| |
| |||||||
Alles rund um Windows: Windwos 11: System lahmt und stockt, Internetseite lädt nicht sporadisch, Abstürze durch Nordvpn (Bluescreen)Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
03.02.2024, 18:20
| #1 |
| |  Problem: Windwos 11: System lahmt und stockt, Internetseite lädt nicht sporadisch, Abstürze durch Nordvpn (Bluescreen) Hallo, Hab mir ein neune Laptop gegönnt mit Windows 11, nur läuft der irgendwie nicht gut. Hatte schon öfters das ich im Browser eine Seite aufrufe und sie lädt nicht, oder das System lahmt und ist manchmal auch abgestürzt wegen NordVPN. Dann hab ich mal in die Ereignis anzeige geschaut und hab da sehr viele Fehler und Warnungen gefunden. (Aktuell 4892 in Administrative Ereignisse) Habe gestern Kaspersky Free Rescue Disk laufen lassen und es wurden drei gelbe Objekte gefunden die ich gelöscht hab "Adware" und "This is not malware" oder so stand dran. Der Grund warum ich das gemacht habe war, das ich eine Microsoft Defender Antivirus Offline Überprüfung gemacht hatte und da kam die Meldung das möglicher weise Malware auf meinem Rechner ist. Was aber später nicht im verlauf auftauchte. Hab mit FRST.exe logs gemacht: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03.02.2024 01
durchgeführt von krümel (Administrator) auf KEKS (LENOVO 82TL) (03-02-2024 17:43:33)
Gestartet von C:\Users\krümel\Desktop\FRST64.exe
Geladene Profile: krümel
Plattform: Microsoft Windows 11 Pro Version 23H2 22631.3085 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Brave
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.147\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.147\BraveCrashHandler64.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(SmartInteractAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.40.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_e9709186d216ac57\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_f6255f9b56d06c65\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_f6255f9b56d06c65\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_f6255f9b56d06c65\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_f6255f9b56d06c65\FnHotkeyUtility.exe
(DriverStore\FileRepository\lnvsst.inf_amd64_95a89ec5b2e0af12\SmartSense.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lnvsst.inf_amd64_95a89ec5b2e0af12\SmartSenseController.exe
(DriverStore\FileRepository\lnvsst.inf_amd64_95a89ec5b2e0af12\SmartSense.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lnvsst.inf_amd64_95a89ec5b2e0af12\UserSSCtrl.exe
(DriverStore\FileRepository\u0390832.inf_amd64_43cf2d2b9b7da977\B390488\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390832.inf_amd64_43cf2d2b9b7da977\B390488\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2312.33.0_x64__8wekyb3d8bbwe\SnippingTool\SnippingTool.exe
(explorer.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\NordVPN.exe
(Lenovo -> Lenovo) C:\ProgramData\Lenovo\Vantage\AddinData\LenovoBatteryGaugeAddin\x64\QSHelper.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\netsh.exe <3>
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390832.inf_amd64_43cf2d2b9b7da977\B390488\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_e9709186d216ac57\DAX3API.exe
(services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\lenovo\UDC\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo Limited Company) C:\Program Files\Lenovo\LVA Pro Service\VoiceAssistantService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_f6255f9b56d06c65\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lnvsst.inf_amd64_95a89ec5b2e0af12\SmartSense.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Oracle America, Inc. -> ) C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d315e0ae42c5f5e6\RtkAudUService64.exe <2>
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.40.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [LVAW] => C:\Program Files\Lenovo\LVA Pro Service\StartupHelper.exe [699680 2023-02-10] (Lenovo -> Lenovo Limited Company)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d315e0ae42c5f5e6\RtkAudUService64.exe [1922856 2023-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BraveVpnWireguardService] => C:\Program Files\BraveSoftware\Brave-Browser\Application\121.1.62.156\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10928152 2024-01-31] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3293072 2023-10-12] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [644952 2023-12-08] (Geek Software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5109624 2023-01-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\MRT: Beschränkung <==== ACHTUNG
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKU\S-1-5-21-4201263534-3633762348-2776426445-1001\...\Run: [MicrosoftEdgeAutoLaunch_70EE13B711ECD4BE568CAD7F8C004D7A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788840 2024-02-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4201263534-3633762348-2776426445-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2597288 2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4201263534-3633762348-2776426445-1002\...\Run: [MicrosoftEdgeAutoLaunch_5DF05707A8A0977F46B97D144206D7B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788840 2024-02-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4201263534-3633762348-2776426445-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4201263534-3633762348-2776426445-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4201263534-3633762348-2776426445-1002\...\Run: [Discord] => C:\Users\krümel\AppData\Local\Discord\Update.exe [1525016 2023-12-19] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4201263534-3633762348-2776426445-1002\...\Run: [LenovoVantage] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.37\LenovoVantage.exe [25512 2023-12-26] (Lenovo -> Lenovo)
HKU\S-1-5-21-4201263534-3633762348-2776426445-1002\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\AddinData\LenovoBatteryGaugeAddin\x64\QSHelper.exe [108456 2023-09-19] (Lenovo -> Lenovo)
HKU\S-1-5-21-4201263534-3633762348-2776426445-1002\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
