| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Angst vor Trojaner nach Nutzung von OP AutoclickerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
Heute, 00:51
| #1 |
 |  Angst vor Trojaner nach Nutzung von OP Autoclicker Hallo zusammen, ich hatte den OP Autoclicker heruntergelagen und genutzt. Etwas später las ich dann im Netz, dass der wohl einen Trojaner beinhalten soll. Das Programm ist gelöscht, aber das ungute Gefühl bleibt. Könnt ihr mir bitte helfen mein System wieder sauber zu kriegen? LG Simon FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-04-2026
durchgeführt von shnox (Administrator) auf PC-MON (Gigabyte Technology Co., Ltd. B560M DS3H V2) (23-04-2026 01:39:42)
Gestartet von C:\Users\shnox\Desktop\Trojaner Board\FRST64.exe
Geladene Profile: shnox
Plattform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSATray.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe <8>
(C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\123.0.1.0\crashpad_handler.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Black Tree Gaming Ltd -> Black Tree Gaming Ltd.) C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe <6>
(explorer.exe ->) (Google LLC -> Google LLC.) C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe <2>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
(explorer.exe ->) (pCloud International AG -> ) C:\Program Files\pCloud Drive\pCloud.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> NordVPN) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e980fd2c7c4fce8e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe <2>
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files\Microvirt\MEmu\MemuService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2603.1001.18.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\shnox\AppData\Local\Microsoft\OneDrive\26.055.0323.0004_1\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe [1231864 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3255136 2025-11-02] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3138560 2023-01-11] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [678624 2026-01-22] (Geek Software GmbH -> geek software GmbH)
HKLM\...\Run: [PrnStatusMX] => C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe [1240064 2012-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
HKLM-x32\...\Run: [Avira Security startup helper] => "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe" DelayedStartup (Keine Datei)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe [77137048 2026-04-01] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe [77137048 2026-04-01] (Google LLC -> Google LLC.)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe [77137048 2026-04-01] (Google LLC -> Google LLC.)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [pCloud] => C:\Program Files\pCloud Drive\pCloud.exe [390264 2025-03-19] (pCloud International AG -> )
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [RazerAxon] => C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe [452296 2025-11-28] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [42086872 2026-04-12] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [electron.app.Vortex] => C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe [205531976 2026-03-31] (Black Tree Gaming Ltd -> Black Tree Gaming Ltd.)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\MountPoints2: {3a117fdf-fc1a-11ef-b024-d85ed3a000af} - "K:\pushinst.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe [77137048 2026-04-01] (Google LLC -> Google LLC.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\HP1215PrintProc: C:\Windows\System32\spool\prtprocs\x64\PPcp1215.DLL [65024 2012-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
HKLM\...\Windows x64\Print Processors\ZIMFPRINT: C:\Windows\System32\spool\prtprocs\x64\ZIMFPRNT.DLL [55808 2007-08-29] (Zenographics, Inc.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\CP1215LM: C:\Windows\system32\CP1215LM.DLL [175104 2012-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.102\Installer\chrmstp.exe [7429272 2026-04-20] (Google LLC -> Google LLC)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {A31E6EBA-D4F7-443F-B452-BDAAD6F6E6F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.)
