Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 11 Kontrollscan

Windows 11 Kontrollscan


Log-Analyse und Auswertung: Windows 11 Kontrollscan

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.02.2026, 22:35   #1
BeRealm
 
Windows 11 Kontrollscan - Standard

Windows 11 Kontrollscan


Hallo,

der Jahresanfang bietet sich immer für einen Frühjahrsputz an, daher möchte ich euch bitten mal über die Logs zu schauen, ob euch Auffälligkeiten in Auge stechen.

Vielen Dank

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-02-2026
durchgeführt von nobody (Administrator) auf DESKTOP-GR51ROA (16-02-2026 22:04:25)
Gestartet von C:\Users\nobody\Downloads\FRST64.exe
Geladene Profile: nobody
Plattform: Microsoft Windows 11 Pro Version 24H2 26100.7840 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] C:\Users\nobody\AppData\Local\MicSwitch\app-1.0.253\MicSwitch.exe
() [Datei ist nicht signiert] C:\Users\nobody\SBZSwitcher_v1.9.6\SBZSwitcher.exe
(C:\Program Files\Logitech Gaming Software\LCore.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(CANON ELECTRONICS INC -> Canon Electronics) C:\Program Files (x86)\Canon Electronics\ScanServer\ScanServer.exe
(Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(explorer.exe ->) (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(File-New-Project -> File-New-Project) C:\ProgramData\chocolatey\lib\eartrumpet\tools\EarTrumpet\EarTrumpet.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Windows Firewall Control\wfcUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe
(services.exe ->) (CANON ELECTRONICS INC -> Canon Electronics Inc.) C:\Program Files (x86)\Canon Electronics\Shared Files\DriverNetworkMonitor.exe
(services.exe ->) (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_adc55ecfca814224\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(svchost.exe ->) (By ZhongYang) [Datei ist nicht signiert] C:\Users\nobody\AppData\Local\TrafficMonitor\TrafficMonitor.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Malwarebytes Windows Firewall Control] => C:\Program Files\Malwarebytes\Windows Firewall Control\wfcUI.exe [822824 2025-12-06] (Malwarebytes Inc -> Malwarebytes)
HKLM\...\Run: [CANON DR-M140 SVC] => rundll32.exe DRVCSVC.DLL,EntryPointUserMessage (Keine Datei)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3255136 2025-11-02] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18725336 2022-05-12] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [877056 2014-11-24] (Creative Technology Ltd) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752264 2025-12-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Canon imageFORMULA WebSDK] => C:\Program Files (x86)\Canon Electronics\ScanServer\launcher.exe [169984 2017-11-14] (CANON ELECTRONICS INC -> Canon Electronics)
HKLM-x32\...\Run: [CaptureOnTouch] => C:\Program Files (x86)\Canon Electronics\CaptureOnTouch\TouchDR.exe [3548464 2024-07-30] (CANON ELECTRONICS INC -> Canon Electronics Inc.)
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\MRT: Beschränkung <==== ACHTUNG
HKLM\Software\Policies\...\system: [AllowBlockingAppsAtShutdown] 0
HKLM\Software\Policies\...\system: [EnableFontProviders] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [NoLocalPasswordResetQuestions] 1
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 <==== ACHTUNG
HKU\S-1-5-21-2536556504-2545875602-4211533971-1001\...\Run: [SBZSwitcher] => C:\Users\nobody\SBZSwitcher_v1.9.6\SBZSwitcher.exe [1125888 2015-09-10] () [Datei ist nicht signiert]
HKU\S-1-5-21-2536556504-2545875602-4211533971-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [9897280 2026-01-22] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-2536556504-2545875602-4211533971-1001\...\Run: [WingetUI] => C:\Program Files\UniGetUI\UniGetUI.exe [738928 2026-02-01] (Open Source Developer, Martí Climent López -> )
HKU\S-1-5-21-2536556504-2545875602-4211533971-1001\...\Run: [EarTrumpet] => C:\ProgramData\chocolatey\lib\eartrumpet\tools\EarTrumpet\EarTrumpet.exe [1348928 2023-08-06] (File-New-Project -> File-New-Project)
HKU\S-1-5-21-2536556504-2545875602-4211533971-1001\...\Policies\Explorer: [NoSearchInternetInStartMenu] 1
HKU\S-1-5-21-2536556504-2545875602-4211533971-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-2536556504-2545875602-4211533971-1001\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-2536556504-2545875602-4211533971-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [>OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\nobody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2025-01-27]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2025-01-27]
GroupPolicy: Beschränkung - Chrome <==== ACHTUNG
GroupPolicy\User: Beschränkung - Edge <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {A44AB7BA-8AF8-4AFA-B889-1FFE1DCD4D3D} - System32\Tasks\Choco Upgrade => C:\Windows\System32\cmd.exe [339968 2025-12-09] (Microsoft Windows -> Microsoft Corporation) -> /k "choco upgrade -y all & timeout 7200 & exit "
Task: {559D9C83-C070-4C3F-B327-721FCF66FC22} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [3257480 2026-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {0787BC3F-7920-4A17-8F03-D8F13AB76A6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2025-05-31] (Google Inc -> Google Inc.)
Task: {61C2A3AB-04FE-429A-85C9-4BBA63B0119B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2025-05-31] (Google Inc -> Google Inc.)
Task: {9933C622-7974-4C7D-B172-61A4E6B829F2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23572096 2025-11-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C7BFB23-C225-45D7-A466-C4AD1B253876} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23572096 2025-11-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {491A7D27-55A2-4197-8C12-BA81F2EF56D1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209864 2026-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D72B9655-7A79-4BD2-8DBE-9667E51F3C7C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209864 2026-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4E61C90-8F69-4C09-9293-505D37CED12F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3514912 2026-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DEE65B7-0DD6-4FB3-A58E-80CC586255B5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3514912 2026-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {498A1287-5D0B-4DD3-83D8-31A0FE032018} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC RebootDialog (Keine Datei)
Task: {4C0D6898-60D2-4F6D-9CD4-5D3D9BB5268C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery RebootDialog (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {3BDA4FAE-AAF8-4770-8128-2D9CBCCE8018} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5AA5EFAA-BF32-4746-8466-250DF77A591A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E23EB27D-6E02-458C-8FCD-77DD5BDE1878} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {45530254-FCE6-488D-907E-5DCC6C9FE572} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3EC3E5C-02B1-4ADF-B36F-9D8B6A96F659} - System32\Tasks\MicSwitch => C:\Users\nobody\AppData\Local\MicSwitch\MicSwitch.exe [300544 2025-04-12] () [Datei ist nicht signiert] -> C:\Users\nobody\AppData\Local\MicSwitch\--autostart <==== ACHTUNG
Task: {23AEB753-70FE-4E66-9D25-78D6CCA43F55} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2536556504-2545875602-4211533971-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [680064 2026-02-16] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {BEC187B0-5A7F-4A33-8A96-C7460D69254D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34944 2026-02-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {78A9AEC7-EA99-4132-A96C-39820C548090} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3324528 2025-10-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33A4ACF4-E2B7-4435-809E-A315381B52E5} - System32\Tasks\TrafficMonitor\Autorun for nobody => C:\Users\nobody\AppData\Local\TrafficMonitor\TrafficMonitor.exe [2021888 2025-02-10] (By ZhongYang) [Datei ist nicht signiert]
Task: {1521F00E-75BF-4CB4-9BDE-CB73615E6615} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2536556504-2545875602-4211533971-1001 => C:\Users\nobody\AppData\Roaming\Zoom\bin\Zoom.exe [462768 2025-11-01] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1 cryptomator-vault
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5232b76a-d53e-4d30-bb6e-9f92615d29e2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5232b76a-d53e-4d30-bb6e-9f92615d29e2}: [DhcpDomain] fritz.box
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2536556504-2545875602-4211533971-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG

FireFox:
========
FF TaskBarID: 308046B0AF4A39CB -> C:\Program Files\Mozilla Firefox
FF DefaultProfile: wizn94x8.default
FF DefaultProfile: 376w2oah.default-release -> 308046B0AF4A39CB
FF ProfilePath: C:\Users\nobody\AppData\Roaming\Zotero\Zotero\Profiles\wizn94x8.default [2026-01-17]
FF ProfilePath: C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\hcjlxebf.Clean-1755356951333 [2026-02-16]
FF user.js: detected! => C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\hcjlxebf.Clean-1755356951333\user.js [2024-05-01]
FF Notifications: Mozilla\Firefox\Profiles\hcjlxebf.Clean-1755356951333 -> hxxps://www.twitch.tv
FF Extension: (BetterTTV) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\hcjlxebf.Clean-1755356951333\Extensions\firefox@betterttv.net.xpi [2026-01-08]
FF Extension: (FrankerFaceZ) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\hcjlxebf.Clean-1755356951333\Extensions\frankerfacez@frankerfacez.com.xpi [2025-12-08]
FF Extension: (Tab Reloader (page auto refresh)) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\hcjlxebf.Clean-1755356951333\Extensions\jid0-bnmfwWw2w2w4e4edvcdDbnMhdVg@jetpack.xpi [2025-10-16]
FF Extension: (uBlock Origin) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\hcjlxebf.Clean-1755356951333\Extensions\uBlock0@raymondhill.net.xpi [2026-01-31]
FF Extension: (Auto Claim Twitch Channel Points) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\hcjlxebf.Clean-1755356951333\Extensions\{8e1ef2d7-d78f-47f9-9b69-c2806eb534fc}.xpi [2025-12-27]
FF ProfilePath: C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\0fv9e99q.default [2024-05-01]
FF ProfilePath: C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\376w2oah.default-release [2026-02-16]
FF user.js: detected! => C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\376w2oah.default-release\user.js [2025-11-03]
FF Homepage: Mozilla\Firefox\Profiles\376w2oah.default-release -> chrome://browser/content/blanktab.html
FF NetworkProxy: Mozilla\Firefox\Profiles\376w2oah.default-release -> socks_remote_dns", true
FF Notifications: Mozilla\Firefox\Profiles\376w2oah.default-release -> hxxps://192.168.178.54:10000; hxxps://element.nope.chat; hxxps://app.twizzit.com; hxxps://my.adminforge.de; hxxps://kundenbereich.check24.de
FF Extension: (Dark Reader) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\376w2oah.default-release\Extensions\addon@darkreader.org.xpi [2026-02-15]
FF Extension: (floccus bookmarks sync) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\376w2oah.default-release\Extensions\floccus@handmadeideas.org.xpi [2026-01-24]
FF Extension: (Remove Paywall) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\376w2oah.default-release\Extensions\remove-paywall@example.com.xpi [2025-06-15]
FF Extension: (Skip Redirect) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\376w2oah.default-release\Extensions\skipredirect@sblask.xpi [2024-08-24]
FF Extension: (uBlock Origin) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\376w2oah.default-release\Extensions\uBlock0@raymondhill.net.xpi [2026-01-30]
FF Extension: (TWP - Translate Web Pages) - C:\Users\nobody\AppData\Roaming\Mozilla\Firefox\Profiles\376w2oah.default-release\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2025-03-29]
FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2025-06-25]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2025-06-25] []
FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin: @java.com/DTPlugin,version=11.481.0 -> C:\Program Files\Java\jre1.8.0_481\bin\dtplugin\npDeployJava1.dll [2025-12-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.481.0 -> C:\Program Files\Java\jre1.8.0_481\bin\plugin2\npjp2.dll [2025-12-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.23 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2025-12-31] (VideoLAN -> VideoLAN)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2025-12-11] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2025-12-11] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2025-12-11] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2025-12-11] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2025-12-11] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.481.0 -> C:\Program Files (x86)\Java\jre1.8.0_481\bin\dtplugin\npDeployJava1.dll [2025-12-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.481.0 -> C:\Program Files (x86)\Java\jre1.8.0_481\bin\plugin2\npjp2.dll [2025-12-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-01-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2026-01-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.4\npGoogleUpdate3.dll [2025-05-31] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.4\npGoogleUpdate3.dll [2025-05-31] (Google Inc -> Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Keine Datei]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-2536556504-2545875602-4211533971-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2536556504-2545875602-4211533971-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2536556504-2545875602-4211533971-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]

