Trojaner-Board - Windows 10: merkwürdige Dienste "AppServicea, AppServiceb..."

Hallo zusammen,

mir sind merkwürdige Windows-Dienste "AppServicea, AppServiceb, AppServicec.... (immer 1 Buchstabe des ABCs" aufgefallen. Kann jemand vllt schauen, was hier los ist?
Finde bis jetzt nur den Pfad "C:\WINDOWS\system32\X42VB2LUM4.tmp" in Verbindung mit "Trojan:Win32/Tiggre!rfn" und den genannten Diensten laut Windows Defender.

Hier die Anhänge von FRST:

FRST.txt

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-06-2021

durchgeführt von Ardit Miftari (Administrator) auf ADMINISTRATOR (Micro-Star International Co., Ltd MS-7C02) (17-06-2021 15:35:04)

Gestartet von C:\Users\Ardit Miftari\Downloads

Geladene Profile: Ardit Miftari

Platform: Windows 10 Pro Version 21H1 19043.1055 (X64) Sprache: Deutsch (Deutschland)

Standard-Browser: Chrome

Start-Modus: Normal
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe

(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe

(geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>

(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>

(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe

(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2106.1001.4.0_x64__8wekyb3d8bbwe\XboxAppServices.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\osk.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe

(NiyaShy) [Datei ist nicht signiert] C:\Program Files (x86)\XB1ControllerBatteryIndicator\XB1ControllerBatteryIndicator.exe

(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvgbdi.inf_amd64_c55c14bb1220491a\Display.NvContainer\NVDisplay.Container.exe <2>

(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(RaMMicHaeL) [Datei ist nicht signiert] C:\Users\Ardit Miftari\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe <2>
 

==================== Registry (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe [1201448 2020-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-06-10] (Logitech Inc -> Logitech, Inc.)

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\Run: [XB1ControllerBatteryIndicator] => C:\Program Files (x86)\XB1ControllerBatteryIndicator\XB1ControllerBatteryIndicator.exe [2137600 2019-09-07] (NiyaShy) [Datei ist nicht signiert]

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\Ardit Miftari\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [467456 2021-06-10] (RaMMicHaeL) [Datei ist nicht signiert]

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\MountPoints2: {16b09407-ef44-11ea-8260-2cf05d05e8c7} - "E:\OnePlus_setup.exe" /s

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\MountPoints2: {3974e296-315a-11eb-82dd-2cf05d05e8c7} - "E:\OnePlus_setup.exe" /s

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\MountPoints2: {efac98b6-ca50-11ea-8222-6245b4fde6d3} - "E:\OnePlus_setup.exe" /s

HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [653312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.106\Installer\chrmstp.exe [2021-06-16] (Google LLC -> Google LLC)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-05-17]

ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

GroupPolicy: Beschränkung ? <==== ACHTUNG

Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {135F6965-B498-472E-B50F-356A44FCA4EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {2356909D-B2EB-4A10-86A2-0DF3ACEAE23F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log

Task: {267624EC-6732-43D0-A68C-36C16413CEE3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)

Task: {2DBC45F5-DE10-4449-9975-DC6B99246119} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {4AB32A1D-3C52-4753-8823-F5276F64B0AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-03] (Google LLC -> Google LLC)

Task: {5EDF23B4-E5F3-47FB-8482-662F6A367B8D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {6A834E4C-E394-4A57-A55A-900F7CF73188} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-08] (Microsoft Corporation -> Microsoft Corporation)

Task: {6CE18738-7D34-4F07-BC32-A1816737087B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-03] (Google LLC -> Google LLC)

Task: {6DD40D74-A4DF-4090-BB44-95A45FE2B55D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {80A75CC4-0538-4CB5-9B02-A4ED030D29CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {A0720731-7172-47D6-AE24-1EC1F1043CBC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {A90B3AF5-1815-43EB-9C9C-7DFB8F633852} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-08] (Microsoft Corporation -> Microsoft Corporation)

Task: {AB272192-B220-48AE-85AB-3E67F4FA160A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {BC5BED88-807A-4EA0-A632-188467B2E796} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)

Task: {BE13D277-8204-4800-8C43-BC56608C5CB9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {C0FC2E53-8172-4EC7-9537-405C7B163CB9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-08] (Microsoft Corporation -> Microsoft Corporation)

Task: {C12F9B1A-D8FE-427B-B7FC-70F735DF5C1B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {D5696638-AE7E-4CE7-BA2D-EB37C6BD487E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log

Task: {D764F08C-B39B-4333-BCA3-F6D62D5BC6F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {E99A1C26-AAB2-4FA6-99CB-C7E72690E153} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {EB6CE027-9655-4AE2-8EC2-DD20BA8E3AD5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {EE2C4DAA-7DF2-499F-A5DD-CE39C52840AB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {F106C696-4498-4677-ADBE-95899048BD65} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {F8F80394-E5CB-4AC0-9030-53C78A02E02A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-08] (Microsoft Corporation -> Microsoft Corporation)

Task: {FA4BC512-B0EF-4845-8517-5E217B5C56B5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\..\Interfaces\{9c75f7e4-d594-4337-bb54-69526af5fe1f}: [NameServer] 192.168.178.1,1.1.1.1
 

Edge: 

=======

Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]

Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]

Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]

Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]

Edge DefaultProfile: Default

Edge Profile: C:\Users\Ardit Miftari\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-17]

Edge Extension: (Honey) - C:\Users\Ardit Miftari\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2021-05-06]
 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-24] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-24] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
 

Chrome: 

=======

CHR Profile: C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default [2021-06-17]

CHR Extension: (Präsentationen) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-03]

CHR Extension: (BetterTTV) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-05-23]

CHR Extension: (Docs) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-03]

CHR Extension: (Google Drive) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19]

CHR Extension: (YouTube) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-03]

CHR Extension: (Honey) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-06-15]

CHR Extension: (uBlock Origin) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-07]

CHR Extension: (Tabellen) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-03]

CHR Extension: (Google Docs Offline) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-14]

CHR Extension: (Ultimate Volume Booster) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaganfmfchlbdifnggkfjjkccecmeklk [2020-11-18]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Steam URL Opener) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiboilmeofgpoiopgjdllegafaaeblon [2021-04-19]

CHR Extension: (Google Mail) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]

CHR Extension: (Chrome Media Router) - C:\Users\Ardit Miftari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-28]

CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)

S3 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3761896 2021-05-17] (philandro Software GmbH -> AnyDesk Software GmbH)

S2 AppServicea; C:\WINDOWS\system32\X42VB2LUM4.tmp [6144 2021-06-17] (Microsoft Corporation) [Datei ist nicht signiert]

S2 AppServiceb; C:\WINDOWS\system32\X42VB2LUM4.tmp [6144 2021-06-17] (Microsoft Corporation) [Datei ist nicht signiert]

S2 AppServicec; C:\WINDOWS\system32\X42VB2LUM4.tmp [6144 2021-06-17] (Microsoft Corporation) [Datei ist nicht signiert]

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-02-25] (BattlEye Innovations e.K. -> )

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-09-17] (EasyAntiCheat Oy -> Epic Games, Inc)

S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)

S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-04-01] (GOG Sp. z o.o. -> GOG.com)

S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-04-01] (GOG Sp. z o.o. -> GOG.com)

R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10723232 2021-06-10] (Logitech Inc -> Logitech, Inc.)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2547344 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)

R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3487384 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)

R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564416 2021-02-19] (geek software GmbH -> geek software GmbH)

R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2020-03-29] (Even Balance, Inc. -> )

S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2219416 2021-06-12] (Rockstar Games, Inc. -> Rockstar Games)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393792 2021-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)

S2 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)

S2 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)

R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvgbdi.inf_amd64_c55c14bb1220491a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvgbdi.inf_amd64_c55c14bb1220491a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 

===================== Treiber (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)

S3 fwdrv; C:\WINDOWS\System32\drivers\fwdrv.sys [27840 2014-03-22] (Web Solution Mart -> Web Solution Mart)

R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-06-10] (Logitech Inc -> Logitech)

S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys [43856 2021-04-15] (Logitech Inc -> Logitech)

R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-03-17] (Logitech Inc -> Logitech)

R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-03-17] (Logitech Inc -> Logitech)

R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-03-17] (Logitech Inc -> Logitech)

S3 scaudio; C:\WINDOWS\System32\drivers\scaudio.sys [54792 2020-06-04] (Brandmeister LLC -> )

R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)

R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [75640 2006-07-05] (Protection Technology, Ltd. -> Protection Technology (StarForce))

R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology, Ltd. -> Protection Technology (StarForce))

S3 splitcam_hd_driver; C:\WINDOWS\System32\drivers\splitcam_hd_driver.sys [38000 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)

R2 SSGDIO; C:\WINDOWS\SysWOW64\DRIVERS\ssgdio64.sys [14608 2021-05-24] (ATI Technologies, Inc -> ATI Technologies Inc.)