HKU\S-1-5-21-4201263534-3633762348-2776426445-1002\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\121.1.62.156\Installer\chrmstp.exe [2024-01-31] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\krümel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2024-01-07]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {07FF50F7-8B89-4E3A-BD8C-EC1A7A0B96DE} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{AEB71723-ADE3-4418-A6E8-A98274613EFA} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2024-01-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {ADDB8A50-B793-406B-8BF5-F94F4538E8E6} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{18E4C8DF-A579-49C6-B3B6-7D82C5E3AC85} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2024-01-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {276EBBAE-0AE8-4E60-90FE-1EDB5279BD7B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E3DC44D9-B6D2-40BF-93E7-91113107B65F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "5bb1143e-00c2-496b-968a-93fda0ec3084" --version "6.20.10897" --silent
Task: {841E972A-8F96-4E78-90BD-72418590B9D1} - System32\Tasks\CCleanerSkipUAC - krümel => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B0E55B96-2985-4B93-9592-A4CC21444B44} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {E8339D5C-437B-4FFB-A062-AF82E7FB63E1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {54DFEA64-1027-4D49-8B82-1C8948DABBC5} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\Windows\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {0420C2EF-1DD4-4509-943A-1CEBF9EB27F6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\281d5053-5b1a-4773-b07f-78a0db270081 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {A0EE859F-F5F6-4DE6-BF88-A9C930635831} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\37ac9e21-eec1-4a14-bea0-8710698a0dcf => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {02D040DB-4999-4AA4-8105-5783C20B22B8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\61c94390-a997-453d-8551-3f2dbdec53ab => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {A0E1E520-E7E6-4BCC-B4CC-34FECF7E9D02} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c22558a1-ce67-4f94-a157-525eb81c9de5 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {13BE9A3C-1EC4-4926-A8CD-1AB02F185549} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c3eab5b3-886b-48f8-a922-7504314819cd => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DAD20D27-BD25-4175-A65D-77229F70A5E8} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {0090DD7F-34EB-4702-BB8D-3E55D1CD21D8} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90600 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {4998891E-73E5-4395-98AE-DAE4799BDFC5} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\Windows\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [185312 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {BA18B94E-9B26-434F-80F1-64CE2822709E} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {31C5226D-DB5C-44BD-BDC5-A9E28A3DF1BA} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {F8106B0A-CD89-47A2-92FB-C7ACFBF79DD4} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {FC6F6E0D-AA99-4364-A044-801D503BAD31} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {F21CDBB5-9125-4E18-A41C-994E4DDF3C7D} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {DE6FE2DD-89AD-4F5C-AAC8-10DC07A86DC4} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {D6E8B350-A247-4C9B-A186-1E518C9F6CCE} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {EF89BD6B-DBCB-4676-8902-026DAC37747B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBoostAddin.Prompt => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {56D116C2-02F5-4BBC-BEE3-B8561C2688A9} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {CC1D4A84-4B57-4102-902E-F760C1D700B9} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {929669E7-8E77-4286-A67C-A459FE425FDC} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {68C71B32-14F9-46EA-A0DF-EAEB5466364A} - System32\Tasks\Lenovo\Vantage\Schedule\SmartLock.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {98847315-FD03-4F72-A9A0-F74EB058093C} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {AF445AE6-916E-49B4-8B37-5C94359E173A} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe [30176 2023-12-15] (Lenovo -> Lenovo)
Task: {BB44087E-A925-4093-9D0D-F3FA12081B79} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\uninstall.exe [311776 2023-12-15] (Lenovo -> Lenovo)
Task: {457CE5CA-C3EB-4377-AD10-5D7D18843237} - System32\Tasks\McAfee\WPS\datupdatetask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {15217C8B-6620-41B8-9951-092524BECF0C} - System32\Tasks\McAfee\WPS\mcpcoscanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {EB259053-72D1-4986-A3A2-89BD9EA792FA} - System32\Tasks\McAfee\WPS\odsscheduledtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {887380B9-36A5-41E3-9E4B-0C45777093A3} - System32\Tasks\McAfee\WPS\systemrebootedtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {9EDE45B1-0CAA-4605-BEB8-8AAD21F04C13} - System32\Tasks\McAfee\WPS\tracker_remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {81D8FFC5-4D0B-4D42-822D-EEB9048649DB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371640 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {147A4241-A64B-42E7-B2D7-F70A5C089D3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371640 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EE38AC5-DF36-4E83-987F-ADE641FF7AAE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306224 2024-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDB2B76B-DB22-4699-BD8A-3E1A89F0CEC0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306224 2024-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9740686E-8B2B-4CF1-B4B8-8BDFF9FDFA31} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {579AAF08-6E31-46DB-9220-85BC2C8499FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B8CF2F9-790E-4363-84D0-755752CFE22D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E4E6650F-070E-4FE1-A5FF-4A55565AB7D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0E70AC66-36EE-461C-8989-5C66ED97B8DA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B22BA7C7-FC46-4EF4-9DA2-62B94BB19CF5} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-01-18] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1CE05EFF-6BBF-47EE-9E91-D1F50AEC9866} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {68910DB5-4085-4BF1-8CB6-4B5527F339F3} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [Datei ist nicht signiert]
Task: {87D28D8D-43DA-45EB-A7DC-902E45C2D063} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {94180D9B-5D22-4BBC-85BD-8FE27EF665B5} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4201263534-3633762348-2776426445-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {428067E8-244A-4B60-825F-886DF0FE9B9A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4201263534-3633762348-2776426445-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADC9622E-0C1B-4B80-A869-5E01006E1F19} - System32\Tasks\Remove AdwCleaner Application => C:\Windows\system32\CMD.EXE [323584 2024-01-02] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "C:\Users\krümel\Desktop\resources\stage_3_disinfect\malwarebytes_adwcleaner\adwcleaner.exe"