Edge: 
=======
Edge Profile: C:\Users\nobody\AppData\Local\Microsoft\Edge\User Data\Default [2026-01-25]
Edge Extension: (Google Docs Offline) - C:\Users\nobody\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-03]
Edge Extension: (Edge relevant text changes) - C:\Users\nobody\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-06-03]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx [2025-06-25]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx [2025-06-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9499224 2025-11-30] (Microsoft Corporation -> Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [133080 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R2 DriverNetworkMonitor; C:\Program Files (x86)\Canon Electronics\Shared Files\DriverNetworkMonitor.exe [380672 2019-08-06] (CANON ELECTRONICS INC -> Canon Electronics Inc.)
S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [173741304 2026-01-30] (Electronic Arts, Inc. -> Electronic Arts)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19622048 2025-12-20] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136552 2024-05-10] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [959216 2026-01-31] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3328976 2026-01-28] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [1604512 2025-08-05] (Epic Games Inc. -> Epic Games, Inc.)
R2 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe [2514016 2025-12-11] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S4 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2025-05-31] (Google Inc -> Google Inc.)
S4 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2025-05-31] (Google Inc -> Google Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206808 2022-05-12] (Logitech Inc -> Logitech Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe [9903656 2024-04-17] (Logitech Inc -> Logitech, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe [2067464 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [21753376 2021-03-26] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_adc55ecfca814224\Display.NvContainer\NVDisplay.Container.exe [1275624 2026-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65880 2025-11-17] (OpenVPN Inc. -> The OpenVPN Project)
S4 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641416 2023-10-03] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2021-02-28] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803088 2025-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\a539b0fa7cb7573c4c7935c724f32b281d942066\smrtsvc64.exe [14981896 2025-03-09] (LAB RIVAS SL -> )
S3 SunshineService; C:\Program Files\Sunshine\tools\sunshinesvc.exe [1159168 2025-09-24] () [Datei ist nicht signiert]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [767760 2026-01-15] (Oracle America, Inc. -> Oracle and/or its affiliates)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe [4435096 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 wfcs; C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe [251040 2025-12-06] (Malwarebytes Inc -> Malwarebytes)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe [290744 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S1 aehd; C:\WINDOWS\system32\DRIVERS\aehd.sys [403080 2025-02-11] (Google LLC -> Google LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-02-11] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-02-11] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-01-27] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1090416 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [53616 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [226688 2025-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [126168 2023-02-05] (Genesys Logic, Inc. -> GenesysLogic)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2024-05-11] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144768 2026-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 LGBusEnum; C:\WINDOWS\system32\drivers\LGBusEnum64.sys [46264 2022-05-12] (Logitech Inc -> Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore64.sys [76480 2022-05-12] (Logitech Inc -> Logitech Inc.)
R3 LGVirHid; C:\WINDOWS\system32\drivers\LGVirHid64.sys [34496 2022-05-12] (Logitech Inc -> Logitech Inc.)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray.sys [98864 2024-04-17] (Logitech Inc -> Logitech, Inc.)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [101008 2025-08-05] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 R0TrafficMonitor; C:\Users\nobody\AppData\Local\TrafficMonitor\TrafficMonitor.sys [14544 2026-02-16] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 smrtkrnl64; C:\WINDOWS\System32\Drivers\smrtkrnl64.sys [1118912 2025-08-03] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [41000 2024-03-24] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [247840 2026-01-26] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [258664 2026-01-26] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1058192 2026-01-26] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [196720 2026-01-26] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [640672 2025-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AM Crypto)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-10-03] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-02-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [635272 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102832 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-02-26] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_a6dc64e436f22951\WSDScan.sys [61440 2025-09-12] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [194448 2025-04-21] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 ace-game-0; \SystemRoot\System32\drivers\ace-game-0.sys [X]
S3 ACE-SSC-DRV64; \??\C:\Program Files\AntiCheatExpert\SGuard\x64\plugins\ACE-SSC-DRV64.sys [X]
S1 azeuagoa; \??\C:\WINDOWS\system32\drivers\azeuagoa.sys [X]
U4 diagnosticshub.standardcollector.service; kein ImagePath
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
S1 gcxstffj; \??\C:\WINDOWS\system32\drivers\gcxstffj.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)