Task: {A5EAD545-3A12-4B0B-9BB1-80ACF7EF4780} - System32\Tasks\ArcGIS Pro Indexing (MicrosoftAccount_shnoxxer42@gmail.com) => C:\Program Files\ArcGIS\Pro\bin\ArcGISIndexingServer.exe (Keine Datei)
Task: {75E9E871-97E1-4127-AE04-E4DFC07C8CAD} - System32\Tasks\Avira\System Speedup\SecurityTestScheduler => "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe" SchedulerTest (Keine Datei)
Task: {DF92EFB2-8264-4DE1-B934-F68B54D9F618} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [17280 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {89461A16-CB93-4ACD-A198-4EC03ED59A49} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [20352 2021-10-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {2864734E-2845-4EFE-94B4-0DC1D73D9119} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{98B3D352-33A7-472C-BE1A-9517FEBA1D74} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {B4BD1A5A-C442-434A-8799-3DDD23D0A732} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6064360 2024-11-18] (Intel Corporation -> Intel Corporation)
Task: {8C482388-C9F6-4866-8ADD-85E8CAC96744} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6064360 2024-11-18] (Intel Corporation -> Intel Corporation)
Task: {B7DD144F-9DEB-40D6-B586-83B1F4F4644C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {7627A3D3-1F5A-4CD2-A847-87A668EF8BFA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23572096 2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDC66EBF-BCFE-421B-AA52-4FFA94C000F1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23572096 2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {315AE0E9-86E9-47F3-8420-D08EEE3941F1} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe /checkin (Keine Datei)
Task: {89DE5683-71DB-4F84-9FC3-E1D73677C03F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209896 2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {82FE3E2F-C489-4E67-BC02-2849DAD44D11} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209896 2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A59D8C4-F509-4FA0-916E-82401BD00052} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3514944 2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {164CD733-3BDA-4B1E-B17D-E2757090472E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3514944 2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {4DD33230-715D-4690-924C-969CF56F4844} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92ABAF71-A100-4547-82B7-08C0C85F3EE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B33363F-A81D-41AE-B12B-248710BA9669} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1FCE7AF0-6F29-45C4-82D2-57AC6A6A6C3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8DE45CD9-7B38-416A-B561-A265B95AA48E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D65E61E1-CDBB-4AAB-915E-95D193AF184F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {9ED2AA81-2A64-4196-8B41-B3F9AEF5FD94} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {8BE4A898-E5C3-45E0-AF3A-2A3FFD02745E} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\CEIP.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {A9E046F1-A8E3-4F2B-B314-648A54F0ECB5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {68964BEC-4B8D-4C9F-89A2-B99DCB342F29} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C355A7A0-F128-4C64-B2CF-A3113CBBD5EB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [705664 2026-04-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {1270B7E0-38D8-41FB-B6A4-B161991BA07A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1032225255-1758578694-3390115000-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [705664 2026-04-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {50081D13-7274-4F03-B172-B481952FA449} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33920 2026-04-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {1BE14154-107F-4DB4-8C0E-0058B9373CAC} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3337328 2026-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {00AF5CBE-27CC-474C-A8AE-CE0722914AD9} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [582344 2026-01-23] (Razer USA Ltd. -> Razer Inc.)
Task: {01886521-643E-4A29-8DFE-2646E8D03BF7} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\Thermald.exe [389504 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {282BC789-1668-47BC-AB92-124FFA4C5207} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\Sensord.exe [257408 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {96F15D87-F50F-4558-817D-B29C98FA4962} - System32\Tasks\Ubisoft\Ubisoft Connect Background Update => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe [17255600 2026-03-19] (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
Task: {2E8BA462-CEE9-4006-9FDF-7849FE3AB5AC} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [454656 2025-09-12] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\-Command "Start-Process -WindowStyle Hidden task.bat"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1a3e3d0f-6d10-4a6c-bcc7-aa7a858b86ea}: [DhcpNameServer] 103.86.96.100 103.86.99.100
Tcpip\..\Interfaces\{35701326-d436-4b40-bfdb-bcc1b419b8ba}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{35701326-d436-4b40-bfdb-bcc1b419b8ba}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{9053f94d-e4fa-4307-95f7-92a7bceca16f}: [DhcpNameServer] 192.168.178.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
FireFox:
========
FF TaskBarID: 308046B0AF4A39CB -> C:\Program Files\Mozilla Firefox
FF DefaultProfile: 1j64mo91.default-release -> 308046B0AF4A39CB
FF ProfilePath: C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\u8rj7hti.default [2022-03-20]
FF ProfilePath: C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release [2026-04-22]
FF DownloadDir: C:\Users\shnox\Desktop
FF Session Restore: Mozilla\Firefox\Profiles\1j64mo91.default-release -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\1j64mo91.default-release -> hxxps://www.lieferando.de
FF Extension: (Avira Browserschutz) - C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release\Extensions\abs@avira.com.xpi [2022-05-01]
FF Extension: (Google Scholar-Schaltfläche) - C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release\Extensions\button@scholar.google.com.xpi [2022-08-29]
FF Extension: (Enhancer for YouTube™) - C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2026-04-22]
FF Extension: (Ghostery Werbeblocker & Datenschutz) - C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release\Extensions\firefox@ghostery.com.xpi [2026-04-11]
FF Extension: (New Tab) - C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release\Extensions\newtab@mozilla.org.xpi [2026-04-06]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2025-04-12] [ist nicht signiert]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-04-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default [2026-03-26]
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
Edge Extension: (Avira Safe Shopping) - C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2026-02-05]
Edge Extension: (Ghostery Werbeblocker & Datenschutz) - C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2026-03-26]
Edge Extension: (Google Docs Offline) - C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-23]
Edge Extension: (Edge relevant text changes) - C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
Edge Extension: (CKP - KeePass integration for Chrome™) - C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lnfepbjehgokldcaljagbmchhnaaogpc [2023-07-06]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Chrome:
=======
CHR Profile: C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default [2026-04-13]
CHR DefaultSearchURL: Default -> hxxps://search.brave.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.brave.com
CHR DefaultSuggestURL: Default -> hxxps://search.brave.com/api/suggest?q={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2026-04-13]
CHR Extension: (Avira Safe Shopping) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2026-04-13]
CHR Extension: (Avira Browserschutz) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2026-04-13]
CHR Extension: (Google Docs Offline) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-13]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2026-04-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2026-04-13]
CHR HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.)