Task: {02536B87-A7CA-4E9D-8795-DDB6416A5E90} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [5339512 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {61B2ECE1-0941-45A7-8655-D162A6B778D6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5659512 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {75A3B0AD-436D-4045-9C5C-3E6D8106E437} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [5839224 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{029a1bcb-ea55-4561-850a-e856c798b22f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{029a1bcb-ea55-4561-850a-e856c798b22f}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{029a1bcb-ea55-4561-850a-e856c798b22f}\960586F6E6560267F6E6021497471636: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{029a1bcb-ea55-4561-850a-e856c798b22f}\D4F62697B6C69636B6: [DhcpNameServer] 213.209.104.220 213.209.104.250
Tcpip\..\Interfaces\{52c9a754-8da7-4a6b-a104-f0dca7e79710}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{52c9a754-8da7-4a6b-a104-f0dca7e79710}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{c0f621c0-410f-4c29-bfa0-d40711afaa5f}: [DhcpNameServer] 150.203.1.2
Tcpip\..\Interfaces\{fc01fcd5-2b9d-2fd8-78d8-cb78b313e2b2}: [NameServer] 9.9.9.11,149.112.112.11,146.255.56.98,84.200.69.80,103.86.96.100,103.86.99.100
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\krümel\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-02]
Edge Extension: (Dashlane*– Passwort-Manager) - C:\Users\krümel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gehmmocbbkpblljhkekmfhjpfbkclbph [2024-02-02]
Edge Extension: (Google Docs Offline) - C:\Users\krümel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25]
Edge Extension: (Edge relevant text changes) - C:\Users\krümel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
Edge Extension: (Privacy Badger) - C:\Users\krümel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mkejgcgkdlddbggjhhflekkondicpnop [2024-01-08]
Edge Extension: (uBlock Origin) - C:\Users\krümel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2024-01-08]
FireFox:
========
FF DefaultProfile: fs7tx0hm.default
FF ProfilePath: C:\Users\krümel\AppData\Roaming\Mozilla\Firefox\Profiles\fs7tx0hm.default [2024-02-02]
FF ProfilePath: C:\Users\krümel\AppData\Roaming\Mozilla\Firefox\Profiles\9q0iycth.default-release [2024-02-03]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-30] (Microsoft Corporation -> Microsoft Corporation)
Brave:
=======
BRA Profile: C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-02-03]
BRA DefaultSearchURL: Default -> hxxps://www.startpage.com/do/search?q={searchTerms}&segment=startpage.brave
BRA DefaultSearchKeyword: Default -> :sp
BRA DefaultSuggestURL: Default -> hxxps://www.startpage.com/cgi-bin/csuggest?query={searchTerms}&limit=10&format=json
BRA Extension: (uBlock Origin) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-29]
BRA Extension: (Dashlane*– Passwort-Manager) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2024-02-02]
BRA Extension: (Privacy Badger) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2024-01-02]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-02-03]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-02-03]
BRA Extension: (Brave NTP background images) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-02-01]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-02-03]
BRA Extension: (Wallet Data Files Updater) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-22]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-02-03]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-01-02]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-01-02]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-02-03]
BRA Extension: (Brave Ads Resources) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2024-01-25]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2024-02-03]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-01-26]
BRA Extension: (Brave NTP sponsored images) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2024-02-03]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\krümel\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2024-01-02]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2024-01-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2024-01-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\121.1.62.156\brave_vpn_helper.exe [2806296 2024-01-31] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\121.1.62.156\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10928152 2024-01-31] (Brave Software, Inc. -> Brave Software, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14045768 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_e9709186d216ac57\DAX3API.exe [2363392 2023-03-27] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.010.0114.0001\FileSyncHelper.exe [3515408 2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [943032 2023-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_f6255f9b56d06c65\LenovoUtilityService.exe [161160 2023-11-08] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantageService.exe [34272 2023-12-15] (Lenovo -> Lenovo)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1849552 2023-04-18] (Lenovo -> Lenovo(beijing) Limited)
R2 LVAWService; C:\Program Files\Lenovo\LVA Pro Service\VoiceAssistantService.exe [693536 2023-02-10] (Lenovo -> Lenovo Limited Company)
R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [28742728 2023-10-11] (Oracle America, Inc. -> )
R3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [320088 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2023-08-09] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.010.0114.0001\OneDriveUpdaterService.exe [3852832 2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [644952 2023-12-08] (Geek Software GmbH -> geek software GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2737016 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4588408 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2024-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SmartSense; C:\Windows\System32\DriverStore\FileRepository\lnvsst.inf_amd64_95a89ec5b2e0af12\SmartSense.exe [204672 2023-11-21] (Lenovo -> Lenovo)