==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-02-16 22:05 - 2020-01-30 15:48 - 000000000 ____D C:\Users\nobody\AppData\Roaming\KeePass
2026-02-16 21:58 - 2022-07-01 19:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2026-02-16 21:36 - 2026-01-16 23:03 - 000000000 ____D C:\Program Files\Mozilla Firefox
2026-02-16 21:36 - 2024-05-01 20:09 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2026-02-16 21:36 - 2020-01-29 20:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2026-02-16 21:35 - 2020-01-29 21:00 - 000000000 ____D C:\Program Files (x86)\Steam
2026-02-16 21:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-02-16 20:30 - 2025-01-27 21:06 - 001729504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-02-16 20:30 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2026-02-16 20:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2026-02-16 20:21 - 2025-07-12 16:56 - 000000000 ____D C:\Users\nobody\AppData\Roaming\vesktop
2026-02-16 19:58 - 2020-04-06 22:10 - 000000000 ____D C:\Users\nobody\.VirtualBox
2026-02-16 19:55 - 2025-12-29 19:32 - 000000000 ____D C:\Users\nobody\AppData\Roaming\FreeTube
2026-02-16 19:15 - 2025-04-26 21:26 - 000003486 _____ C:\WINDOWS\system32\Tasks\MicSwitch
2026-02-16 19:15 - 2025-01-27 21:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-02-16 19:15 - 2025-01-27 21:03 - 000103514 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-02-16 19:15 - 2025-01-21 09:14 - 000000000 ____D C:\Users\nobody\AppData\Local\TrafficMonitor
2026-02-16 19:15 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-02-16 19:15 - 2020-10-24 22:17 - 000000000 ____D C:\Users\nobody\AppData\Roaming\Nextcloud
2026-02-16 19:15 - 2020-08-23 15:17 - 000012288 ___SH C:\DumpStack.log.tmp
2026-02-16 19:15 - 2020-06-17 17:22 - 000000000 ____D C:\ProgramData\NVIDIA
2026-02-16 19:15 - 2020-01-29 21:55 - 000000000 ___SD C:\Users\nobody\Documents\Beruflich (Sync)
2026-02-16 18:10 - 2024-04-01 08:21 - 000131072 _____ C:\WINDOWS\system32\config\BBI
2026-02-16 16:20 - 2025-01-27 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2026-02-15 19:08 - 2022-05-20 19:04 - 000000000 ____D C:\Users\nobody\AppData\Local\Spotify
2026-02-15 19:07 - 2022-11-08 11:07 - 000001845 _____ C:\Users\nobody\Desktop\Spotify.lnk
2026-02-15 19:07 - 2022-11-08 11:07 - 000001831 _____ C:\Users\nobody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2026-02-15 19:07 - 2022-05-20 19:04 - 000000000 ____D C:\Users\nobody\AppData\Roaming\Spotify
2026-02-15 11:01 - 2025-12-12 19:39 - 000001076 _____ C:\Users\nobody\Desktop\Reborn Launcher.lnk
2026-02-15 11:01 - 2025-12-12 19:39 - 000001076 _____ C:\Users\nobody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reborn Launcher.lnk
2026-02-15 09:58 - 2025-07-12 16:50 - 000000000 ____D C:\Users\nobody\AppData\Local\vesktop
2026-02-15 09:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2026-02-15 09:32 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-02-15 09:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-02-15 09:14 - 2020-01-29 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2026-02-15 09:13 - 2025-09-16 19:23 - 000000000 ____D C:\Users\nobody\AppData\Local\Package Cache
2026-02-15 09:12 - 2025-10-16 05:23 - 000000000 ____D C:\Python315
2026-02-15 09:12 - 2025-10-16 05:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.15
2026-02-15 09:11 - 2020-01-29 20:57 - 000000000 ____D C:\ProgramData\Package Cache
2026-02-15 08:58 - 2020-01-29 21:02 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2026-02-15 08:56 - 2025-04-27 07:01 - 000003830 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{60259E9E-49AD-403C-AFCD-BA33086DEBAE}