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-26] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8930120 2022-03-29] (BattlEye Innovations e.K. -> )
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2023-12-02] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9499224 2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [784584 2026-01-23] (Razer USA Ltd. -> Razer Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe [133736 2026-03-24] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe [133224 2026-03-24] (Intel Corporation -> Intel)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3407800 2026-04-22] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [2604472 2026-04-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-03-26] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-03-26] (GOG sp. z o.o -> GOG.com)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Datei ist nicht signiert]
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2023-05-24] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [2542112 2025-04-02] (nordvpn s.a. -> NordVPN)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e980fd2c7c4fce8e\Display.NvContainer\NVDisplay.Container.exe [1702632 2026-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [83432 2026-03-26] (Microsoft Windows -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [678624 2026-01-22] (Geek Software GmbH -> geek software GmbH)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75064 2024-12-07] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189104 2024-12-07] (Even Balance, Inc. -> )
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [394376 2025-05-28] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300232 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1565304 2026-01-26] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [513736 2025-12-15] (Razer USA Ltd. -> Razer Inc.)
S3 UpcElevationService; C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher Core\UpcElevationService.exe [351928 2026-03-19] (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-04-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-04-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-04-15] (Microsoft Corporation) [Datei ist nicht signiert]
R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [457768 2022-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
S3 cpuz160; C:\ProgramData\CPUID Software\sdk\ksgTy2eohRg5OQ [44696 2026-03-30] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [30728 2022-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [226688 2025-12-02] (Microsoft Windows -> Microsoft Corporation)
R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [41480 2022-03-20] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-03-27] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144872 2026-03-26] (Microsoft Windows -> Microsoft Corporation)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2022-03-20] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\Program Files\NordVPN\7.56.2.0\Drivers\NDivert.sys [197592 2025-08-13] (nordvpn s.a. -> NordVPN S.A.)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [98464 2025-08-04] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007c; C:\WINDOWS\System32\drivers\RzDev_007c.sys [55376 2021-01-21] (Razer USA Ltd. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [41120 2024-08-29] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-23] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-04-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [647560 2026-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-11-05] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys (Keine Datei) <==== ACHTUNG
S3 cpuz159; \??\C:\WINDOWS\temp\cpuz159\cpuz159_x64.sys (Keine Datei) <==== ACHTUNG
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2026-04-22 18:35 - 2026-04-22 19:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2026-04-22 15:51 - 2026-04-22 15:51 - 000745650 _____ C:\WINDOWS\system32\perfh007.dat
2026-04-22 15:51 - 2026-04-22 15:51 - 000158752 _____ C:\WINDOWS\system32\perfc007.dat
2026-04-20 19:00 - 2026-04-22 17:47 - 000000000 ____D C:\WINDOWS\CbsTemp
2026-04-13 12:42 - 2026-04-15 19:51 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2026-04-13 12:39 - 2026-04-13 12:39 - 000002274 _____ C:\Users\shnox\Desktop\Google Chrome.lnk