R2 UDCService; C:\Windows\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72160 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [802752 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\121.1.62.156\elevation_service.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AMDAfdAudioService; C:\Windows\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_dea03ff0fb4183f1\amdacpafd.sys [435136 2023-02-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [35360 2022-06-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0390832.inf_amd64_43cf2d2b9b7da977\B390488\amdkmdag.sys [94634328 2023-04-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AX88179; C:\Windows\System32\DriverStore\FileRepository\netax88179_178a.inf_amd64_a8bb8a6e92764769\ax88179_178a.sys [79872 2022-05-07] (Microsoft Windows -> ASIX Electronics Corp.)
R3 AX88179A; C:\Windows\System32\DriverStore\FileRepository\axusbeth.inf_amd64_88fb34fbbab9fd2d\AxUsbEth.sys [153472 2023-12-20] (WDKTestCert AndyChen,132652806163117881 -> ASIX Electronics Corp.)
S3 AX88772; C:\Windows\System32\DriverStore\FileRepository\netax88772.inf_amd64_f1efe88b4f90c639\ax88772.sys [116736 2022-05-07] (Microsoft Windows -> ASIX Electronics Corp.)
R0 fse; C:\Windows\System32\drivers\fse.sys [218592 2024-01-02] (Microsoft Windows -> Microsoft Corporation)
R3 mshield; C:\Windows\System32\DRIVERS\mshield.sys [43112 2024-01-10] (nordvpn s.a. -> Nordvpn S.A.)
R3 MTKBTFilterx64; C:\Windows\system32\DRIVERS\mtkbtfilterx.sys [371600 2023-09-03] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\Windows\System32\drivers\mtkwl6ex.sys [1669928 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R2 NDivert; C:\Program Files\NordVPN\7.18.5.0\Drivers\NDivert.sys [131472 2023-08-04] (nordvpn s.a. -> Nordvpn S.A.)
R4 NordDivert10; C:\Program Files\NordVPN\NordSec ThreatProtection\1.4.18.7\NordDivert1064.sys [101240 2024-01-10] (nordvpn s.a. -> NordVPN/Basil)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [77792 2023-10-19] (Nmap Software LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\Windows\system32\DRIVERS\npcap.sys [77792 2023-10-19] (Nmap Software LLC -> Insecure.Com LLC.)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [205552 2021-02-12] (RH Software Ltd -> Ray Hinchliffe)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2024-01-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [49744 2023-11-14] (nordvpn s.a. -> The OpenVPN Project)
R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [52872 2020-05-22] (Tomasz Moń -> USBPcap)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [251776 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [262648 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1060600 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [813112 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> IDRIX)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2024-01-02] (Microsoft Windows -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2024-01-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2024-01-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-02] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29680 2024-01-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 nordlwf; \SystemRoot\system32\DRIVERS\nordlwf.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-02-03 17:43 - 2024-02-03 17:44 - 000042812 _____ C:\Users\krümel\Desktop\FRST.txt
2024-02-03 17:43 - 2024-02-03 17:43 - 000000000 ____D C:\FRST
2024-02-03 17:26 - 2024-02-03 17:26 - 002389504 _____ (Farbar) C:\Users\krümel\Desktop\FRST64.exe
2024-02-03 17:25 - 2024-02-03 17:25 - 000760092 _____ C:\Windows\system32\perfh007.dat
2024-02-03 17:25 - 2024-02-03 17:25 - 000157276 _____ C:\Windows\system32\perfc007.dat
2024-02-03 17:14 - 2024-02-03 17:14 - 000003199 _____ C:\Users\krümel\Desktop\BackSuboptimazition.ps1
2024-02-03 09:14 - 2024-02-03 09:14 - 000546588 _____ (glax24 (safezone.cc)) C:\Users\krümel\Downloads\SecurityCheck.exe
2024-02-03 09:14 - 2024-02-03 09:14 - 000000000 ____D C:\SecurityCheck
2024-02-03 07:41 - 2024-02-03 07:41 - 000000000 ____D C:\Windows\Microsoft Antimalware
2024-02-03 01:19 - 2024-02-03 17:26 - 000000000 ____D C:\Users\krümel\AppData\Local\NordVPN
2024-02-03 01:19 - 2024-02-03 17:21 - 000000000 ____D C:\Program Files\NordVPN
2024-02-03 01:19 - 2024-02-03 01:22 - 000000000 ____D C:\ProgramData\NordVPN
2024-02-03 01:19 - 2024-02-03 01:19 - 000000000 ____D C:\ProgramData\NordUpdater
2024-02-03 01:19 - 2024-02-03 01:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2024-02-03 01:19 - 2024-02-03 01:19 - 000000000 ____D C:\Program Files\NordUpdater
2024-02-03 01:19 - 2024-02-03 01:19 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2024-02-03 01:19 - 2024-01-10 10:37 - 000043112 _____ (Nordvpn S.A.) C:\Windows\system32\Drivers\mshield.sys
2024-02-03 01:11 - 2024-02-03 01:11 - 001744384 _____ (NordVPN ) C:\Users\krümel\Downloads\NordVPNSetup(1).exe
2024-02-03 00:43 - 2024-02-03 00:43 - 000000000 ____D C:\Users\yok01\AppData\Local\VirtualStore
2024-02-03 00:31 - 2024-02-03 00:31 - 000000000 ____D C:\KRD2018_Data
2024-02-02 10:24 - 2024-02-02 12:40 - 000000000 ____D C:\Users\krümel\AppData\Roaming\gitmind
2024-02-02 10:24 - 2024-02-02 10:24 - 000001224 _____ C:\Users\Public\Desktop\GitMind.lnk
2024-02-02 10:24 - 2024-02-02 10:24 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Apowersoft
2024-02-02 10:24 - 2024-02-02 10:24 - 000000000 ____D C:\Users\krümel\AppData\Local\gitmind-updater
2024-02-02 10:24 - 2024-02-02 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2024-02-02 10:24 - 2024-02-02 10:24 - 000000000 ____D C:\Program Files (x86)\Apowersoft
2024-02-02 10:23 - 2024-02-02 10:23 - 002125600 _____ (Apowersoft) C:\Users\krümel\Downloads\gitmind-setup.exe
2024-02-02 10:16 - 2024-02-02 10:16 - 000035394 _____ C:\Users\krümel\Downloads\ÜbungsaufgabenElektrischeLeistungUndArbeit.docx-1.pdf
2024-02-02 09:17 - 2024-02-02 09:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-02 09:17 - 2024-02-02 09:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-02 09:17 - 2024-02-02 09:17 - 000002045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2024-02-02 09:17 - 2024-02-02 09:17 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-02 09:17 - 2024-02-02 09:17 - 000001004 _____ C:\Users\Public\Desktop\Firefox.lnk
2024-02-02 09:17 - 2024-02-02 09:17 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-02-02 09:17 - 2024-02-02 09:17 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Mozilla
2024-02-02 09:17 - 2024-02-02 09:17 - 000000000 ____D C:\Users\krümel\AppData\Local\Mozilla
