|
Alles rund um Windows: Windows 10 Bluescreen durch ntoskrnl.exe und Scans von Virenscanner verursachen teilweise Bluescreens oder stürzen abWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
31.05.2021, 08:43 | #1 |
| Problem: Windows 10 Bluescreen durch ntoskrnl.exe und Scans von Virenscanner verursachen teilweise Bluescreens oder stürzen ab Moin moin, ich hatte jetzt schon diverse unterschiedliche Bluescreens und meine Scans von Bitdefender wurden selten durch Bluescreens, häufig aber durch ein Abstürzen von Bitdefender unterbrochen ohne das Ergebnisse angezeigt wurden. Das macht mir doch etwas Sorge. Die Bluescreens wurden immer von ntoskrnl.exe laut BluescreenView verursacht. Fehler in der Reihenfolge in der sie aufgetreten sind KMODE_EXCEPTION_NOT_HANDLED KERNEL MODE HEAP CORRUPTION MEMORY_MANAGEMENT Ich weiß nicht ob das relevant dafür ist, aber ich dachte ich erwähne es lieber. Die Probleme fingen mit einem Bluescreen an, dann folgte nach 10min der zweite und der Memory kam dann erst gestern dazu. Nach den ersten beiden habe ich, entgegen meinem Wissen eigentlich, ein Tool zum Updaten von Treiber genutzt, nämlich Snappy Driver. Denn die Bluescreens sollten eventuell von altem Treiber verursacht werden. Norton Power Eraser und das Kaspersky Removal Tool habe nichts gefunden, bzw. Kaspersky ist auch erst abgestürzt beim Scannen. Als Anhang ist der System Analyzer Report von Kaspersky Removal Tool. Der ist entpackt leider zu groß und zu lang. Da ich weit über die Zeichen Grenze bin, muss ich auch Addition als Anhang posten. Ich hoffe ihr könnt mich beruhigen! Danke für eure Hilfe! FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2021 01 durchgeführt von segel (Administrator) auf GAME-PC (30-05-2021 21:16:34) Gestartet von C:\Users\segel\Downloads Geladene Profile: segel Platform: Windows 10 Pro Version 20H2 19042.1023 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Users\segel\AppData\Local\Temp\{70880cf1-6d2e-4e14-9794-905df6e0d920}\f3e4efa4.exe (Aqua Computer GmbH & Co.KG -> Aqua Computer GmbH & Co. KG) C:\Program Files\aquasuite\AquaComputerService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3> (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe (Discord Inc. -> Discord Inc.) C:\Users\segel\AppData\Local\Discord\app-1.0.9002\Discord.exe <6> (F.lux Software LLC -> f.lux Software LLC) C:\Users\segel\AppData\Local\FluxSoftware\Flux\flux.exe (FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18> (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_b5c7e9f1cc7d29c6\Display.NvContainer\NVDisplay.Container.exe <2> (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.) HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1310616 2019-05-20] (FileOpen Systems Inc. -> FileOpen Systems Inc.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3160256 2021-05-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1668000 2021-04-08] (Logitech Inc -> Logitech, Inc.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237432 2021-04-27] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Creative.SBCommand] => C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe [196096 2021-01-19] (Creative Technology Ltd) [Datei ist nicht signiert] HKLM\...\RunOnce: [3a508bad-89d8-42c5-b4a3-74408099bcef] => "C:\Users\segel\AppData\Local\Temp\{d13dad18-9bc0-421e-9daf-ef41c5b4d078}\3a508bad-89d8-42c5-b4a3-74408099bcef.cmd" <==== ACHTUNG HKLM\...\RunOnce: [a54deaed-f95f-4034-a1a0-e4f3df969d27] => "C:\Users\segel\AppData\Local\Temp\{416e2a85-c8ea-467e-b31d-8b2d1bdd2d9c}\a54deaed-f95f-4034-a1a0-e4f3df969d27.cmd" <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-210967507-139054641-1062387239-1001\...\Run: [f.lux] => C:\Users\segel\AppData\Local\FluxSoftware\Flux\flux.exe [1511824 2021-02-04] (F.lux Software LLC -> f.lux Software LLC) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-23] (Adobe Inc. -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-30] (Google LLC -> Google LLC) GroupPolicy: Beschränkung ? <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {10B09261-3470-4C89-8ABA-8536FAAC0147} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-07] (Mozilla Corporation -> Mozilla Foundation) Task: {20595CB1-EFC3-4530-A81D-CE23102D7EC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {265E142E-5066-4BCF-8B7B-396CADF68E7D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {3993DD9A-41E3-4419-987F-CC50AF735982} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender) Task: {45B8F956-BF2C-44B9-B0DF-2DF32DCC7EE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-25] (Google Inc -> Google Inc.) Task: {4D4C0A7C-C2E4-4A0E-9055-C7ECAE5F6C19} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {4E2B79EA-439A-48CE-9A0C-8672BC4DD09B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4EA62EF7-A1E8-43CC-B4CA-A3676D6E9F28} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-++++@yahoo.