 - 000000512 _____ C:\Users\Public\amdsfhdcd.bin
2021-12-01 10:40 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-01 10:24 - 2020-12-24 12:52 - 000000000 ____D C:\Program Files\CCleaner
2021-12-01 10:04 - 2021-10-14 13:01 - 001768198 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-01 10:04 - 2021-06-05 18:53 - 000766156 _____ C:\WINDOWS\system32\perfh007.dat
2021-12-01 10:04 - 2021-06-05 18:53 - 000158958 _____ C:\WINDOWS\system32\perfc007.dat
2021-12-01 10:04 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2021-12-01 10:04 - 2021-01-18 13:34 - 000000000 ____D C:\Users\wowts\Documents\Outlook-Dateien
2021-12-01 10:01 - 2021-04-19 08:41 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Nextcloud
2021-12-01 10:01 - 2020-12-02 02:07 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-12-01 10:00 - 2021-10-14 13:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-12-01 10:00 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-12-01 10:00 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\Lenovo
2021-12-01 10:00 - 2020-12-02 02:00 - 000000000 ____D C:\ProgramData\Lenovo
2021-12-01 09:58 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-01 09:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-01 09:58 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\Packages
2021-12-01 09:58 - 2020-12-21 13:30 - 000000000 ____D C:\ProgramData\Packages
2021-12-01 09:57 - 2021-10-14 13:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-01 09:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2021-12-01 09:57 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-01 09:57 - 2021-06-05 13:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-01 09:57 - 2021-04-14 13:05 - 000001524 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Delphi Toasts App.lnk
2021-12-01 09:57 - 2021-04-14 13:05 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-12-01 09:57 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2021-12-01 09:40 - 2020-12-21 20:53 - 000000000 ___RD C:\Users\wowts\Desktop\Spiele
2021-12-01 09:30 - 2021-03-01 12:30 - 000000000 ____D C:\Users\wowts\AppData\Local\CrashDumps
2021-12-01 09:28 - 2020-12-23 15:51 - 000007630 _____ C:\Users\wowts\AppData\Local\Resmon.ResmonCfg
2021-11-30 22:17 - 2020-12-21 14:45 - 000000000 ____D C:\Users\wowts\AppData\LocalLow\Mozilla
2021-11-30 22:00 - 2020-12-21 14:45 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-30 21:05 - 2021-04-19 10:31 - 000000000 ___SD C:\Homecloud
2021-11-30 21:04 - 2021-10-14 13:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-30 18:40 - 2020-12-02 02:07 - 000000000 ____D C:\WINDOWS\TempInst
2021-11-30 18:37 - 2021-10-14 12:13 - 000000000 ____D C:\Users\wowts
2021-11-30 17:14 - 2020-12-02 02:01 - 000000000 ____D C:\Program Files\Lenovo
2021-11-30 17:12 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-30 17:11 - 2020-12-24 15:39 - 000000000 ___RD C:\Users\wowts\Desktop\Programe
2021-11-30 17:10 - 2021-10-14 13:00 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2021-11-30 17:10 - 2021-10-14 12:12 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-11-30 17:10 - 2019-12-07 10:14 - 000455026 _____ C:\WINDOWS\system32\Drivers\etc\.hosts
2021-11-29 21:38 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-29 21:38 - 2021-02-01 20:18 - 000000000 ____D C:\Users\wowts\AppData\Local\ElevatedDiagnostics
2021-11-29 19:44 - 2020-12-02 01:59 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-29 15:48 - 2021-10-14 13:00 - 000545736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-29 15:48 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\lxss
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-29 15:47 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing
2021-11-29 15:04 - 2021-10-14 13:01 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-11-29 14:43 - 2021-01-24 17:12 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-11-29 14:33 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\D3DSCache
2021-11-29 12:46 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-29 11:05 - 2021-02-14 23:12 - 000000000 ____D C:\Users\wowts\Documents\Citavi 6
2021-11-29 11:02 - 2021-02-25 17:44 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-11-29 10:24 - 2021-10-14 13:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-29 10:23 - 2021-06-05 13:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-11-29 10:18 - 2020-12-24 13:10 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-11-29 09:38 - 2021-08-26 20:19 - 000000000 ____D C:\Users\wowts\AppData\LocalLow\IObit
2021-11-29 09:38 - 2021-05-06 12:30 - 000000000 ____D C:\Program Files (x86)\IObit
2021-11-29 09:38 - 2021-05-06 12:14 - 000000000 ____D C:\ProgramData\IObit
2021-11-29 09:38 - 2021-05-06 12:13 - 000000000 ____D C:\Users\wowts\AppData\Roaming\IObit
2021-11-28 18:10 - 2021-02-12 17:50 - 000000128 _____ C:\Users\wowts\AppData\Local\PUTTY.RND
2021-11-28 12:16 - 2020-12-24 13:12 - 000000000 ____D C:\Program Files (x86)\Avira