2024-02-02 09:17 - 2024-02-02 09:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-02 09:16 - 2024-02-02 09:16 - 000350120 _____ (Mozilla) C:\Users\krümel\Downloads\Firefox Installer.exe
2024-02-01 19:06 - 2024-02-01 19:14 - 000000000 ____D C:\Users\krümel\Documents\VSCode
2024-02-01 16:43 - 2024-02-01 16:43 - 000000000 ____D C:\Users\krümel\AppData\Local\IsolatedStorage
2024-01-31 22:52 - 2024-02-03 00:44 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-01-30 17:34 - 2024-01-30 17:34 - 000000000 ____D C:\Users\krümel\AppData\Local\PDF24
2024-01-30 17:33 - 2024-01-30 17:34 - 000000000 ____D C:\Program Files\PDF24
2024-01-30 17:33 - 2024-01-30 17:33 - 000001723 _____ C:\Users\Public\Desktop\PDF24 Launcher.lnk
2024-01-30 17:33 - 2024-01-30 17:33 - 000001718 _____ C:\Users\Public\Desktop\PDF24 Toolbox.lnk
2024-01-30 17:33 - 2024-01-30 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2024-01-30 17:32 - 2024-01-30 17:33 - 353043816 _____ (geek software GmbH ) C:\Users\krümel\Downloads\pdf24-creator-11.15.2-x64.exe
2024-01-30 16:15 - 2024-01-30 16:15 - 000000000 ____D C:\Users\krümel\Documents\Benutzerdefinierte Office-Vorlagen
2024-01-30 16:07 - 2024-02-02 22:53 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4201263534-3633762348-2776426445-1002
2024-01-30 16:07 - 2024-02-02 22:53 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-01-30 16:07 - 2024-02-02 22:53 - 000002159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-01-30 16:07 - 2024-01-30 16:07 - 000000000 ___RD C:\Users\Default\OneDrive
2024-01-30 16:06 - 2024-01-30 16:06 - 000002552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2024-01-30 16:06 - 2024-01-30 16:06 - 000002548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-01-30 16:06 - 2024-01-30 16:06 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2024-01-30 16:06 - 2024-01-30 16:06 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-30 15:51 - 2024-01-30 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2024-01-29 16:45 - 2024-01-29 16:45 - 000054115 _____ C:\Users\krümel\Downloads\Seminar Grundlagen Datenbanksystem - Aufgabe 2 Versicherung Lösung.pdf
2024-01-29 15:22 - 2024-01-29 15:23 - 000000000 ____D C:\Users\krümel\AppData\Local\Adobe
2024-01-29 15:19 - 2024-01-29 15:19 - 000177774 _____ C:\Users\krümel\Downloads\Fortsetzung Praktikum.pdf
2024-01-29 15:14 - 2024-01-29 15:14 - 000053949 _____ C:\Users\krümel\Downloads\Seminar Grundlagen Datenbanksystem - Aufgabe 2 Versicherung.pdf
2024-01-29 07:11 - 2024-01-29 07:11 - 000012594 _____ C:\Users\krümel\Downloads\#01_KostenNutzenFaktor.xlsx
2024-01-28 21:20 - 2024-01-28 21:20 - 000000112 _____ C:\Users\krümel\index.html
2024-01-28 18:54 - 2024-01-28 18:54 - 026589696 _____ (Python Software Foundation) C:\Users\krümel\Downloads\python-3.12.1-amd64.exe
2024-01-28 18:54 - 2024-01-28 18:54 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.12
2024-01-28 18:54 - 2024-01-28 18:54 - 000000000 ____D C:\Users\krümel\AppData\Local\Package Cache
2024-01-28 17:54 - 2024-01-28 17:54 - 000000000 ____D C:\Users\krümel\AppData\Local\conda
2024-01-28 17:54 - 2024-01-28 17:54 - 000000000 ____D C:\Users\krümel\.continuum
2024-01-28 17:54 - 2024-01-28 17:54 - 000000000 ____D C:\Users\krümel\.anaconda
2024-01-28 17:53 - 2024-01-28 18:46 - 000000000 ____D C:\Users\krümel\.conda
2024-01-28 17:53 - 2024-01-28 17:53 - 000000000 ____D C:\Users\krümel\AppData\Roaming\.anaconda
2024-01-28 01:29 - 2024-01-28 01:29 - 014806156 _____ C:\Users\krümel\Documents\NachDesubopt.pcapng
2024-01-28 00:53 - 2024-01-28 01:07 - 000000000 ____D C:\BACKUP
2024-01-28 00:51 - 2024-01-28 00:51 - 000043083 _____ C:\Users\krümel\Documents\desubuptimation.ps1
2024-01-28 00:50 - 2024-01-28 00:50 - 000000000 _____ C:\Users\krümel\Desktop\Textdokument (neu).txt
2024-01-28 00:39 - 2024-01-28 00:39 - 000000000 ____D C:\Users\krümel\AppData\Local\Microsoft_Corporation
2024-01-27 22:40 - 2024-01-27 22:40 - 000000432 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2024-01-27 22:00 - 2024-01-27 22:00 - 000000116 ___RH C:\Users\krümel\Downloads\Stinger.opt
2024-01-27 19:55 - 2024-01-27 22:01 - 000000000 ____D C:\ProgramData\McAfee
2024-01-27 19:55 - 2024-01-27 22:01 - 000000000 ____D C:\Program Files\Common Files\McAfee
2024-01-27 19:47 - 2024-01-27 21:31 - 000000848 _____ C:\Users\krümel\Downloads\Stinger_27012024_194746.html
2024-01-26 23:35 - 2023-04-28 08:37 - 093402533 _____ C:\Users\krümel\Downloads\new_employees.sql
2024-01-26 23:34 - 2024-01-26 23:34 - 016968652 _____ C:\Users\krümel\Downloads\new_employees.zip
2024-01-26 21:34 - 2024-01-22 17:41 - 000002831 _____ C:\Windows\system32\Drivers\etc\hosts.20240126-213440.backup
2024-01-26 20:11 - 2024-01-26 20:11 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2024-01-26 20:02 - 2024-01-26 21:33 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2024-01-26 20:02 - 2024-01-26 21:33 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2024-01-26 20:02 - 2024-01-26 20:02 - 000001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2024-01-26 20:02 - 2024-01-26 20:02 - 000001463 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2024-01-26 20:02 - 2024-01-26 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2024-01-26 20:02 - 2018-02-06 18:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2024-01-26 18:40 - 2024-01-26 18:40 - 000306149 _____ C:\Users\krümel\Documents\bookmarks_26.01.24.html
2024-01-26 17:52 - 2024-01-26 18:24 - 000000128 _____ C:\Users\krümel\AppData\Local\PUTTY.RND
2024-01-26 17:49 - 2024-01-26 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2024-01-26 17:49 - 2024-01-26 17:49 - 000000000 ____D C:\Program Files\PuTTY
2024-01-26 14:54 - 2024-01-26 14:54 - 000000000 ____D C:\Users\krümel\AppData\Roaming\MySQL
2024-01-26 14:47 - 2024-01-26 14:47 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MySQL
2024-01-26 14:46 - 2024-01-26 14:48 - 000000000 ____D C:\Program Files\MySQL
2024-01-26 14:45 - 2024-01-26 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2024-01-26 14:45 - 2024-01-26 14:48 - 000000000 ____D C:\Program Files (x86)\MySQL
2024-01-26 14:45 - 2024-01-26 14:46 - 000000000 ____D C:\ProgramData\MySQL
2024-01-26 07:26 - 2024-01-26 07:26 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\IME
2024-01-25 21:35 - 2024-01-25 21:35 - 000019222 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-01-25 21:35 - 2024-01-25 21:35 - 000019222 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-01-24 16:22 - 2024-01-24 16:23 - 391802880 _____ C:\Users\krümel\Downloads\mysql-installer-community-5.7.44.0.msi