2026-04-11 22:17 - 2026-04-11 22:17 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2026-04-11 22:17 - 2026-04-11 22:17 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2026-04-01 20:14 - 2026-04-01 20:14 - 006418300 _____ C:\Users\shnox\Desktop\savegames.zip
2026-04-01 16:32 - 2026-04-01 16:32 - 000001596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2026-04-01 16:11 - 2026-04-01 16:11 - 000000000 ____D C:\Users\shnox\AppData\LocalLow\YYZProductions
2026-04-01 16:06 - 2026-04-01 16:06 - 000000000 ____D C:\Users\shnox\AppData\LocalLow\GangoGames LLC
2026-04-01 16:06 - 2026-04-01 16:06 - 000000000 ____D C:\Users\shnox\AppData\Local\EpicOnlineServicesUIHelper
2026-04-01 16:05 - 2026-04-01 16:05 - 000000000 ____D C:\Users\shnox\AppData\Local\EOSUserHelper
2026-03-27 17:26 - 2026-03-27 17:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\SoftLanding
2026-03-27 00:52 - 2026-03-18 01:37 - 000127208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2026-03-27 00:51 - 2026-03-27 00:51 - 000001434 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-03-27 00:51 - 2026-01-16 17:37 - 000161912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap32v.dll
2026-03-27 00:51 - 2026-01-16 17:37 - 000060568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2026-03-26 23:34 - 2026-03-26 23:34 - 000036843 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-03-26 23:34 - 2026-03-26 23:34 - 000036843 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2026-03-26 23:34 - 2026-03-26 23:34 - 000004575 _____ C:\WINDOWS\system32\ResPriUHMImageList
2026-03-26 23:34 - 2026-03-26 23:34 - 000004575 _____ C:\WINDOWS\system32\ResPriLMImageList
2026-03-26 23:34 - 2026-03-26 23:34 - 000004575 _____ C:\WINDOWS\system32\ResPriImageList
2026-03-26 23:34 - 2026-03-26 23:34 - 000004575 _____ C:\WINDOWS\system32\ResPriHMImageList
2026-03-26 16:20 - 2026-03-26 16:20 - 000000000 ____D C:\Users\shnox\AppData\LocalLow\MCC
2026-03-26 15:56 - 2026-03-26 15:56 - 000000222 _____ C:\Users\shnox\Desktop\Fallout 4.url
2026-03-25 17:18 - 2026-03-18 08:48 - 002421296 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2026-03-25 17:18 - 2026-03-18 08:48 - 002421296 _____ C:\WINDOWS\system32\vulkaninfo.exe
2026-03-25 17:18 - 2026-03-18 08:48 - 001923120 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-03-25 17:18 - 2026-03-18 08:48 - 001923120 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2026-03-25 17:18 - 2026-03-18 08:48 - 001625648 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2026-03-25 17:18 - 2026-03-18 08:48 - 001625648 _____ C:\WINDOWS\system32\vulkan-1.dll
2026-03-25 17:18 - 2026-03-18 08:48 - 001434672 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2026-03-25 17:18 - 2026-03-18 08:48 - 001434672 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2026-03-25 17:18 - 2026-03-18 08:48 - 000478952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2026-03-25 17:18 - 2026-03-18 08:48 - 000375016 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2026-03-25 17:18 - 2026-03-18 08:45 - 001385704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2026-03-25 17:18 - 2026-03-18 08:45 - 000675048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2026-03-25 17:18 - 2026-03-18 08:45 - 000509160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 028057832 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2026-03-25 17:18 - 2026-03-18 08:44 - 002328296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 001724136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 001621224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2026-03-25 17:18 - 2026-03-18 08:44 - 001583336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 001231592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 001064680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 000820456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2026-03-25 17:18 - 2026-03-18 08:43 - 029136616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2026-03-25 17:18 - 2026-03-18 08:43 - 021713128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2026-03-25 17:18 - 2026-03-18 08:43 - 000469736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2026-03-25 17:18 - 2026-03-18 08:42 - 008441064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 005925096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 005674216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 005516480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 005011440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 004466920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 000853736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2026-03-25 17:18 - 2026-03-18 01:37 - 000162186 _____ C:\WINDOWS\system32\nvinfo.pb