R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [232792 2021-03-08] (Valve Corp. -> Valve Corporation)

S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2020-04-21] (Unified Intents AB -> Windows (R) Win 7 DDK provider)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2021-06-17 15:29 - 2021-06-17 15:29 - 000048504 _____ C:\Users\Ardit Miftari\Downloads\Shortcut.txt

2021-06-17 15:16 - 2021-06-17 15:16 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\X42VB2LUM4.tmp

2021-06-17 14:52 - 2021-06-17 15:29 - 000064750 _____ C:\Users\Ardit Miftari\Downloads\Addition.txt

2021-06-17 14:37 - 2021-06-17 15:35 - 000025983 _____ C:\Users\Ardit Miftari\Downloads\FRST.txt

2021-06-17 14:37 - 2021-06-17 15:35 - 000000000 ____D C:\FRST

2021-06-17 14:37 - 2021-06-17 14:37 - 000000000 ____D C:\Users\Ardit Miftari\Downloads\FRST-OlderVersion

2021-06-17 14:36 - 2021-06-17 14:37 - 002300416 _____ (Farbar) C:\Users\Ardit Miftari\Downloads\FRST64.exe

2021-06-17 14:33 - 2021-06-17 14:33 - 000000411 _____ C:\Users\Ardit Miftari\Desktop\kprm-20210617143331.txt

2021-06-17 14:33 - 2021-06-17 14:33 - 000000000 ____D C:\KPRM

2021-06-17 13:22 - 2021-06-17 13:22 - 000069682 _____ C:\Users\Ardit Miftari\Desktop\xbox series s rechnung.pdf

2021-06-17 09:14 - 2021-06-17 09:14 - 000313912 _____ C:\Users\Ardit Miftari\Desktop\Urlaubsantrag_Miftari_22.06.2021.pdf

2021-06-17 08:23 - 2021-06-17 08:23 - 000000656 _____ C:\Users\Ardit Miftari\Downloads\wu10.diagcab

2021-06-16 19:19 - 2021-06-16 19:19 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reset Windows Update Tool

2021-06-16 19:19 - 2021-06-16 19:19 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\wureset

2021-06-16 19:19 - 2021-06-16 19:19 - 000000000 ____D C:\Program Files\wureset

2021-06-16 18:59 - 2021-06-16 18:59 - 000000000 ____D C:\WINDOWS\Panther

2021-06-16 17:24 - 2021-06-16 17:24 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Roaming\Mirage

2021-06-16 17:23 - 2021-06-16 17:23 - 000000000 ____D C:\Program Files (x86)\Company

2021-06-16 14:01 - 2021-06-16 14:19 - 000313921 _____ C:\Users\Ardit Miftari\Desktop\Urlaubsantrag_Miftari_28.06.2021_bis_16.07.2021.pdf

2021-06-15 10:02 - 2021-06-15 10:02 - 000011453 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

2021-06-10 14:01 - 2021-06-10 14:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi

2021-06-10 14:01 - 2021-06-10 14:01 - 000000000 ____D C:\Program Files\LGHUB

2021-06-10 11:53 - 2021-06-10 11:53 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2021-06-10 11:53 - 2021-06-10 11:53 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2021-06-10 11:53 - 2021-06-10 11:53 - 000321226 ___SH C:\Users\Ardit Miftari\AppData\Roaming\bcebvja

2021-06-08 18:24 - 2021-06-08 18:26 - 000000000 ____D C:\Program Files\CopyTrans HEIC for Windows

2021-06-08 18:24 - 2021-06-08 18:26 - 000000000 ____D C:\Program Files (x86)\CopyTrans HEIC for Windows

2021-06-08 18:24 - 2021-06-08 18:24 - 000000000 ____D C:\ProgramData\WindSolutions

2021-06-07 16:27 - 2021-06-07 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4

2021-05-28 19:23 - 2021-05-13 12:38 - 000037656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll

2021-05-28 19:18 - 2021-05-28 19:18 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll

2021-05-28 19:18 - 2021-05-28 19:18 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll

2021-05-28 19:18 - 2021-05-28 19:18 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2021-05-28 19:18 - 2021-05-28 19:18 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2021-05-28 19:18 - 2021-05-28 19:18 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2021-05-28 19:18 - 2021-05-28 19:18 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll

2021-05-28 19:18 - 2021-05-28 19:18 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2021-05-28 19:18 - 2021-05-28 19:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2021-05-28 19:18 - 2021-05-28 19:18 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll

2021-05-28 19:18 - 2021-05-28 19:18 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2021-05-28 19:18 - 2021-05-28 19:18 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2021-05-28 19:18 - 2021-05-28 19:18 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll

2021-05-28 19:18 - 2021-05-28 19:18 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe

2021-05-28 19:18 - 2021-05-28 19:18 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe

2021-05-28 19:18 - 2021-05-28 19:18 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys

2021-05-28 19:17 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe

2021-05-28 19:17 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe

2021-05-28 19:17 - 2021-05-13 20:22 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2021-05-28 19:17 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe

2021-05-28 19:17 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2021-05-28 19:17 - 2021-05-13 20:22 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll

2021-05-28 19:17 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll

2021-05-28 19:17 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll

2021-05-28 19:17 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll

2021-05-28 19:17 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2021-05-28 19:17 - 2021-05-13 20:19 - 001514800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2021-05-28 19:17 - 2021-05-13 20:19 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2021-05-28 19:17 - 2021-05-13 20:19 - 000715544 _____ C:\WINDOWS\system32\nvofapi64.dll

2021-05-28 19:17 - 2021-05-13 20:19 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2021-05-28 19:17 - 2021-05-13 20:19 - 000626968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll

2021-05-28 19:17 - 2021-05-13 20:19 - 000575768 _____ C:\WINDOWS\SysWOW64\nvofapi.dll

2021-05-28 19:17 - 2021-05-13 20:19 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2021-05-28 19:17 - 2021-05-13 20:18 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2021-05-28 19:17 - 2021-05-13 20:18 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2021-05-28 19:17 - 2021-05-13 20:18 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2021-05-28 19:17 - 2021-05-13 20:18 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe

2021-05-28 19:17 - 2021-05-13 20:18 - 000656176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2021-05-28 19:17 - 2021-05-13 20:18 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe

2021-05-28 19:17 - 2021-05-13 20:17 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2021-05-28 19:17 - 2021-05-13 20:17 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2021-05-28 19:17 - 2021-05-13 20:17 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2021-05-28 19:17 - 2021-05-13 20:17 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2021-05-28 19:17 - 2021-05-13 20:16 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe

2021-05-28 19:17 - 2021-05-13 20:15 - 006159152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2021-05-28 19:17 - 2021-05-13 12:38 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb

2021-05-24 07:57 - 2021-05-24 07:57 - 000014608 _____ (ATI Technologies Inc.) C:\WINDOWS\SysWOW64\Drivers\ssgdio64.sys
 