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {4FC3E326-0D10-4EE4-BB9A-33C4D6A1BB83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5B4068BF-941C-479C-BDB7-1E04F21D8B69} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-25] (Google Inc -> Google Inc.) Task: {6066DCFA-4AD1-4921-9951-237654A64CD2} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [791608 2021-03-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) Task: {7E8EAB01-18C6-4D81-A301-0195EA2B8716} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8AE4F76E-744C-445A-B526-51893F9DEC9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {942F0FC0-0438-4A1E-A5DC-D137B3D967A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {944090D2-0462-4B16-A3AA-74E2969B0CE1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147288 2021-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {A4391AA4-CA2E-43C0-A538-A589188A75B9} - System32\Tasks\G2MUploadTask-S-1-5-21-210967507-139054641-1062387239-1001 => C:\Users\segel\AppData\Local\GoToMeeting\19709\g2mupload.exe [31320 2021-05-29] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {A8819F0F-963A-4737-8431-E28148E23F8E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-210967507-139054641-1062387239-500 => C:\Users\segel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {B111393E-7E79-41F7-AD85-F764C62BBBE4} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe Task: {B6E490BF-56B1-45F0-BF38-E7CCE916C820} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1509248 2021-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {C5D83EB7-85EF-4523-B9C5-829B0288EA21} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [954456 2021-05-20] (Bitdefender SRL -> Bitdefender) Task: {DB989195-5753-471F-9A41-F690BD25F11C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {DD17E46A-4B27-4840-8E60-501346150B78} - System32\Tasks\G2MUpdateTask-S-1-5-21-210967507-139054641-1062387239-1001 => C:\Users\segel\AppData\Local\GoToMeeting\19709\g2mupdate.exe [31320 2021-05-29] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {E0891D0C-BE21-43FE-92D2-0E0069A48952} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FAFD2EBD-C72C-415B-9519-D39BB7B16EF4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147288 2021-05-24] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-210967507-139054641-1062387239-1001.job => C:\Users\segel\AppData\Local\GoToMeeting\19709\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-210967507-139054641-1062387239-1001.job => C:\Users\segel\AppData\Local\GoToMeeting\19709\g2mupload.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{61cf0b28-83c9-4426-ba87-2d377bf027c2}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: C:\Users\segel\Downloads Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge DefaultProfile: Default Edge Profile: C:\Users\segel\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-27] Edge DownloadDir: Default -> C:\Users\segel\Downloads Edge StartupUrls: Default -> "hxxps://banking.ing.de/app/obligo" Edge Extension: (HTTPS Everywhere) - C:\Users\segel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fchjpkplmbeeeaaogdbhjbgbknjobohb [2021-05-09] Edge Extension: (uBlock Origin) - C:\Users\segel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2021-05-27] FireFox: ======== FF DefaultProfile: qhwq5gae.default FF ProfilePath: C:\Users\segel\AppData\Roaming\Mozilla\Firefox\Profiles\qhwq5gae.default [2021-05-23] FF DownloadDir: C:\Users\segel\Downloads FF Homepage: Mozilla\Firefox\Profiles\qhwq5gae.default -> hxxps://www.computerbase.de/ FF NetworkProxy: Mozilla\Firefox\Profiles\qhwq5gae.default -> http_port", 1080 FF Notifications: Mozilla\Firefox\Profiles\qhwq5gae.default -> hxxps://www.mydealz.de^firstPartyDomain=mydealz.de FF Extension: (Dark Reader) - C:\Users\segel\AppData\Roaming\Mozilla\Firefox\Profiles\qhwq5gae.default\Extensions\addon@darkreader.org.xpi [2021-04-26] FF Extension: (HTTPS Everywhere) - C:\Users\segel\AppData\Roaming\Mozilla\Firefox\Profiles\qhwq5gae.default\Extensions\https-everywhere@eff.org.xpi [2021-04-16] FF Extension: (Decentraleyes) - C:\Users\segel\AppData\Roaming\Mozilla\Firefox\Profiles\qhwq5gae.