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2026-04-23 01:40 - 2026-03-19 22:42 - 000000000 ____D C:\FRST
2026-04-23 01:39 - 2026-03-19 22:43 - 000000000 ____D C:\Users\shnox\Desktop\Trojaner Board
2026-04-23 01:32 - 2022-06-23 20:13 - 000000000 ____D C:\ProgramData\NordVPN
2026-04-23 01:26 - 2022-03-20 13:04 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-23 01:25 - 2022-03-20 11:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2026-04-23 01:24 - 2022-03-20 13:39 - 000000000 ____D C:\Users\shnox\AppData\Local\UnrealEngine
2026-04-23 00:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-04-23 00:47 - 2022-03-20 10:18 - 000000000 ___SD C:\Users\shnox\AppData\Roaming\Microsoft\Credentials
2026-04-23 00:27 - 2022-03-30 11:34 - 000000000 ____D C:\Users\shnox\AppData\Local\Ubisoft Game Launcher
2026-04-22 22:49 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-22 19:08 - 2022-03-20 11:29 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2026-04-22 19:07 - 2022-03-20 11:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2026-04-22 19:07 - 2022-03-20 11:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2026-04-22 16:03 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-22 16:03 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-04-22 15:51 - 2025-04-16 00:26 - 001729568 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-04-22 15:51 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2026-04-22 15:48 - 2024-01-31 15:27 - 000000000 ____D C:\Users\shnox\AppData\Roaming\Vortex
2026-04-22 15:48 - 2022-03-20 10:34 - 000000000 ____D C:\ProgramData\Razer
2026-04-22 15:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Registration
2026-04-22 15:47 - 2022-03-20 10:23 - 000000000 ___RD C:\Users\shnox\OneDrive
2026-04-22 15:46 - 2025-04-16 00:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-04-22 15:46 - 2025-04-16 00:24 - 000020002 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-22 15:46 - 2022-03-20 11:35 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-22 15:46 - 2022-03-20 09:59 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-21 18:04 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2026-04-21 15:00 - 2022-03-20 10:21 - 000000000 ____D C:\Users\shnox\AppData\Local\D3DSCache
2026-04-20 21:43 - 2022-04-19 09:46 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-20 16:38 - 2025-04-16 00:27 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1032225255-1758578694-3390115000-1001
2026-04-20 16:38 - 2025-04-16 00:27 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1032225255-1758578694-3390115000-1001
2026-04-20 16:38 - 2025-04-16 00:27 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1032225255-1758578694-3390115000-1001
2026-04-20 16:38 - 2022-03-20 10:23 - 000002435 _____ C:\Users\shnox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 14:44 - 2025-04-16 00:27 - 000003960 _____ C:\WINDOWS\system32\Tasks\RazerCortexScheduleClean
2026-04-17 09:36 - 2022-10-24 10:43 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-04-17 00:01 - 2025-04-16 00:21 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2026-04-17 00:00 - 2025-04-16 00:21 - 000627344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-04-16 03:29 - 2024-04-01 18:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-04-15 20:19 - 2022-03-20 11:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-04-15 20:18 - 2022-03-20 11:27 - 218249592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-04-15 20:06 - 2025-04-08 20:00 - 000000000 ____D C:\Program Files (x86)\dotnet
2026-04-15 20:06 - 2023-05-22 15:17 - 000000000 ____D C:\Program Files\dotnet
2026-04-15 20:06 - 2022-03-20 10:37 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-15 19:51 - 2024-09-22 08:29 - 000000000 ____D C:\Users\shnox\AppData\Local\NotificationTemp
2026-04-15 00:35 - 2025-04-16 00:24 - 003268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-04-14 22:12 - 2022-03-20 13:44 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2026-04-13 22:49 - 2022-03-20 09:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2026-04-13 12:39 - 2022-03-20 14:49 - 000000000 ____D C:\Users\shnox\AppData\Local\Google