2024-01-24 16:22 - 2024-01-24 16:22 - 000052463 _____ C:\Users\krümel\Downloads\mysqlsampledatabase.zip
2024-01-23 21:03 - 2024-01-23 21:03 - 133606492 _____ C:\Users\krümel\Documents\vpnOff21.03.pcapng
2024-01-22 17:11 - 2024-01-22 17:11 - 000000000 ____D C:\ProgramData\Sophos
2024-01-22 17:08 - 2024-01-22 17:08 - 000003418 _____ C:\Windows\system32\Tasks\Remove AdwCleaner Application
2024-01-22 17:08 - 2024-01-22 17:08 - 000000000 ____D C:\Users\krümel\AppData\Local\mbamtray
2024-01-22 17:07 - 2024-01-22 17:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-22 16:05 - 2024-01-22 16:05 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2024-01-22 16:05 - 2024-01-22 16:05 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-01-22 16:05 - 2024-01-22 16:05 - 000000000 ____D C:\Program Files\MSBuild
2024-01-22 16:05 - 2024-01-22 16:05 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-01-22 16:05 - 2024-01-22 16:05 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-01-22 15:56 - 2021-02-12 18:24 - 000205552 _____ (Ray Hinchliffe) C:\Windows\system32\Drivers\SIVX64.sys
2024-01-21 11:36 - 2024-01-21 11:36 - 012510210 _____ C:\Users\krümel\Downloads\AP1_4x.7z
2024-01-21 11:23 - 2024-01-21 11:23 - 010451409 _____ C:\Users\krümel\Documents\AP1.7z
2024-01-21 11:18 - 2024-01-23 22:52 - 000000000 ____D C:\Users\krümel\Documents\AP1
2024-01-21 03:07 - 2024-01-21 03:07 - 001459283 _____ C:\Users\krümel\Downloads\2312.16171v1.pdf
2024-01-19 16:59 - 2024-01-19 16:59 - 000835627 _____ C:\Users\krümel\Downloads\GA1-FISI-Frühjahr2023Losungen.pdf
2024-01-19 16:59 - 2024-01-19 16:59 - 000566945 _____ C:\Users\krümel\Downloads\2023_Frühjahr_AP1_Loesung.pdf
2024-01-19 16:59 - 2024-01-19 16:59 - 000345537 _____ C:\Users\krümel\Downloads\GA1-FISI-Frühjahr2023.pdf
2024-01-19 16:59 - 2024-01-19 16:59 - 000345537 _____ C:\Users\krümel\Downloads\2023_Frühjahr_AP1.pdf
2024-01-18 18:50 - 2024-01-18 18:50 - 000000000 ____D C:\Users\krümel\VirtualBox VMs
2024-01-18 18:21 - 2024-01-21 12:43 - 000000000 ____D C:\Users\krümel\Downloads\AP1_4x
2024-01-18 12:56 - 2024-01-18 12:58 - 000000000 ____D C:\Users\krümel\Documents\VM
2024-01-18 12:54 - 2024-01-18 13:56 - 000000000 ____D C:\Users\krümel\Documents\Abschlussprüfungen 2019-202x
2024-01-18 12:53 - 2024-01-18 12:53 - 000290537 _____ C:\Users\krümel\Documents\bookmarks_18.01.24.html
2024-01-18 12:47 - 2024-01-18 12:47 - 000000000 ____D C:\Users\krümel\AppData\Roaming\VeraCrypt
2024-01-18 12:46 - 2024-01-18 12:46 - 035282192 _____ (IDRIX) C:\Users\krümel\Downloads\VeraCrypt Setup 1.26.7.exe
2024-01-18 12:46 - 2024-01-18 12:46 - 000000899 _____ C:\Users\Public\Desktop\VeraCrypt.lnk
2024-01-18 12:46 - 2024-01-18 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt
2024-01-18 12:46 - 2024-01-18 12:46 - 000000000 ____D C:\Program Files\VeraCrypt
2024-01-17 23:13 - 2024-01-17 23:13 - 000000000 ___HD C:\Users\krümel\AppData\Roaming\9NZQPT0MWTD0
2024-01-17 23:13 - 2024-01-17 23:13 - 000000000 ____D C:\Users\krümel\AppData\Local\Gameloft
2024-01-17 23:13 - 2024-01-17 23:13 - 000000000 _____ C:\Users\krümel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9
2024-01-17 22:57 - 2024-01-17 22:57 - 000000223 _____ C:\Users\krümel\Desktop\Asphalt 9 Legends.url
2024-01-17 22:57 - 2024-01-17 22:57 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-01-16 19:11 - 2024-01-16 19:11 - 002746088 _____ C:\Users\krümel\Documents\NordVPN_Quad9_EDNS.pcapng
2024-01-16 18:45 - 2024-02-03 01:14 - 000000000 ____D C:\Windows\Minidump
2024-01-16 18:26 - 2024-01-03 16:44 - 000043112 _____ (Nordvpn S.A.) C:\Windows\system32\Drivers\SET6F1E.tmp
2024-01-16 18:25 - 2024-01-16 18:25 - 001744384 _____ (NordVPN ) C:\Users\krümel\Downloads\NordVPNSetup.exe
2024-01-16 18:25 - 2023-03-23 14:52 - 000041024 _____ (TEFINCOM S.A.) C:\Windows\Nord.Setup.dll
2024-01-12 22:54 - 2024-01-12 22:54 - 000007611 _____ C:\Users\krümel\AppData\Local\Resmon.ResmonCfg
2024-01-12 17:52 - 2024-01-25 21:40 - 000474232 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-11 07:17 - 2024-01-11 07:17 - 017772024 _____ C:\Users\krümel\Documents\04.pcapng
2024-01-09 23:11 - 2024-01-09 23:11 - 000000962 _____ C:\Users\krümel\Desktop\Sysinternals.lnk
2024-01-09 23:10 - 2024-01-09 23:10 - 041422980 _____ C:\Users\krümel\Documents\03.pcapng
2024-01-09 23:05 - 2024-01-09 23:06 - 000000000 ____D C:\Users\krümel\Documents\SysinternalsSuite
2024-01-09 23:04 - 2024-01-09 23:04 - 053047703 _____ C:\Users\krümel\Downloads\SysinternalsSuite.zip
2024-01-09 20:19 - 2024-01-09 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerShell
2024-01-09 20:19 - 2024-01-09 20:19 - 000000000 ____D C:\Program Files\PowerShell
2024-01-09 20:07 - 2024-01-09 20:07 - 000045670 _____ C:\Users\krümel\Downloads\Dokumentation_Beispiel.odt
2024-01-09 20:07 - 2024-01-09 20:07 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Proof
2024-01-09 19:46 - 2024-01-09 19:46 - 000179231 _____ C:\Users\krümel\Downloads\04_AM_Fehlzeitenerfassung_TN_Info_2024_01.pdf
2024-01-09 03:26 - 2024-01-09 03:27 - 000000000 ____D C:\Users\krümel\Downloads\crystaldiskmark8_0_4c
2024-01-09 03:26 - 2024-01-09 03:26 - 003798590 _____ C:\Users\krümel\Downloads\crystaldiskmark8_0_4c.zip
2024-01-08 23:21 - 2024-01-13 18:56 - 000000000 ____D C:\Users\krümel\AppData\Roaming\LM Studio
2024-01-08 23:21 - 2024-01-12 19:04 - 000002309 _____ C:\Users\krümel\Desktop\LM Studio.lnk
2024-01-08 23:21 - 2024-01-08 23:21 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LM Studio
2024-01-08 23:21 - 2024-01-08 23:21 - 000000000 ____D C:\Users\krümel\AppData\Local\LM-Studio
2024-01-08 23:21 - 2024-01-08 23:21 - 000000000 ____D C:\Users\krümel\.cache
2024-01-08 23:19 - 2024-01-08 23:21 - 422646400 _____ (LM Studio) C:\Users\krümel\Downloads\LM+Studio-0.2.10+Setup.exe
2024-01-08 22:57 - 2024-01-08 22:57 - 002688876 _____ C:\Users\krümel\Documents\#_02.pcapng
2024-01-08 22:39 - 2024-01-09 03:32 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Samsung Magician
2024-01-08 22:36 - 2024-01-08 22:36 - 195309392 _____ (Samsung Electronics ) C:\Users\krümel\Downloads\Samsung_Magician_Installer_Official_8.0.1.1000.exe
2024-01-08 22:24 - 2024-01-08 22:24 - 000358877 _____ C:\Users\krümel\Downloads\GODMODE.zip
2024-01-08 22:14 - 2024-01-08 22:14 - 000000000 ____D C:\Users\krümel\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
2024-01-07 22:21 - 2024-01-20 23:31 - 000000000 ____D C:\Users\krümel\AppData\Roaming\discord
2024-01-07 22:21 - 2024-01-20 22:53 - 000000000 ____D C:\Users\krümel\AppData\Local\Discord
2024-01-07 22:21 - 2024-01-08 23:21 - 000000000 ____D C:\Users\krümel\AppData\Local\SquirrelTemp