2026-02-15 08:56 - 2025-04-27 07:01 - 000003704 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{977A9360-6411-4AD0-BBD1-8CB89E9FC75A}
2026-02-14 18:27 - 2021-10-31 10:14 - 000000000 ____D C:\Users\nobody\Documents\ShareX
2026-02-13 22:50 - 2020-01-30 06:12 - 000000000 ____D C:\Users\nobody\AppData\Roaming\vlc
2026-02-13 21:45 - 2020-01-30 17:14 - 000000128 _____ C:\Users\nobody\AppData\Local\PUTTY.RND
2026-02-12 21:16 - 2025-01-29 12:13 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2026-02-12 21:14 - 2025-01-27 21:02 - 000477936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-02-12 21:13 - 2025-12-14 00:14 - 000000000 ____D C:\WINDOWS\system32\NarratorMCAT
2026-02-12 21:13 - 2024-04-01 17:37 - 000000000 ____D C:\WINDOWS\InboxApps
2026-02-12 21:13 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2026-02-12 21:13 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-02-12 21:13 - 2024-04-01 17:33 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2026-02-12 21:13 - 2024-04-01 17:33 - 000000000 ____D C:\WINDOWS\system32\de
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\WUModels
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2026-02-12 21:13 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-02-12 21:13 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2026-02-11 16:41 - 2020-01-29 19:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-02-11 16:39 - 2020-01-29 19:57 - 221154392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-02-11 16:13 - 2021-05-05 09:54 - 000000000 ____D C:\Program Files (x86)\dotnet
2026-02-11 16:13 - 2021-02-08 23:29 - 000000000 ____D C:\Program Files\dotnet
2026-02-11 06:40 - 2025-01-27 21:03 - 003276288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-02-10 08:20 - 2020-11-19 00:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2026-02-09 21:10 - 2020-01-29 22:09 - 000000000 ____D C:\Users\nobody\AppData\Local\CrashDumps
2026-02-09 18:52 - 2023-10-10 18:59 - 000000000 ____D C:\ProgramData\Packer
2026-02-09 16:26 - 2025-10-23 07:09 - 000000000 ____D C:\Program Files\Zotero
2026-02-09 16:26 - 2022-10-26 19:03 - 000000934 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zotero.lnk
2026-02-08 20:35 - 2023-11-28 22:00 - 000000000 ____D C:\Users\nobody\AppData\Roaming\Awesomium
2026-02-08 19:37 - 2021-09-27 17:28 - 000000000 ____D C:\Users\nobody\AppData\Roaming\EasyAntiCheat
2026-02-07 23:17 - 2020-01-29 17:06 - 000000000 ____D C:\Users\nobody\KeePass2DB
2026-02-06 22:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2026-02-05 18:05 - 2025-05-19 20:01 - 000000000 ____D C:\Users\nobody\Documents\Scanner Canon DR-M140
2026-02-05 18:05 - 2025-05-19 19:29 - 000000181 _____ C:\WINDOWS\setscan.ini
2026-02-05 18:04 - 2024-05-01 20:09 - 000001053 _____ C:\Users\Public\Desktop\Firefox.lnk
2026-02-05 18:04 - 2020-01-29 21:03 - 000000000 ____D C:\Users\nobody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2026-02-05 18:04 - 2020-01-29 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2026-02-05 18:04 - 2020-01-29 21:03 - 000000000 ____D C:\Program Files\WinRAR
2026-02-04 23:38 - 2020-01-29 19:46 - 000000000 ____D C:\Users\nobody\AppData\Local\Packages
2026-02-04 23:29 - 2020-03-29 01:51 - 000000000 ____D C:\Users\nobody\AppData\Roaming\Microsoft\Excel
2026-02-04 22:09 - 2025-09-16 19:23 - 000000000 ____D C:\Python314
2026-02-04 22:09 - 2025-09-16 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.14
2026-02-04 12:35 - 2025-11-01 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2026-02-03 19:56 - 2025-01-27 20:53 - 000000000 ____D C:\Users\nobody
2026-02-03 09:03 - 2020-11-19 00:54 - 000000000 ____D C:\ProgramData\Packages
2026-02-03 08:54 - 2025-06-18 07:39 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2026-02-03 00:16 - 2020-01-29 21:37 - 000000000 ____D C:\Users\nobody\AppData\Roaming\TS3Client