==================== Ein Monat (geänderte) ==================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2021-06-17 15:23 - 2020-06-13 08:57 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2021-06-17 15:23 - 2019-12-07 16:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat

2021-06-17 15:23 - 2019-12-07 16:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat

2021-06-17 15:23 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF

2021-06-17 15:18 - 2020-11-10 21:50 - 000000000 ____D C:\ProgramData\NVIDIA

2021-06-17 15:18 - 2020-03-04 10:19 - 000000000 ____D C:\Program Files\CCleaner

2021-06-17 15:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness

2021-06-17 15:17 - 2020-11-03 20:37 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Roaming\LGHUB

2021-06-17 15:17 - 2020-11-03 20:37 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\LGHUB

2021-06-17 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2021-06-17 15:16 - 2020-06-13 08:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2021-06-17 15:16 - 2020-06-13 08:53 - 000008192 ___SH C:\DumpStack.log.tmp

2021-06-17 15:16 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2021-06-17 15:04 - 2020-03-28 19:00 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Roaming\Notepad++

2021-06-17 15:04 - 2020-03-04 00:19 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\CrashDumps

2021-06-17 15:04 - 2020-03-03 23:15 - 000000000 ____D C:\Program Files (x86)\Steam

2021-06-17 14:56 - 2020-07-19 12:10 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Roaming\Mozilla

2021-06-17 14:23 - 2020-06-13 08:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2021-06-17 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\ModifiableWindowsApps

2021-06-16 20:18 - 2020-03-04 10:49 - 000000000 ____D C:\WINDOWS\pss

2021-06-16 19:38 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp

2021-06-16 19:15 - 2020-03-03 21:42 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\D3DSCache

2021-06-16 18:39 - 2020-07-13 19:24 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\IsolatedStorage

2021-06-16 17:29 - 2020-03-03 23:19 - 000000000 ____D C:\Program Files (x86)\Epic Games

2021-06-16 17:28 - 2020-05-18 18:46 - 000000746 __RSH C:\ProgramData\ntuser.pol

2021-06-16 17:23 - 2020-11-27 11:21 - 000000000 ____D C:\Program Files\Logitech Gaming Software

2021-06-16 17:21 - 2021-05-09 13:01 - 000000000 ____D C:\ProgramData\Disc-Soft

2021-06-16 09:07 - 2020-03-03 23:11 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2021-06-15 14:07 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection

2021-06-15 14:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr

2021-06-14 15:13 - 2020-03-03 21:43 - 000000000 ____D C:\ProgramData\Packages

2021-06-14 15:13 - 2020-03-03 21:31 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\Packages

2021-06-14 15:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps

2021-06-13 11:14 - 2020-03-03 23:18 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\Spotify

2021-06-13 11:09 - 2020-03-03 23:18 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Roaming\Spotify

2021-06-12 20:26 - 2021-02-14 09:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

2021-06-12 14:34 - 2020-03-03 23:51 - 000000000 ____D C:\Program Files (x86)\Rockstar Games

2021-06-12 14:34 - 2020-03-03 23:22 - 000000000 ____D C:\Program Files\Rockstar Games

2021-06-12 09:04 - 2020-03-04 04:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2021-06-12 07:55 - 2020-03-03 23:14 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2021-06-11 20:03 - 2020-03-03 08:46 - 000000000 ____D C:\Users\Ardit Miftari\Documents\Euro Truck Simulator 2

2021-06-10 20:23 - 2020-10-05 21:28 - 000002063 _____ C:\Users\Ardit Miftari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7+ Taskbar Tweaker.lnk

2021-06-10 14:00 - 2020-06-13 08:54 - 000443592 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2021-06-10 14:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources

2021-06-10 14:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz

2021-06-10 11:50 - 2020-03-04 09:44 - 000000000 ____D C:\WINDOWS\system32\MRT

2021-06-10 11:49 - 2020-03-04 09:44 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2021-06-10 11:48 - 2020-07-13 19:24 - 000000000 ____D C:\Program Files\dotnet

2021-06-10 11:48 - 2020-03-03 21:43 - 000000000 ____D C:\ProgramData\Package Cache

2021-06-10 08:00 - 2020-03-03 21:33 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\PlaceholderTileLogoFolder

2021-06-09 15:33 - 2020-10-24 11:34 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2021-06-08 19:33 - 2020-03-03 23:12 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Roaming\discord

2021-06-08 18:41 - 2020-03-03 23:18 - 000000000 ____D C:\Program Files\Microsoft Office

2021-06-08 18:38 - 2020-03-03 23:12 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\Discord

2021-06-08 18:34 - 2020-03-05 18:39 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Roaming\vlc

2021-06-07 22:21 - 2020-03-03 23:15 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Roaming\Origin

2021-06-07 22:21 - 2020-03-03 23:15 - 000000000 ____D C:\ProgramData\Origin

2021-06-07 16:26 - 2020-03-29 20:23 - 000281872 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe

2021-06-07 16:26 - 2020-03-29 20:23 - 000281872 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0

2021-06-07 16:26 - 2020-03-29 20:23 - 000076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe

2021-06-07 16:16 - 2020-03-03 23:15 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\Origin

2021-06-07 10:17 - 2020-03-28 19:00 - 000000884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk

2021-06-03 17:20 - 2021-02-22 17:04 - 000000000 ____D C:\Program Files (x86)\AnyDesk

2021-06-03 14:38 - 2021-05-17 14:52 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Roaming\AnyDesk

2021-05-29 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2021-05-28 19:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2021-05-28 19:37 - 2020-06-13 08:57 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

2021-05-28 19:29 - 2020-06-13 08:17 - 000000000 ____D C:\Users\Ardit Miftari

2021-05-28 19:28 - 2020-11-18 09:33 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\NVIDIA

2021-05-28 19:26 - 2020-11-12 18:59 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\NVIDIA Corporation

2021-05-28 19:25 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2021-05-28 19:23 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog

2021-05-28 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV

2021-05-28 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE

2021-05-28 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2021-05-28 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe

2021-05-28 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV

2021-05-28 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE

2021-05-28 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism

2021-05-28 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2021-05-28 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState

2021-05-26 19:05 - 2020-03-03 23:16 - 000000000 ____D C:\Program Files (x86)\Origin

2021-05-25 07:48 - 2021-02-14 09:38 - 000725304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll

2021-05-25 07:48 - 2021-02-14 09:38 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

2021-05-24 08:10 - 2020-03-15 20:21 - 000000000 ____D C:\Users\Ardit Miftari\AppData\Local\1usmus

2021-05-22 19:48 - 2020-12-11 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]

2021-05-22 19:33 - 2020-12-11 18:53 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy

2021-05-19 16:38 - 2021-05-13 13:29 - 000000000 ____D C:\Program Files\Dolphin

2021-05-19 16:19 - 2020-03-28 19:00 - 000000000 ____D C:\Program Files\Notepad++

2021-05-19 08:47 - 2020-04-20 11:50 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll

2021-05-19 08:47 - 2020-03-06 12:41 - 001694672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll

2021-05-19 08:47 - 2020-03-06 12:41 - 000250304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll

2021-05-19 08:47 - 2020-03-06 12:41 - 000192952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll

2021-05-19 08:47 - 2020-03-06 12:41 - 000159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll

2021-05-19 08:47 - 2020-03-06 12:41 - 000038328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe

2021-05-18 20:53 - 2020-03-03 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64

2021-05-18 20:53 - 2020-03-03 21:46 - 000000000 ____D C:\Program Files\HWiNFO64

2021-05-18 11:46 - 2020-03-03 23:23 - 000002567 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk

2021-05-18 11:46 - 2020-03-03 23:23 - 000002563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk

2021-05-18 11:46 - 2020-03-03 23:23 - 000002542 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk

2021-05-18 11:46 - 2020-03-03 23:23 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk

2021-05-18 11:46 - 2020-03-03 23:23 - 000002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk

2021-05-18 11:46 - 2020-03-03 23:23 - 000002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk

2021-05-18 11:46 - 2020-03-03 23:23 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk

2021-05-18 11:46 - 2020-03-03 23:23 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk

2021-05-18 11:46 - 2020-03-03 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
 

2021-06-10 11:53 - 2021-06-10 11:53 - 000321226 ___SH () C:\Users\Ardit Miftari\AppData\Roaming\bcebvja

2020-11-13 20:42 - 2020-11-17 23:28 - 000000016 _____ () C:\Users\Ardit Miftari\AppData\Roaming\obs-virtualcam.txt

2020-04-28 19:56 - 2020-04-28 20:31 - 000002701 _____ () C:\Users\Ardit Miftari\AppData\Roaming\vidiot.ini

2020-08-09 17:42 - 2020-08-09 17:42 - 000002384 _____ () C:\Users\Ardit Miftari\AppData\Local\recently-used.xbel
 

==================== SigCheck ============================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

==================== Ende von FRST.txt ========================

Addition.txt

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-06-2021

durchgeführt von Ardit Miftari (17-06-2021 15:35:43)

Gestartet von C:\Users\Ardit Miftari\Downloads

Windows 10 Pro Version 21H1 19043.1055 (X64) (2020-06-13 06:57:55)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-4217039005-3467349251-1090194598-500 - Administrator - Disabled)

Ardit Miftari (S-1-5-21-4217039005-3467349251-1090194598-1001 - Administrator - Enabled) => C:\Users\Ardit Miftari

DefaultAccount (S-1-5-21-4217039005-3467349251-1090194598-503 - Limited - Disabled)

Gast (S-1-5-21-4217039005-3467349251-1090194598-501 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-4217039005-3467349251-1090194598-504 - Limited - Disabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

7+ Taskbar Tweaker v5.11.2 (HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\7 Taskbar Tweaker) (Version: 5.11.2 - RaMMicHaeL)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)

AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.)

AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) Hidden

AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.3.0 - AnyDesk Software GmbH)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)

CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)

CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)

CopyTrans HEIC for Windows (HKLM\...\CopyTrans HEIC for Windows_is1) (Version: 1.0.0.8 - Ursa Minor Ltd)

Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.22 - GOG.com)

Discord (HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)

Epic Games Launcher (HKLM-x32\...\{F25ACB37-FF26-467D-B5DA-15E81F4A1771}) (Version: 1.1.257.0 - Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

GameInput Redistributable (HKLM-x32\...\{AD78C5EF-EAAF-12E7-83A3-B335A79A3DB1}) (Version: 10.1.19041.1870 - Microsoft Corporation)

GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.106 - Google LLC)

Grand Theft Auto IV (HKLM-x32\...\Grand Theft Auto IV) (Version: 1.2.0.43 - Rockstar Games)

Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games)

HWiNFO64 Version 7.04 (HKLM\...\HWiNFO64_is1) (Version: 7.04 - Martin Malik - REALiX)

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)

Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.6.4851 - Logitech)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.48 - Microsoft Corporation)

Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.48 - Microsoft Corporation)

Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.14026.20270 - Microsoft Corporation)

Microsoft Teams (HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)

Microsoft Windows Desktop Runtime - 3.1.16 (x64) (HKLM-x32\...\{7635b666-ba98-4293-ab6c-5158c0cf5d8c}) (Version: 3.1.16.30112 - Microsoft Corporation)

Microsoft Windows Desktop Runtime - 5.0.7 (x64) (HKLM-x32\...\{4545d600-b3a9-467c-a68b-e70ae51c8382}) (Version: 5.0.7.30113 - Microsoft Corporation)

Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)

Monopoly Plus (HKLM-x32\...\Uplay Install 3774) (Version:  - Ubisoft)

Mp3tag v3.00 (HKLM-x32\...\Mp3tag) (Version: 3.00 - Florian Heidenreich)

MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)

Need for Speed Carbon Version 1.4 (HKLM-x32\...\Need for Speed Carbon_is1) (Version: 1.4 - EA Games)

Need for Speed Most Wanted 2005 Version 1.3 (HKLM-x32\...\Need for Speed Most Wanted 2005_is1) (Version: 1.3 - EA Games)

Need for Speed Underground 2 Version 1.2 (HKLM-x32\...\Need for Speed Underground 2_is1) (Version: 1.2 - EA Games)

Need for Speed Underground Version 1.4 (HKLM-x32\...\Need for Speed Underground_is1) (Version: 1.4 - EA Games)

Need for Speed™ Hot Pursuit Remastered (HKLM-x32\...\{F28231EF-0D0C-41AD-9020-2B993F797F7A}) (Version: 1.0.0.23890 - Electronic Arts, Inc.)

Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)

Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.0 - Notepad++ Team)

NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)

NVIDIA Grafiktreiber 466.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.47 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)

NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

OpenIV (HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\OpenIV) (Version: 4.0.1.1452 - .black/OpenIV Team)

Origin (HKLM-x32\...\Origin) (Version: 10.5.100.48178 - Electronic Arts, Inc.)

paint.net (HKLM\...\{1A59F8A6-6AB4-4522-9340-F420B9155A31}) (Version: 4.2.16 - dotPDN LLC)

PDF24 Creator 10.0.11 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.11 - PDF24.org)

Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden

PS Remote Play (HKLM-x32\...\{899B5915-9704-4267-9768-0C1CC59D9B46}) (Version: 4.1.0.04020 - Ihr Firmenname)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9049.1 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek)

Reset Windows Update Tool (HKLM\...\Reset Windows Update Tool11.0.0.9) (Version: 11.0.0.9 - Manuel Gil)

RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)

Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.41.364 - Rockstar Games)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)

Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.3.0.330 - Samsung Electronics)

Samsung NVM Express Driver (HKLM-x32\...\{ff94c273-58d5-40b5-b03a-9bd41d5cff1e}) (Version: 3.3.0.2003 - Samsung Electronics)

Samsung NVM Express Driver 3.3.0.2003 (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: 3.3.0.2003 - Samsung Electronics Co., Ltd) Hidden

Spotify (HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\Spotify) (Version: 1.1.60.668.gff09d345 - Spotify AB)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 104.1 - Ubisoft)

UNO (HKLM-x32\...\Uplay Install 3352) (Version:  - Ubisoft)

VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)

Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)

WinRAR 6.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
 

Packages:

=========

1938 MG TA Midget -> C:\Program Files\WindowsApps\Microsoft.MGTA38_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

1966 Volkswagen Double Cab Pick-Up -> C:\Program Files\WindowsApps\Microsoft.VWDoubleCab61_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

1970 Triumph TR6 PI -> C:\Program Files\WindowsApps\Microsoft.TRITR670_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

1972 Lamborghini Jarama S -> C:\Program Files\WindowsApps\Microsoft.LAMJarama76_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

2017 Ferrari GTC4Lusso -> C:\Program Files\WindowsApps\Microsoft.ERGTC4Lusso_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

2018 Chevrolet Camaro ZL1 1LE -> C:\Program Files\WindowsApps\Microsoft.CHECamaro1LE18_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

2018 Morgan Aero GT -> C:\Program Files\WindowsApps\Microsoft.MORAeroGT19_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

2019 Chevrolet Corvette ZR1 -> C:\Program Files\WindowsApps\Microsoft.CHECorvetteZR_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 3 -> C:\Program Files\WindowsApps\Microsoft.OpusPG_1.0.125.2_x64__8wekyb3d8bbwe [2021-05-18] (Microsoft Studios)

Forza Horizon 4  1965 Peel Trident -> C:\Program Files\WindowsApps\Microsoft.PEETrident_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4  2005 Honda NSX-R GT -> C:\Program Files\WindowsApps\Microsoft.HONNSXRGT_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.470.573.2_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Studios)