2026-04-11 22:26 - 2025-04-16 00:27 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-04-11 22:26 - 2025-04-16 00:27 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-04-11 22:17 - 2022-03-20 14:48 - 000000000 ____D C:\Program Files\Google
2026-04-09 19:40 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2026-04-06 14:24 - 2022-03-20 13:04 - 000000000 ____D C:\Users\shnox\AppData\Local\Steam
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2026-04-01 20:53 - 2022-03-20 14:49 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2026-04-01 20:53 - 2022-03-20 14:49 - 000002048 _____ C:\Users\shnox\Desktop\Google Drive.lnk
2026-04-01 16:32 - 2022-03-20 12:04 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-01 16:06 - 2022-03-20 13:39 - 000000000 ____D C:\ProgramData\Epic
2026-03-30 11:33 - 2022-03-20 11:43 - 000000000 ____D C:\Users\shnox\AppData\Local\CrashDumps
2026-03-27 17:32 - 2022-03-29 20:15 - 000000000 ____D C:\Users\shnox\Documents\My Games
2026-03-27 17:26 - 2022-03-21 23:12 - 000000000 ____D C:\Program Files (x86)\Avira
2026-03-27 17:23 - 2025-09-12 18:41 - 000000000 ____D C:\WINDOWS\system32\ruxim
2026-03-27 17:23 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2026-03-27 17:23 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\system32\de
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-03-27 17:22 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2026-03-27 16:59 - 2024-04-01 09:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2026-03-27 16:58 - 2022-03-20 11:27 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2026-03-27 16:57 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2026-03-27 16:12 - 2022-03-20 10:21 - 000000000 ____D C:\Users\shnox\AppData\Local\Packages
2026-03-27 15:03 - 2022-03-20 10:21 - 000000000 ____D C:\ProgramData\Packages
2026-03-27 13:14 - 2024-02-01 22:16 - 000000000 ____D C:\Users\shnox\AppData\Local\Fallout4
2026-03-27 12:04 - 2022-06-13 14:44 - 000000000 ___RD C:\Users\shnox\Dropbox
2026-03-27 05:04 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2026-03-27 05:04 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2026-03-27 02:07 - 2022-03-20 11:35 - 000000000 ____D C:\Users\shnox\AppData\Local\NVIDIA Corporation
2026-03-27 01:50 - 2022-03-20 21:20 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-03-27 01:43 - 2022-03-30 11:34 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2026-03-27 01:42 - 2022-12-10 19:05 - 000000000 ____D C:\ProgramData\Battle.net
2026-03-27 01:42 - 2022-03-30 11:34 - 000000000 ____D C:\Users\shnox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2026-03-27 01:41 - 2022-03-20 12:02 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2026-03-27 01:36 - 2026-01-31 00:37 - 000000000 ____D C:\Users\shnox\Desktop\xenia_canary_windows
2026-03-27 01:35 - 2022-03-29 13:29 - 000000000 ____D C:\Program Files\Epic Games
2026-03-27 01:34 - 2022-03-20 11:35 - 000000000 ____D C:\Users\shnox\AppData\Local\NVIDIA
2026-03-27 01:33 - 2023-06-01 20:03 - 000000000 ____D C:\Users\shnox\Documents\Anno 2205
2026-03-27 01:33 - 2023-05-29 15:44 - 000000000 ____D C:\Users\shnox\Documents\Anno 1800
2026-03-27 01:32 - 2024-12-01 16:28 - 000000000 ____D C:\Users\shnox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2026-03-27 00:54 - 2022-03-20 11:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2026-03-27 00:51 - 2025-04-16 00:27 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-03-27 00:51 - 2022-03-20 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2026-03-27 00:51 - 2022-03-20 11:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-03-26 23:16 - 2022-03-21 23:13 - 000000000 ____D C:\Users\Public\Security Sessions
2026-03-26 15:58 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2026-03-26 15:51 - 2022-03-20 11:42 - 000000000 ____D C:\Users\shnox\AppData\Roaming\KeePass
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-12-20 17:59 - 2023-12-20 17:59 - 000002295 _____ () C:\Users\shnox\AppData\Local\recently-used.xbel
2022-08-12 21:07 - 2022-08-12 21:07 - 000007642 _____ () C:\Users\shnox\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Angst vor Trojaner nach Nutzung von OP Autoclicker |
| adobe, avira, bonjour, defender, desktop, firefox, google, home, installation, internet, internet explorer, mozilla, programm, prozesse, realtek, registry, scan, security, services.exe, software, svchost.exe, system, trojaner, trojaner board, windows |
Baum-Darstellung