2021-11-28 11:58 - 2020-12-24 13:12 - 000000000 ____D C:\ProgramData\Avira
2021-11-26 14:40 - 2021-10-14 13:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-26 11:30 - 2021-08-26 20:18 - 000000000 ____D C:\ProgramData\WinZip
2021-11-26 11:27 - 2021-02-14 23:09 - 000000000 ____D C:\Users\wowts\AppData\Local\Docker
2021-11-26 10:53 - 2020-12-21 14:29 - 000000000 ____D C:\Program Files\Maple 2020
2021-11-25 22:42 - 2020-12-21 15:39 - 000000000 ____D C:\Users\wowts\Downloads\Uni
2021-11-25 16:21 - 2021-02-25 17:45 - 000002390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-11-25 12:49 - 2021-10-14 13:12 - 000004196 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1608812151
2021-11-25 12:49 - 2020-12-24 13:15 - 000001400 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-11-25 09:36 - 2020-12-02 01:59 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-25 00:43 - 2020-12-21 15:39 - 000000000 ____D C:\Users\wowts\Downloads\Programe
2021-11-23 12:04 - 2020-12-21 14:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-23 11:55 - 2020-12-21 14:45 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-22 18:49 - 2021-10-20 08:15 - 000005202 _____ C:\WINDOWS\storelibdebug.txt
2021-11-22 14:59 - 2021-10-14 13:12 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-778103176-1376588227-3002950867-1001
2021-11-22 14:59 - 2020-12-21 13:34 - 000002406 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-19 16:13 - 2020-12-21 16:38 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Zoom
2021-11-19 09:59 - 2021-01-23 02:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-11-18 22:07 - 2021-10-14 13:12 - 000003636 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-11-18 22:07 - 2021-05-06 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-11-18 03:31 - 2021-10-14 13:12 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-16 20:59 - 2021-10-16 11:28 - 000002380 _____ C:\Users\wowts\Desktop\WK2.lnk
2021-11-14 14:27 - 2020-12-02 02:01 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-12 17:01 - 2021-01-02 10:46 - 000000000 ____D C:\Users\wowts\.maplesoft
2021-11-11 19:08 - 2021-01-02 19:08 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Maple
2021-11-10 12:55 - 2021-04-14 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-11-10 12:52 - 2021-08-26 20:20 - 000000000 ____D C:\Program Files (x86)\KompoZer
2021-11-10 09:53 - 2021-10-16 11:28 - 000002037 _____ C:\Users\wowts\Desktop\Physik 2.lnk
2021-11-10 09:52 - 2021-10-09 10:34 - 000001860 _____ C:\Users\wowts\Desktop\Semester 4 WS21.lnk
2021-11-10 09:52 - 2020-12-21 14:33 - 000001542 _____ C:\Users\wowts\Desktop\OneDrive.lnk
2021-11-10 05:00 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-11-10 05:00 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 03:07 - 2020-12-24 12:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 03:01 - 2020-12-24 12:31 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-07 22:36 - 2021-08-17 23:01 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-11-07 22:36 - 2021-08-17 23:01 - 000063728 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-11-07 22:36 - 2020-12-02 02:00 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-11-07 02:40 - 2021-08-21 13:11 - 000001040 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2021-11-06 22:00 - 2021-10-31 15:13 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2021-11-06 04:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-11-06 04:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-11-06 04:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-06 00:55 - 2021-04-28 07:32 - 000000000 ____D C:\Users\wowts\AppData\Roaming\vlc
2021-11-04 23:57 - 2021-02-21 23:50 - 000002286 ____H C:\Users\wowts\Documents\Default.rdp
2021-11-04 23:25 - 2021-10-13 16:47 - 000000000 ____D C:\Program Files\Nextcloud
2021-11-04 22:54 - 2021-01-24 15:53 - 000000439 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-11-04 22:30 - 2021-05-14 22:12 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-11-03 09:28 - 2020-12-21 16:38 - 000002375 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-12-26 15:12 - 2021-07-23 10:16 - 000000128 _____ () C:\Users\wowts\AppData\Roaming\winscp.rnd
2021-02-06 10:12 - 2021-02-10 12:20 - 000018267 _____ () C:\Users\wowts\AppData\Local\PlariumPlay.log
2021-02-12 17:50 - 2021-11-28 18:10 - 000000128 _____ () C:\Users\wowts\AppData\Local\PUTTY.RND
2021-05-15 09:26 - 2021-05-15 09:26 - 000015975 _____ () C:\Users\wowts\AppData\Local\recently-used.xbel
2020-12-23 15:51 - 2021-12-01 09:28 - 000007630 _____ () C:\Users\wowts\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von Wovan (01.12.2021 um 11:25 Uhr) |
| Themen zu Vram 85-99%+ ausgelastet. Mining Bot? |
| amd, andere, anderen, auslastung, avira, bot, browser, eset, folge, guten, interne, internet, internet probleme, laufen, leute, lüfter, morgen, probleme, programme, runter, software, starte, startet, system, taskmanager, windows 11 |
Baum-Darstellung