Forza Horizon 4 1929 Mercedes-Benz SSK -> C:\Program Files\WindowsApps\Microsoft.MercedesBenzSSK_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1953 Jaguar C-Type -> C:\Program Files\WindowsApps\Microsoft.JAGCType_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1959 Cadillac Eldorado Biarritz Convertible -> C:\Program Files\WindowsApps\Microsoft.CADElDorado_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1959 Porsche 356A Coupe -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon41959Porsche356ACoupe_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1962 Triumph TR3B -> C:\Program Files\WindowsApps\Microsoft.TriumphTR3B_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1963 Opel Kadett A -> C:\Program Files\WindowsApps\Microsoft.OpelKadettA_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1965 Ford Transit -> C:\Program Files\WindowsApps\Microsoft.FORTransit_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1966 Hillman Imp -> C:\Program Files\WindowsApps\Microsoft.SUNImp_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1968 Ford Mustang GT 2+2 Fastback -> C:\Program Files\WindowsApps\Microsoft.FORMustangGT390_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1974 Honda Civic RS -> C:\Program Files\WindowsApps\Microsoft.HONCivicRS_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1977 Hoonigan Ford Gymkhana 10 F-150 -> C:\Program Files\WindowsApps\Microsoft.FordGymkhana_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1985 Porsche #186 959 Paris-Dakar -> C:\Program Files\WindowsApps\Microsoft.Porsche186ParisDakar_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1993 Hoonigan Ford Escort Cosworth Group A -> C:\Program Files\WindowsApps\Microsoft.HooniganFordEscort_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 1993 Porsche 968 Turbo S -> C:\Program Files\WindowsApps\Microsoft.POR968TurboS_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2002 Mazda RX-7 Spirit R Type-A -> C:\Program Files\WindowsApps\Microsoft.MazdaRX7SpiritR_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2003 Honda S2000 -> C:\Program Files\WindowsApps\Microsoft.HondaS2000_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2004 Vauxhall VX220 -> C:\Program Files\WindowsApps\Microsoft.VauxhallVX220_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2005 Ferrari FXX -> C:\Program Files\WindowsApps\Microsoft.FerrariFXX_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2010 Vauxhall Insignia VXR -> C:\Program Files\WindowsApps\Microsoft.VauxhallInsigniaVXR_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2012 Lamborghini Gallardo LP570-4 Spyder Performante -> C:\Program Files\WindowsApps\Microsoft.LamborghiniGallardoLP5704_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2014 McLaren 650S Spider -> C:\Program Files\WindowsApps\Microsoft.MCL650SSpider_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2016 Honda Civic Coupe GRC -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42016HondaCivicCoupeGRC_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2017 Koenigsegg Agera RS -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42017KoenigseggAgeraRS_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2018 Alfa Romeo Stelvio Quadrifoglio -> C:\Program Files\WindowsApps\Microsoft.AlfaStevio_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2018 Aston Martin Vantage -> C:\Program Files\WindowsApps\Microsoft.ASTVantage18_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2018 Can-Am Maverick X3 X RS Turbo R -> C:\Program Files\WindowsApps\Microsoft.CanAmMaverick_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2018 Chevrolet Silverado 1500 DeBerti Design Drift Truck -> C:\Program Files\WindowsApps\Microsoft.CHEDebertiDriftTruck_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2018 Ford Deberti Design Mustang Fastback -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon2018FordDebertiDesignMustang_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2018 Nissan SentraNismo -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42018NissanSentraNismo_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2018 TVR Griffith -> C:\Program Files\WindowsApps\Microsoft.TVRGriffith18_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2019 BMW i8 Roadster -> C:\Program Files\WindowsApps\Microsoft.BMWi8Roadster_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 2019 Porsche 911 Carrera S -> C:\Program Files\WindowsApps\Microsoft.POR992_1.0.0.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 Barrett Jackson Car Pack -> C:\Program Files\WindowsApps\Microsoft.BJCarPack_1.0.1.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 Best of Bond Car Pack -> C:\Program Files\WindowsApps\Microsoft.Day1CarPackBits_1.0.5.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 Fortune Island -> C:\Program Files\WindowsApps\Microsoft.Expansion1_1.225.171.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 LEGO Speed Champions -> C:\Program Files\WindowsApps\Microsoft.Expansion2_1.312.645.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 4 VIP -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon4VIP_1.0.3.2_neutral__8wekyb3d8bbwe [2020-03-04] (Microsoft Studios)

Forza Horizon 5 -> C:\Program Files\WindowsApps\Mutable\Microsoft.624F8B84B80_3.337.800.0_x64__8wekyb3d8bbwe [2021-06-14] (Microsoft Studios)

Forza Horizon 5 Expansion 1 -> C:\Program Files\WindowsApps\Microsoft.Expansion1FH5_1.0.0.0_x64__8wekyb3d8bbwe [2021-06-14] (Microsoft Studios)

Forza Horizon 5 Expansion 2 -> C:\Program Files\WindowsApps\Microsoft.Expansion2FH5_1.0.0.0_x64__8wekyb3d8bbwe [2021-06-14] (Microsoft Studios)

Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-06-09] (Microsoft Corporation)

HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.41531.0_x64__8wekyb3d8bbwe [2021-06-14] (Microsoft Corporation)

Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-10] (Microsoft Corporation)

NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-27] (NVIDIA Corp.)

Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-06-09] (Microsoft Corporation)

Xbox Zubehör -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2105.20001.0_x64__8wekyb3d8bbwe [2021-06-08] (Microsoft Corporation)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-4217039005-3467349251-1090194598-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Ardit Miftari\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-4217039005-3467349251-1090194598-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Ardit Miftari\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-06-06] (Notepad++ -> )

ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-01-23] (Florian Heidenreich) [Datei ist nicht signiert]

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-01-23] (Florian Heidenreich) [Datei ist nicht signiert]

ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-01-23] (Florian Heidenreich) [Datei ist nicht signiert]

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvgbdi.inf_amd64_c55c14bb1220491a\nvshext.dll [2021-05-13] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
 

==================== Codecs (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]

HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [Datei ist nicht signiert]

HKLM\...\Drivers32: [VIDC.LAGS] => c:\windows\system32\lagarith.dll [148992 2012-05-18] () [Datei ist nicht signiert]

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [Datei ist nicht signiert]
 

==================== Verknüpfungen & WMI ========================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

Shortcut: C:\Users\Ardit Miftari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reset Windows Update Tool\reset-settings.lnk -> C:\Program Files\wureset\wureset\bin\reset-settings.bat ()
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
 

2021-06-10 14:01 - 2021-06-10 14:00 - 000634880 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node

2020-01-23 17:55 - 2020-01-23 17:55 - 000424448 _____ (Florian Heidenreich) [Datei ist nicht signiert] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll

2020-04-18 16:27 - 2020-04-18 16:27 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll

2020-04-18 16:27 - 2020-04-18 16:27 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

2021-06-10 14:28 - 2021-06-10 14:28 - 000307200 _____ (RaMMicHaeL) [Datei ist nicht signiert] C:\Users\Ardit Miftari\AppData\Roaming\7+ Taskbar Tweaker\inject.dll

2020-03-03 23:16 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll

2020-03-03 23:16 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll

2020-03-03 23:16 - 2020-03-03 23:16 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll

2021-05-26 19:05 - 2020-03-03 23:16 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll

2021-05-26 19:05 - 2020-03-03 23:16 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll

2021-05-26 19:05 - 2020-03-03 23:16 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll

2021-05-26 19:05 - 2020-03-03 23:16 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll

2021-05-26 19:05 - 2020-03-03 23:16 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll

2021-05-26 19:05 - 2020-03-03 23:16 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [492]
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
 

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
 

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D112620-A9FCDBB39EF&form=CONMHP&conlogo=CT3335799

SearchScopes: HKU\S-1-5-21-4217039005-3467349251-1090194598-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D112620-N0700A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={searchTerms}

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-04-24] (Oracle America, Inc. -> Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-24] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\localhost -> localhost
 

==================== Hosts Inhalt: =========================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2019-03-19 06:49 - 2021-06-16 17:23 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
 

2020-03-04 12:41 - 2020-03-04 12:41 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

172.18.22.1 DESKTOP-639FTJU.mshome.net # 2025 3 1 3 10 41 0 597
 

==================== Andere Bereiche ===========================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\common files\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files\nvidia corporation\nvidia nvdlisr;%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;%systemroot%\system32\windowspowershell\v1.0\;%systemroot%\system32\openssh\;c:\program files\dotnet\;c:\android;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\wureset

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\Control Panel\Desktop\\Wallpaper -> D:\Bilder\Hintergrundbilder\studio_170_v008.jpg

DNS Servers: 192.168.178.1 - 1.1.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )

 ist aktiviert.
 