2026-02-02 07:39 - 2025-04-12 19:32 - 000000000 ____D C:\Users\nobody\UniGetUI Backup
2026-02-02 07:39 - 2025-04-12 19:26 - 000000859 _____ C:\ProgramData\Microsoft\Windows\Start Menu\UniGetUI.lnk
2026-02-02 07:39 - 2025-04-12 19:26 - 000000853 _____ C:\Users\Public\Desktop\UniGetUI.lnk
2026-02-02 07:39 - 2025-04-12 19:26 - 000000000 ____D C:\Program Files\UniGetUI
2026-02-01 20:29 - 2025-12-20 21:08 - 000000000 ____D C:\Users\nobody\Documents\Battlefield 6
2026-02-01 19:21 - 2023-10-05 18:18 - 000000000 ____D C:\Program Files\Shotcut
2026-02-01 19:21 - 2021-04-17 10:07 - 000000849 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk
2026-02-01 12:47 - 2020-01-29 19:56 - 000000000 ____D C:\Users\nobody\AppData\Local\D3DSCache
2026-01-31 21:57 - 2020-01-29 21:43 - 000000000 ____D C:\Users\nobody\AppData\Local\NVIDIA
2026-01-31 21:55 - 2021-06-30 21:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2026-01-31 21:50 - 2025-06-07 21:25 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-01-31 21:50 - 2020-01-29 21:43 - 000000000 ____D C:\Users\nobody\AppData\Local\NVIDIA Corporation
2026-01-31 21:50 - 2020-01-29 21:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-01-31 21:49 - 2020-02-14 21:19 - 000000000 ____D C:\Users\nobody\AppData\Local\UnrealEngine
2026-01-31 21:47 - 2023-12-24 17:50 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2026-01-31 21:35 - 2025-12-13 20:08 - 000000000 ____D C:\Users\nobody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2026-01-30 19:32 - 2025-04-01 18:25 - 000001448 _____ C:\Users\nobody\Desktop\Tor Browser.lnk
2026-01-29 08:50 - 2021-12-04 13:51 - 000000000 ____D C:\temp
2026-01-28 20:24 - 2021-10-31 10:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2026-01-28 20:24 - 2021-10-31 10:14 - 000000000 ____D C:\Program Files\ShareX
2026-01-27 06:07 - 2020-01-29 20:58 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2026-01-27 06:07 - 2020-01-29 20:58 - 000000000 ____D C:\Users\nobody\AppData\Roaming\Notepad++
2026-01-26 21:57 - 2025-01-21 06:13 - 001058192 _____ (Oracle and/or its affiliates) C:\WINDOWS\system32\Drivers\VBoxSup.sys
2026-01-26 21:57 - 2025-01-21 06:13 - 000196720 _____ (Oracle and/or its affiliates) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2026-01-26 20:58 - 2025-04-29 04:41 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2026-01-26 20:58 - 2020-10-24 22:17 - 000000000 ____D C:\Program Files\Nextcloud
2026-01-24 10:49 - 2020-03-27 17:10 - 000000128 _____ C:\Users\nobody\AppData\Roaming\winscp.rnd
2026-01-24 10:02 - 2020-01-29 23:16 - 000000000 ____D C:\Users\nobody\AppData\Local\Steam
2026-01-23 06:08 - 2025-11-25 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raspberry Pi
2026-01-23 06:08 - 2020-01-29 20:52 - 000001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drive Snapshot.lnk
2026-01-22 20:59 - 2023-01-25 19:03 - 000000000 ____D C:\Users\nobody\AppData\Roaming\Vortex
2026-01-22 20:32 - 2022-06-14 22:45 - 000000000 ____D C:\Users\nobody\AppData\Local\Larian Studios
2026-01-20 19:52 - 2025-12-29 19:31 - 000002318 _____ C:\Users\nobody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeTube.lnk
2026-01-20 19:52 - 2025-12-29 19:31 - 000002310 _____ C:\Users\nobody\Desktop\FreeTube.lnk
2026-01-18 21:22 - 2025-05-19 19:29 - 000000000 ____D C:\WINDOWS\Twain_64
2026-01-17 22:44 - 2020-01-30 06:13 - 000000000 ____D C:\Users\nobody\AppData\Local\YoloMouse
2026-01-17 18:59 - 2024-05-11 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2026-01-17 18:56 - 2024-05-11 19:46 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2026-01-17 17:44 - 2022-10-26 19:03 - 000000000 ____D C:\Users\nobody\Zotero