2024-01-07 22:21 - 2024-01-07 22:21 - 096194848 _____ (Discord Inc.) C:\Users\krümel\Downloads\DiscordSetup.exe
2024-01-07 22:21 - 2024-01-07 22:21 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-01-07 19:42 - 2024-02-02 14:14 - 000000000 ____D C:\Users\krümel\Documents\CSI Linux 2023.2 VirtualBox
2024-01-07 19:18 - 2024-01-07 19:29 - 221298688 _____ C:\Users\krümel\Downloads\CSI_Linux_2023.2_VMware.7z
2024-01-07 19:11 - 2024-01-07 19:37 - 000000000 ____D C:\Users\krümel\AppData\Roaming\VMware
2024-01-07 19:11 - 2024-01-07 19:37 - 000000000 ____D C:\Users\krümel\AppData\Local\VMware
2024-01-07 19:07 - 2023-10-10 02:08 - 000060344 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmkbd.sys
2024-01-07 19:06 - 2024-01-08 22:19 - 000000000 ____D C:\ProgramData\VMware
2024-01-07 19:06 - 2024-01-07 19:06 - 001694220 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2024-01-07 19:06 - 2024-01-07 19:06 - 000000000 ____D C:\Program Files (x86)\VMware
2024-01-07 19:06 - 2023-10-10 02:19 - 001310656 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2024-01-07 19:03 - 2024-01-07 19:04 - 566428648 _____ (VMware, Inc.) C:\Users\krümel\Downloads\VMware-player-full-17.5.0-22583795.exe
2024-01-07 16:39 - 2024-01-07 16:39 - 311699332 _____ C:\Users\krümel\Documents\#_01.pcapng
2024-01-07 16:19 - 2024-01-07 16:19 - 001589510 _____ (Igor Pavlov) C:\Users\krümel\Downloads\7z2301-x64.exe
2024-01-07 16:19 - 2024-01-07 16:19 - 000000000 ____D C:\Program Files\7-Zip
2024-01-07 15:39 - 2024-01-07 15:39 - 000000000 ____D C:\Program Files\USBPcap
2024-01-07 15:38 - 2024-01-22 16:48 - 000000000 ____D C:\Program Files\Npcap
2024-01-07 15:38 - 2024-01-07 15:38 - 000003460 _____ C:\Windows\system32\Tasks\npcapwatchdog
2024-01-07 15:38 - 2024-01-07 15:38 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2024-01-07 15:38 - 2024-01-07 15:38 - 000000000 ____D C:\Windows\system32\Npcap
2024-01-07 15:30 - 2024-01-30 16:02 - 000000000 ____D C:\Users\krümel\Documents\.SysApps
2024-01-07 15:27 - 2024-01-07 16:11 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Wireshark
2024-01-07 15:13 - 2024-01-07 15:39 - 000001838 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2024-01-07 15:11 - 2024-01-07 15:39 - 000000000 ____D C:\Program Files\Wireshark
2024-01-07 14:59 - 2024-02-03 01:20 - 000000000 ____D C:\Users\krümel\.VirtualBox
2024-01-07 14:59 - 2024-02-03 01:20 - 000000000 ____D C:\ProgramData\VirtualBox
2024-01-07 14:59 - 2024-01-07 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2024-01-07 14:59 - 2024-01-07 14:59 - 000000000 ____D C:\Program Files\Oracle
2024-01-07 14:59 - 2023-10-12 11:05 - 001060600 _____ (Oracle and/or its affiliates) C:\Windows\system32\Drivers\VBoxSup.sys
2024-01-07 14:59 - 2023-10-12 11:05 - 000201328 _____ (Oracle and/or its affiliates) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2024-01-07 14:41 - 2024-01-07 14:41 - 000000396 _____ C:\Users\krümel\Documents\officespy.reg
2024-01-05 20:44 - 2024-01-05 20:44 - 000000000 ____D C:\Users\krümel\AppData\Local\OO Software
2024-01-05 20:36 - 2024-01-05 20:45 - 000000000 ____D C:\ProgramData\ChocolateyHttpCache
2024-01-05 20:36 - 2024-01-05 20:45 - 000000000 ____D C:\ProgramData\chocolatey
2024-01-05 16:43 - 2024-01-05 16:43 - 000003683 _____ C:\Users\krümel\Downloads\GraphCmdLets.txt
2024-01-05 16:30 - 2024-01-05 19:49 - 000000000 ____D C:\Users\krümel\Documents\Note++
2024-01-05 16:28 - 2024-01-30 17:45 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Notepad++
2024-01-05 16:28 - 2024-01-27 19:36 - 000000000 ____D C:\Users\krümel\AppData\Local\CrashDumps
2024-01-05 16:28 - 2024-01-05 16:28 - 004816456 _____ (Don HO don.h@free.fr) C:\Users\krümel\Downloads\npp.8.6.Installer.x64.exe
2024-01-05 16:28 - 2024-01-05 16:28 - 000000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2024-01-05 16:28 - 2024-01-05 16:28 - 000000000 ____D C:\Program Files\Notepad++
2024-01-05 16:19 - 2024-01-30 17:30 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Word
2024-01-05 16:02 - 2024-01-05 16:02 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\UProof
2024-01-05 16:01 - 2024-01-05 16:01 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\OneNote
2024-01-05 15:58 - 2024-01-05 15:58 - 000000000 ____D C:\Users\krümel\Documents\OneNote-Notizbücher
2024-01-05 15:57 - 2024-01-09 20:07 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Office
2024-01-05 15:57 - 2024-01-05 16:10 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Outlook
2024-01-05 15:57 - 2024-01-05 15:57 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\AddIns
2024-01-05 15:29 - 2024-01-05 15:29 - 000000000 ____D C:\Users\yok01\AppData\Local\PeerDistRepub
2024-01-05 15:28 - 2024-01-05 15:28 - 000000000 ____D C:\Users\yok01\AppData\Local\CrashDumps
2024-01-05 02:03 - 2024-01-05 02:04 - 000000000 ____D C:\ProgramData\WPSInstallerTemp1
2024-01-05 02:03 - 2024-01-05 02:03 - 000027136 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-02-03 17:41 - 2022-05-25 20:06 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-03 17:41 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-03 17:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-02-03 17:41 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-03 17:28 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-02-03 17:25 - 2023-11-17 04:04 - 001754668 _____ C:\Windows\system32\PerfStringBackup.INI
2024-02-03 17:25 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-02-03 17:17 - 2022-05-25 20:05 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-03 17:17 - 2022-05-25 20:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-02-03 17:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2024-02-03 17:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2024-02-03 17:17 - 2022-05-07 06:17 - 001048576 _____ C:\Windows\system32\config\BBI
2024-02-03 17:09 - 2022-05-25 20:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-02-03 09:02 - 2024-01-02 21:00 - 000000000 ____D C:\Users\krümel\AppData\Roaming\KeePass
2024-02-03 01:21 - 2024-01-02 18:17 - 000000000 ___SD C:\Users\krümel\AppData\Roaming\Microsoft\Credentials
2024-02-03 01:17 - 2024-01-03 23:44 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-02-03 01:17 - 2024-01-02 18:17 - 000000000 ____D C:\Users\krümel
2024-02-03 01:14 - 2023-11-17 03:50 - 001039939 ____N C:\Windows\Minidump\020324-15390-01.dmp
2024-02-03 01:10 - 2023-11-17 03:50 - 000850597 ____N C:\Windows\Minidump\020324-21062-01.dmp
2024-02-03 01:01 - 2024-01-03 15:57 - 000000000 ____D C:\Users\krümel\Downloads\pkeyuibx_v1.5.1