Network Binding:

=============

LAN-Verbindung: Steam Xbox Controller Enhanced Features Driver -> steamxboxndi (enabled) 
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

MSCONFIG\Services: AppServicea => 2

MSCONFIG\Services: AppServiceb => 2

MSCONFIG\Services: AppServicec => 2

MSCONFIG\Services: AppServiced => 2

MSCONFIG\Services: AppServicee => 2

MSCONFIG\Services: AppServicef => 2

MSCONFIG\Services: AppServiceg => 2

MSCONFIG\Services: AppServiceh => 2

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\StartupApproved\Run: => "vidnotifier.exe"

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\StartupApproved\Run: => "Web Companion"

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\StartupApproved\Run: => "reWASD Tray Agent"

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

HKU\S-1-5-21-4217039005-3467349251-1090194598-1001\...\StartupApproved\Run: => "SmallDarkness"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{1E947BB3-BA72-4AD8-9C40-08C8BEC0DAAE}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [{54021906-0898-44DE-B905-4C03AA211B23}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [{3C47E0F8-32F3-44D1-8B1A-5DF60E0F1A37}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [{EBB263C5-869A-47D8-881F-8DB73A9946D7}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [UDP Query User{65DEDF9D-DD33-4954-AA40-99B4DFC0D930}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe

FirewallRules: [TCP Query User{50EF5E2F-D9DE-4F72-997A-B91B7FBE56C5}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe

FirewallRules: [{40A4D79A-CA3C-4377-BCA4-39501E10C778}] => (Allow) D:\Programme\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe (BeamNG GmbH -> BeamNG GmbH)

FirewallRules: [{66707EB1-6B0D-4132-AC8C-B059508564B6}] => (Allow) D:\Programme\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe (BeamNG GmbH -> BeamNG GmbH)

FirewallRules: [UDP Query User{BFAE1A33-FBF6-456D-991F-4F2BB3A80CB1}D:\programme\fivem\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\programme\fivem\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Datei ist nicht signiert]

FirewallRules: [TCP Query User{CA02D944-6E02-4540-A3F4-024BF1FD6712}D:\programme\fivem\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\programme\fivem\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Datei ist nicht signiert]

FirewallRules: [UDP Query User{BE9F3EFF-D360-44BD-863E-59CC57EF7207}D:\programme\fivem\fivem.exe] => (Allow) D:\programme\fivem\fivem.exe (Intricus Software Limited -> Cfx.re)

FirewallRules: [TCP Query User{CDD52EDC-162B-4476-913C-74AC916AEBA2}D:\programme\fivem\fivem.exe] => (Allow) D:\programme\fivem\fivem.exe (Intricus Software Limited -> Cfx.re)

FirewallRules: [{9C24B876-947B-450D-A72D-7CA000BBBBD9}] => (Allow) D:\Programme\Ubisoft\Monopoly Plus\Monopoly.exe (Ubisoft Entertainment -> Asobo Studio)

FirewallRules: [{377BA4E9-7452-4F65-A2F3-5DBD8F7A0FC5}] => (Allow) D:\Programme\Ubisoft\UNO\uno.exe (UBISOFT ENTERTAINMENT INC. -> )

FirewallRules: [{4D97BCB3-189A-417F-B1BF-03CFEB5766BF}] => (Allow) D:\Programme\Ubisoft\UNO\uno.exe (UBISOFT ENTERTAINMENT INC. -> )

FirewallRules: [{E64A682E-AD93-4D64-9496-73F3A19CFAFF}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)

FirewallRules: [{4CF4D77B-6C7C-4E56-8562-5A302957F699}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)

FirewallRules: [{59CF2728-8F96-4B7B-8C47-AB78DB9107C5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{ADE1EAD7-21DF-4158-91FF-14B42C3844A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{08C2220A-7034-450A-9E93-081A7D92B11C}] => (Allow) C:\Program Files\Rockstar Games\Launcher\Launcher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{8F2A8AC5-19EF-48B6-A3AD-2340BF819F22}] => (Allow) C:\Program Files\Rockstar Games\Launcher\Launcher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{49910D42-6265-4ECF-AE18-12BCA62791D9}] => (Allow) C:\Program Files\Rockstar Games\Launcher\Launcher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{D9C5ADDD-CDFA-43EE-89EF-60335EC456DC}] => (Allow) C:\Program Files\Rockstar Games\Launcher\Launcher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{F68340AD-F439-4372-A752-E67790A9E50F}] => (Allow) D:\Programme\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )

FirewallRules: [{F4F60BE5-FA6A-4F0E-9989-4773B0A1F13E}] => (Allow) D:\Programme\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )

FirewallRules: [UDP Query User{585D7533-3D81-4980-AEDC-5DD6E0D17C2A}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [TCP Query User{B857FE8D-86FF-4B45-8379-5A3C7F503766}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [UDP Query User{4E749E11-D207-45A1-9C87-9F4F1B79C822}C:\users\ardit miftari\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ardit miftari\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User{1D944284-9B18-4CCC-BFC3-2515E2520C48}C:\users\ardit miftari\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ardit miftari\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{2302CA6F-8C7D-4EDA-B025-1607F8B6198D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)

FirewallRules: [{DC680777-FFEB-4512-9CEF-A0B0B78AAC22}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)

FirewallRules: [{A9CBAF01-32DD-4144-93FF-66AE4579B325}] => (Allow) D:\Programme\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe (Electronic Arts -> Electronic Arts)

FirewallRules: [{7F154C47-265A-4EAF-81BF-CAC73DCEC38F}] => (Allow) D:\Programme\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe (Electronic Arts -> Electronic Arts)

FirewallRules: [{C1E65A61-8064-4FFD-86BB-86CD0B1B3251}] => (Allow) C:\Program Files\LGHUB\lghub.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [{16703135-8AAB-4F13-9A00-076D6E0C9F2D}] => (Allow) C:\Program Files\LGHUB\lghub.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [{643AFD44-B9FC-4C5D-BF57-DE491AA15E12}] => (Allow) C:\Program Files\LGHUB\lghub.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [{55E7DBA3-D629-45AE-B7DC-BBB21598164F}] => (Allow) C:\Program Files\LGHUB\lghub.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [TCP Query User{966F4E4D-63B3-4F99-85DD-2337D932D45D}D:\programme\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\programme\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [UDP Query User{BF416180-0A64-4C5D-BAEE-D32F9AA1A24D}D:\programme\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\programme\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [{89833625-8D3A-4497-A4BE-455895D0C6BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{043BFE38-E3E9-4640-9951-5BBFEB4EA550}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [TCP Query User{38A4E2BD-3696-4558-90F9-A22F67F80679}C:\users\ardit miftari\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ardit miftari\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query User{49FF094F-F151-489B-933A-EEF06C308500}C:\users\ardit miftari\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ardit miftari\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{03DC5C6D-58DD-4E8C-A125-8ECD3FBAC7DE}D:\programme\gog galaxy\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\programme\gog galaxy\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)