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2023-06-16 10:57 - 2023-06-16 10:57 - 002443184 _____ () C:\Users\nobody\ConfigureDefender.exe
2025-12-24 19:36 - 2026-01-16 23:06 - 000000032 _____ () C:\Users\nobody\AppData\Roaming\.machineId
2023-12-24 17:50 - 2024-07-04 21:53 - 000000193 _____ () C:\Users\nobody\AppData\Roaming\BattleBitConfig.ini
2020-12-17 23:15 - 2025-07-30 20:16 - 000000016 _____ () C:\Users\nobody\AppData\Roaming\obs-virtualcam.txt
2020-03-27 17:10 - 2026-01-24 10:49 - 000000128 _____ () C:\Users\nobody\AppData\Roaming\winscp.rnd
2023-11-24 19:16 - 2023-11-24 19:18 - 000000042 _____ () C:\Users\nobody\AppData\Local\Autosofted License.txt
2020-05-21 14:16 - 2020-05-21 14:16 - 000003584 _____ () C:\Users\nobody\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2024-08-27 13:01 - 2024-08-27 13:05 - 000023020 _____ () C:\Users\nobody\AppData\Local\digikamrc
2024-08-27 13:01 - 2024-08-27 13:01 - 000000238 _____ () C:\Users\nobody\AppData\Local\digikam_systemrc
2020-01-30 17:14 - 2026-02-13 21:45 - 000000128 _____ () C:\Users\nobody\AppData\Local\PUTTY.RND
2024-06-22 19:19 - 2024-06-22 19:19 - 000003848 _____ () C:\Users\nobody\AppData\Local\recently-used.xbel
2020-01-29 19:56 - 2024-09-24 10:02 - 000007602 _____ () C:\Users\nobody\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Leider ist die Addition.txt sehr groß, sodass ich den Dateiinhalt in einer Pastebin-Instanz hochgeladen habe: notebin
__________________
MfG
BeRealm