2024-02-03 00:53 - 2024-01-02 18:03 - 000000000 ___RD C:\Users\yok01\OneDrive
2024-02-03 00:45 - 2024-01-02 18:01 - 000000000 ____D C:\Users\yok01\AppData\Local\Packages
2024-02-03 00:44 - 2024-01-02 18:06 - 000000000 ____D C:\Users\yok01\AppData\Local\Lenovo
2024-02-03 00:36 - 2024-01-02 17:40 - 000000000 ___SD C:\Users\yok01\AppData\Roaming\Microsoft\Protect
2024-02-03 00:34 - 2023-11-17 03:51 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-02-03 00:10 - 2024-01-02 19:45 - 000000000 ____D C:\Users\krümel\Documents\Berichtshefte.usb.ORDNER
2024-02-02 23:28 - 2024-01-03 22:16 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\MMC
2024-02-02 23:06 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-02-02 22:53 - 2024-01-02 18:03 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4201263534-3633762348-2776426445-1001
2024-02-02 16:32 - 2023-11-17 03:50 - 001140460 ____N C:\Windows\Minidump\020224-16125-01.dmp
2024-02-02 16:30 - 2023-11-17 03:50 - 002417821 ____N C:\Windows\Minidump\020224-15609-01.dmp
2024-02-02 03:35 - 2022-05-25 20:06 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-02 03:35 - 2022-05-25 20:06 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-01 21:48 - 2024-01-03 23:39 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Code
2024-02-01 18:46 - 2024-01-03 23:39 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2024-01-31 22:53 - 2024-01-02 18:29 - 000002367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-01-30 18:08 - 2024-01-02 19:45 - 000014398 ____H C:\Users\krümel\Documents\Database.kdbx
2024-01-30 17:36 - 2024-01-02 18:17 - 000000000 ____D C:\Users\krümel\AppData\Local\D3DSCache
2024-01-30 16:07 - 2024-01-02 18:19 - 000000000 ___RD C:\Users\krümel\OneDrive
2024-01-30 16:07 - 2024-01-02 18:17 - 000000000 ____D C:\Users\krümel\AppData\Local\Packages
2024-01-30 16:06 - 2023-11-17 03:55 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-30 16:06 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-01-30 15:51 - 2023-11-17 03:56 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2024-01-29 23:17 - 2023-11-17 03:50 - 002401687 ____N C:\Windows\Minidump\012924-15750-01.dmp
2024-01-28 19:01 - 2024-01-03 23:44 - 000000000 ____D C:\Program Files\CCleaner
2024-01-28 18:59 - 2024-01-02 18:18 - 000000000 ____D C:\Users\krümel\AppData\Local\PlaceholderTileLogoFolder
2024-01-28 18:59 - 2022-05-25 20:06 - 000000000 ____D C:\ProgramData\Packages
2024-01-27 20:35 - 2024-01-02 17:55 - 000079344 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\vkrnlintvsc.sys
2024-01-27 20:35 - 2024-01-02 17:55 - 000079328 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\vkrnlintvsp.sys
2024-01-27 20:14 - 2024-01-02 18:18 - 000000000 ____D C:\Users\krümel\AppData\Local\Lenovo
2024-01-27 20:13 - 2023-11-17 03:55 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2024-01-27 20:11 - 2023-11-17 04:02 - 000000000 ____D C:\Program Files (x86)\Lenovo
2024-01-27 20:11 - 2023-11-17 03:55 - 000000000 ____D C:\ProgramData\Lenovo
2024-01-27 19:56 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-01-27 19:36 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-01-26 07:20 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-01-25 21:56 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-01-25 21:39 - 2024-01-03 22:05 - 000000000 ___SD C:\Windows\system32\AppV
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\UUS
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\setup
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\Provisioning
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\BrowserCore
2024-01-25 21:39 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-01-25 21:35 - 2022-05-25 20:08 - 003212800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-01-25 21:19 - 2023-11-17 03:55 - 000000000 ____D C:\Windows\TempInst
2024-01-25 21:18 - 2023-11-17 03:55 - 000000000 ____D C:\Program Files\Lenovo
2024-01-22 17:46 - 2024-01-03 23:44 - 000002886 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - krümel
2024-01-22 17:44 - 2022-05-07 06:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-01-22 16:48 - 2024-01-02 22:16 - 000000000 ____D C:\Users\krümel\AppData\Local\Steam
2024-01-22 16:05 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\MUI
2024-01-22 16:05 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\MUI
2024-01-22 15:44 - 2024-01-02 22:15 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-18 23:15 - 2024-01-03 23:44 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-01-17 16:16 - 2024-01-03 23:44 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-01-16 18:40 - 2024-01-03 22:45 - 000000000 ____D C:\Windows\system32\MRT
2024-01-12 17:52 - 2024-01-02 17:58 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-01-12 17:52 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-01-12 17:52 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-12 17:52 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-12 17:26 - 2022-05-25 21:03 - 000000000 ____D C:\Windows\panther
2024-01-12 17:20 - 2024-01-03 22:45 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-01-12 17:20 - 2024-01-02 19:20 - 000000000 ____D C:\ProgramData\Package Cache
2024-01-12 17:19 - 2024-01-02 20:30 - 000918944 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-06 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\OCR
2024-01-06 23:59 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\Globalization
2024-01-06 22:15 - 2023-11-17 04:04 - 000000000 ____D C:\Windows\system32\Tasks\McAfee
2024-01-05 20:35 - 2024-01-02 18:17 - 000000000 ____D C:\Users\krümel\AppData\Roaming\Microsoft\Windows
2024-01-05 15:24 - 2024-01-02 18:17 - 000000000 ____D C:\Users\krümel\AppData\Local\ConnectedDevicesPlatform
2024-01-05 00:07 - 2022-05-25 20:09 - 000000000 __RHD C:\Users\Public\AccountPictures
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2024-01-26 17:52 - 2024-01-26 18:24 - 000000128 _____ () C:\Users\krümel\AppData\Local\PUTTY.RND
2024-01-12 22:54 - 2024-01-12 22:54 - 000007611 _____ () C:\Users\krümel\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von Subzer00 (03.02.2024 um 18:30 Uhr) |
| Themen zu Windwos 11: System lahmt und stockt, Internetseite lädt nicht sporadisch, Abstürze durch Nordvpn (Bluescreen) |
| adware, antivirus, bluescreen, browser, defender, desktop, fehler, format, google, internet, internet explorer, kaspersky, malware, monitor, mozilla, prozesse, realtek, registry, scan, server, services.exe, software, svchost.exe, system, windows |
Baum-Darstellung