FirewallRules: [UDP Query User{116B3CDA-8DD1-415A-8880-4CA25228257A}D:\programme\gog galaxy\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\programme\gog galaxy\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)

FirewallRules: [{DC869A31-E8D9-424C-9BBF-191C79C202A3}] => (Allow) D:\Programme\Steam\steamapps\common\DiRT 4\dirt4.exe (Codemasters Software Company Limited) [Datei ist nicht signiert]

FirewallRules: [{01FA0411-82C2-440A-B469-0B5C2286E0E1}] => (Allow) D:\Programme\Steam\steamapps\common\DiRT 4\dirt4.exe (Codemasters Software Company Limited) [Datei ist nicht signiert]

FirewallRules: [{9E361090-1066-4827-A7D4-5F8777A796C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{450814C6-8FA0-41FE-ABB2-9A42DCF2E1D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{851949FB-DEB7-4DCE-8919-283BD5B4F018}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{8B4118F1-B5DF-4F2E-804B-B925B233A31E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{31ED3B78-03AF-495A-AA3D-13822DCB5090}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{BCC403CF-CB4E-4842-A29B-61546DFA4564}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{5FAEFD5E-8E0F-4517-A4F3-950FA029B372}] => (Allow) D:\Programme\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe (Electronic Arts, Inc. -> Electronic Arts)

FirewallRules: [{4D354EA1-5F18-4C94-9322-A0272649F61F}] => (Allow) D:\Programme\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe (Electronic Arts, Inc. -> Electronic Arts)

FirewallRules: [{B425DFD7-82FD-4FBA-A450-48D22EFC5A86}] => (Allow) C:\Program Files (x86)\Sony\PS Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)

FirewallRules: [TCP Query User{94295317-C9BB-4982-9CD2-995BDEA53E21}D:\programme\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\programme\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [UDP Query User{DE73298B-FA84-4647-B01E-5C10095ACD34}D:\programme\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\programme\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{138F7A44-C779-4848-84C7-C1617E88DCB6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

FirewallRules: [{10E0C811-AF6A-49B5-A793-76A92559307D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

FirewallRules: [{C736C164-E8F1-47DC-901D-B485B38ED4F9}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]

FirewallRules: [{B10FEA34-5C08-42A3-818F-FC1B0C232D16}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]

FirewallRules: [{02E45C88-B6AB-4D53-9166-9713466B51E0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{5180176C-688E-4DA7-9DE1-FDF5B1E4D8F1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{B4777E65-E74C-42AB-BC06-6EA251BF8F0B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{BDE63510-8F90-405D-A6BA-9914BC887188}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

FirewallRules: [{94E28190-A26C-4412-A230-B5ED949F4A8B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

FirewallRules: [{BB7CCBEF-67A1-4A97-81B7-DF4EBC1B0149}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

FirewallRules: [{2BED7326-3F32-4165-AFEC-401E31AB5216}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

FirewallRules: [{0D4BC8B2-06AB-448E-A8A2-1F3A316644AF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )

FirewallRules: [{21FA4D08-B6B4-426C-8029-2EBD72886A8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )

FirewallRules: [{2551DA08-3CB8-4B9B-BB67-8B155D3E7D97}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )

FirewallRules: [{537605DE-9A1F-4C0A-86BC-7EE426655D6C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )

FirewallRules: [{9ADA1E90-2CCB-4D44-9B31-47C3AA336A7F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)

FirewallRules: [{98E0EB72-9D64-4B3E-88B0-B8459DAA21AA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)

FirewallRules: [{008770EB-B75A-478A-948C-E76989865987}] => (Allow) D:\Programme\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)

FirewallRules: [{9E36FAD4-C3FB-4D98-BB04-91558B95E5E4}] => (Allow) D:\Programme\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)

FirewallRules: [{7D5D4470-B271-4E51-9682-84F8843DF946}] => (Allow) D:\Programme\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)

FirewallRules: [{24D64AA0-9A35-43BF-80E6-325AF0A8D2A7}] => (Allow) D:\Programme\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)

FirewallRules: [{E2AEFC4E-8F64-4DB9-9CCF-F5B381926134}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.48\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{6EDBEB6A-7D23-4803-B750-B74B1EDFD42D}] => (Allow) D:\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

FirewallRules: [{DE50F85A-0828-4796-B718-80433ED072F6}] => (Allow) D:\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

FirewallRules: [{63279127-8075-48AB-8929-0E7B16F3278B}] => (Allow) D:\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

FirewallRules: [{27D0696E-CD0C-490D-8619-D35AC3318B04}] => (Allow) D:\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

FirewallRules: [{540EF4C3-B467-4CFE-A0E0-D5626C7A0E0F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [{622FC40F-2D26-4E3C-8EDF-028EA154AB42}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{5EB009B0-FD44-432D-B7F5-24425F03C3FF}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{34314460-75F6-4C6E-AE2B-F880D681D8F1}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{1CC7EA2A-EB89-42A6-BE91-2B4F753C7C08}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{36575BFA-0169-4B70-9B09-DB113722E34D}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
 

==================== Wiederherstellungspunkte =========================
 

16-06-2021 17:25:27 Wiederherstellungsvorgang
 

==================== Fehlerhafte Geräte im Gerätemanager ============
 

Name: PS/2-Standardtastatur

Description: PS/2-Standardtastatur

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standardtastaturen)

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

Name: Microsoft PS/2-Maus

Description: Microsoft PS/2-Maus

Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 

==================== Fehlereinträge in der Ereignisanzeige: ========================
 

Applikationsfehler:

==================

Error: (06/17/2021 03:16:35 PM) (Source: VSS) (EventID: 8193) (User: )

Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.

.
 

Error: (06/17/2021 03:16:35 PM) (Source: VSS) (EventID: 13) (User: )

Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.

]
 
 

Systemfehler:

=============

Error: (06/17/2021 03:35:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 

Das System kann die angegebene Datei nicht finden.
 

Error: (06/17/2021 03:35:23 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (06/17/2021 03:33:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 

Das System kann die angegebene Datei nicht finden.
 

Error: (06/17/2021 03:33:23 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (06/17/2021 03:31:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 

Das System kann die angegebene Datei nicht finden.
 

Error: (06/17/2021 03:31:23 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (06/17/2021 03:29:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 

Das System kann die angegebene Datei nicht finden.
 

Error: (06/17/2021 03:29:23 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
 

Windows Defender:

================

Date: 2021-06-17 14:37:56

Description: 

Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.

Weitere Informationen:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0

Name: Trojan:Win32/Tiggre!rfn

Schweregrad: Schwerwiegend

Kategorie: Trojaner

Pfad: file:_C:\Windows\System32\X42VB2LUM4.tmp; service:_AppServicea; service:_AppServiceb; service:_AppServicec; service:_AppServiced; service:_AppServicee; service:_AppServicef; service:_AppServiceg; service:_AppServiceh; service:_AppServicei; service:_AppServicej; service:_AppServicek; service:_AppServicel; service:_AppServicem; service:_AppServicen; service:_AppServiceo; service:_AppServicep; service:_AppServiceq; service:_AppServicer; service:_AppServices; service:_AppServicet; service:_AppServiceu; service:_AppServicev; service:_AppServicew

Erkennungsursprung: Lokaler Computer

Erkennungstype: Konkret

Erkennungsquelle: Echtzeitschutz

Benutzer: ADMINISTRATOR\Ardit Miftari

Prozessname: C:\Users\Ardit Miftari\Downloads\FRST64.exe

Sicherheitsversion: AV: 1.341.842.0, AS: 1.341.842.0, NIS: 1.341.842.0

Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4
 

Date: 2021-06-17 14:37:33

Description: 

Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.