 

Themen zu Windows 11 Kontrollscan
administrator, defender, detected, dll, firefox, firewall, google, homepage, internet explorer, malwarebytes, microsoft, mozilla, nvidia, ordner, pdf, port, prozesse, rundll, scan, server, services.exe, software, svchost.exe, system, windows


« setup.exe von vlc.de auf win 11 ausgeführt | - »


Ähnliche Themen: Windows 11 Kontrollscan


  1. Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows
    Log-Analyse und Auswertung - 24.11.2015 (14)
  2. Windows 10 Upgrade von Windows 8.1 Windows ist nicht aktiviert.
    Alles rund um Windows - 30.07.2015 (5)
  3. Windows 8, Windows 7, Android, Windows Phone - Websiten werden auf adfoc.us umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (7)
  4. Kontrollscan mit aswmbr: Unknown Mbr
    Log-Analyse und Auswertung - 04.04.2014 (27)
  5. Windows 7: Windows-Sicherheitscenter und Windows Defender funktionieren nicht mehr, Services.exe verseucht?
    Log-Analyse und Auswertung - 07.01.2014 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 11 Kontrollscan - Hallo, der Jahresanfang bietet sich immer für einen Frühjahrsputz an, daher möchte ich euch bitten mal über die Logs zu schauen, ob euch Auffälligkeiten in Auge stechen. Vielen Dank Code: - Windows 11 Kontrollscan...
Archiv
Du betrachtest: Windows 11 Kontrollscan auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132