Weitere Informationen:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0

Name: Trojan:Win32/Tiggre!rfn

Schweregrad: Schwerwiegend

Kategorie: Trojaner

Pfad: file:_C:\Windows\System32\X42VB2LUM4.tmp

Erkennungsursprung: Lokaler Computer

Erkennungstype: Konkret

Erkennungsquelle: Echtzeitschutz

Benutzer: ADMINISTRATOR\Ardit Miftari

Prozessname: C:\Users\Ardit Miftari\Downloads\FRST64.exe

Sicherheitsversion: AV: 1.341.842.0, AS: 1.341.842.0, NIS: 1.341.842.0

Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4
 

Date: 2021-06-17 09:24:14

Description: 

Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.

Überprüfungs-ID: {6508AA03-A9D5-468A-9761-431B98378842}

Überprüfungstyp: Antimalware

Überprüfungsparameter: Schnellüberprüfung

Benutzer: NT-AUTORITÄT\SYSTEM
 

Date: 2021-06-17 09:04:21

Description: 

Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.

Weitere Informationen:

https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/InstallCore&threatid=213927&enterprise=0

Name: PUA:Win32/InstallCore

Schweregrad: Niedrig

Kategorie: Potenziell unerwünschte Software

Pfad: containerfile:_D:\Spiele\PC\Grand Theft Auto San Andreas\Grand Theft Auto San Andreas.iso; file:_D:\Spiele\PC\Grand Theft Auto San Andreas\Grand Theft Auto San Andreas.iso->\HOODLUM\hlm-intro.exe

Erkennungsursprung: Lokaler Computer

Erkennungstype: Konkret

Erkennungsquelle: Benutzer

Benutzer: ADMINISTRATOR\Ardit Miftari

Prozessname: Unknown

Sicherheitsversion: AV: 1.341.842.0, AS: 1.341.842.0, NIS: 1.341.842.0

Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4
 

Date: 2021-06-17 08:17:22

Description: 

Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.

Weitere Informationen:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0

Name: Trojan:Win32/Tiggre!rfn

Schweregrad: Schwerwiegend

Kategorie: Trojaner

Pfad: file:_C:\WINDOWS\system32\X42VB2LUM4.tmp; service:_AppServicea; service:_AppServiceb; service:_AppServicec; service:_AppServiced; service:_AppServicee; service:_AppServicef; service:_AppServiceg; service:_AppServiceh; service:_AppServicei; service:_AppServicej; service:_AppServicek; service:_AppServicem; service:_AppServicen; service:_AppServiceo; service:_AppServicep; service:_AppServiceq; service:_AppServicer; service:_AppServices; service:_AppServicet

Erkennungsursprung: Lokaler Computer

Erkennungstype: Konkret

Erkennungsquelle: Benutzer

Benutzer: ADMINISTRATOR\Ardit Miftari

Prozessname: Unknown

Sicherheitsversion: AV: 1.341.842.0, AS: 1.341.842.0, NIS: 1.341.842.0

Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4
 

Date: 2021-06-17 14:31:20

Description: 

Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.

Neue Version der Sicherheitsinformationen: 

%Vorherige Version der Sicherheitsinformationen: 1.341.842.0

Update Source: Microsoft Update-Server

Sicherheitstyp: AntiVirus

Updatetyp: Voll

Benutzer: NT-AUTORITÄT\SYSTEM

Aktuelle Modulversion: 

%Vorherige Modulversion: 1.1.18200.4

Fehlercode: 0x80080005

Fehlerbeschreibung: Starten des Servers fehlgeschlagen 
 

Date: 2021-06-17 08:24:23

Description: 

Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.

Neue Version der Sicherheitsinformationen: 

%Vorherige Version der Sicherheitsinformationen: 1.341.842.0

Update Source: Microsoft Update-Server

Sicherheitstyp: AntiVirus

Updatetyp: Voll

Benutzer: NT-AUTORITÄT\SYSTEM

Aktuelle Modulversion: 

%Vorherige Modulversion: 1.1.18200.4

Fehlercode: 0x80070057

Fehlerbeschreibung: Falscher Parameter. 
 

Date: 2021-06-16 19:44:25

Description: 

Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.

Neue Version der Sicherheitsinformationen: 

%Vorherige Version der Sicherheitsinformationen: 1.341.842.0

Update Source: Microsoft Update-Server

Sicherheitstyp: AntiVirus

Updatetyp: Voll

Benutzer: NT-AUTORITÄT\SYSTEM

Aktuelle Modulversion: 

%Vorherige Modulversion: 1.1.18200.4

Fehlercode: 0x80070057

Fehlerbeschreibung: Falscher Parameter. 
 

CodeIntegrity:

===============

Date: 2021-05-14 09:48:52

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\reWASD\reWASDTray.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

Date: 2021-04-24 19:51:08

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

BIOS: American Megatrends International, LLC. 3.B2 04/13/2021

Hauptplatine: Micro-Star International Co., Ltd B450 TOMAHAWK MAX (MS-7C02)

Prozessor: AMD Ryzen 5 3600 6-Core Processor 

Prozentuale Nutzung des RAM: 33%

Installierter physikalischer RAM: 16309.38 MB

Verfügbarer physikalischer RAM: 10860.86 MB

Summe virtueller Speicher: 18741.38 MB

Verfügbarer virtueller Speicher: 11410.96 MB
 

==================== Laufwerke ================================
 

Drive c: (Windows) (Fixed) (Total:465.13 GB) (Free:237.13 GB) NTFS

Drive d: (Daten) (Fixed) (Total:931.5 GB) (Free:295.85 GB) NTFS
 

\\?\Volume{5cd3d376-c627-4e17-91fe-535fc576896d}\ (Wiederherstellung) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

\\?\Volume{f73dc943-8246-53ac-e348-eb4c7c1b30a1}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS

\\?\Volume{2c8d4a56-5754-8dc0-bdb2-51d4222273ae}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS

\\?\Volume{5a1847b4-f61e-e681-1673-885e9dc9b270}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS

\\?\Volume{b2d03a4d-75d0-4e8e-ae70-ac62292e1ed5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 

==================== MBR & Partitionstabelle ====================
 

==========================================================

Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==========================================================

Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
 

Partition: GPT.

Attempted reading MBR returned 0 bytes.

 Could not read MBR for disk 2.

Attempted reading MBR returned 0 bytes.

 Could not read MBR for disk 3.

Attempted reading MBR returned 0 bytes.

 Could not read MBR for disk 4.
 

==================== Ende von Addition.txt =======================

Ereignis von Windows Defender

Code:

Ebene        Datum und Uhrzeit        Quelle        Ereignis-ID        Aufgabenkategorie

Warnung        17.06.2021 14:37:56        Microsoft-Windows-Windows Defender        1116        Keine        "Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.

 Weitere Informationen:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0

         Name: Trojan:Win32/Tiggre!rfn

         ID: 2147723625

         Schweregrad: Schwerwiegend

         Kategorie: Trojaner

         Pfad: file:_C:\Windows\System32\X42VB2LUM4.tmp; service:_AppServicea; service:_AppServiceb; service:_AppServicec; service:_AppServiced; service:_AppServicee; service:_AppServicef; service:_AppServiceg; service:_AppServiceh; service:_AppServicei; service:_AppServicej; service:_AppServicek; service:_AppServicel; service:_AppServicem; service:_AppServicen; service:_AppServiceo; service:_AppServicep; service:_AppServiceq; service:_AppServicer; service:_AppServices; service:_AppServicet; service:_AppServiceu; service:_AppServicev; service:_AppServicew

         Erkennungsursprung: Lokaler Computer

         Erkennungstype: Konkret

         Erkennungsquelle: Echtzeitschutz

         Benutzer: ADMINISTRATOR\Ardit Miftari

         Prozessname: C:\Users\Ardit Miftari\Downloads\FRST64.exe

         Sicherheitsversion: AV: 1.341.842.0, AS: 1.341.842.0, NIS: 1.341.842.0

         Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4"

Shortcut.txt muss angehangen werden wg. maximaler Länge von 120000 Zeichen.

Hoffe, ihr könnt mir helfen.
LG