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-11-25] FF Extension: (Neat URL) - C:\Users\segel\AppData\Roaming\Mozilla\Firefox\Profiles\qhwq5gae.default\Extensions\neaturl@hugsmile.eu.xpi [2020-06-26] FF Extension: (Skip Redirect) - C:\Users\segel\AppData\Roaming\Mozilla\Firefox\Profiles\qhwq5gae.default\Extensions\skipredirect@sblask.xpi [2021-03-29] FF Extension: (Smart Referer) - C:\Users\segel\AppData\Roaming\Mozilla\Firefox\Profiles\qhwq5gae.default\Extensions\smart-referer@meh.paranoid.pk.xpi [2020-04-24] FF Extension: (uBlock Origin) - C:\Users\segel\AppData\Roaming\Mozilla\Firefox\Profiles\qhwq5gae.default\Extensions\uBlock0@raymondhill.net.xpi [2021-05-07] FF Extension: (First Party Isolation) - C:\Users\segel\AppData\Roaming\Mozilla\Firefox\Profiles\qhwq5gae.default\Extensions\{33c93ccc-ceed-47d2-9645-805ea58c8a07}.xpi [2021-01-22] FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2020-07-16] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-08-21] FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi FF Extension: (Bitdefender Anti-Tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-10-19] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2020-07-22] [] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-09-13] <==== ACHTUNG (Zeigt auf eine *.cfg Datei) FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-09-13] <==== ACHTUNG Chrome: ======= CHR Profile: C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default [2021-05-30] CHR Notifications: Default -> hxxps://web.threema.ch; hxxps://www.mydealz.de CHR HomePage: Default -> hxxp://www.computerbase.de/ CHR StartupUrls: Default -> "hxxps://www.computerbase.de/" CHR Extension: (Google Übersetzer) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-04-19] CHR Extension: (Google Drive) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21] CHR Extension: (YouTube) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-25] CHR Extension: (uBlock Origin) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-07] CHR Extension: (HTTPS Everywhere) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2021-04-17] CHR Extension: (Skip Redirect) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaoafjdoijdconemdmodhbfpianehlon [2021-03-29] CHR Extension: (Neat URL) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jchobbjgibcahbheicfocecmhocglkco [2020-05-02] CHR Extension: (Decentraleyes) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2020-11-07] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Late Night) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm [2018-09-14] CHR Extension: (Google Mail) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\segel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-30] CHR Profile: C:\Users\segel\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-28] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 Aqua Computer Service; C:\Program Files\aquasuite\AquaComputerService.exe [1652616 2016-12-07] (Aqua Computer GmbH & Co.KG -> Aqua Computer GmbH & Co. KG) R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [798640 2021-04-20] (Bitdefender SRL -> Bitdefender) R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [798640 2021-04-20] (Bitdefender SRL -> Bitdefender) R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8634928 2020-05-14] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-24] (Microsoft Corporation -> Microsoft Corporation) R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [458240 2020-03-12] (Creative Technology Ltd) [Datei ist nicht signiert] R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [133080 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.) R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [397832 2019-05-20] (FileOpen Systems Inc. -> FileOpen Systems Inc.) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-05-26] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [301144 2021-05-20] (Bitdefender SRL -> Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [798640 2021-04-20] (Bitdefender SRL -> Bitdefender) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_b5c7e9f1cc7d29c6\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_b5c7e9f1cc7d29c6\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) U3 a2607cac; C:\WINDOWS\System32\Drivers\a2607cac.sys [127792 2021-05-30] (AO Kaspersky Lab -> AO Kaspersky Lab) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] (ASUSTeK Computer Inc. -> ) R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2718744 2021-03-24] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2021-04-20] (Bitdefender SRL -> Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender) R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2021-04-28] (Bitdefender SRL -> © Bitdefender SRL) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] [Datei wird verwendet] R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider) R2 CLFCL5.18; C:\WINDOWS\system32\DRIVERS\CLFCL5.18\000.fcl [46848 2018-04-19] (CyberLink Corp. -> CyberLink Corp.) R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1090416 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd) R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [53616 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159800 2021-04-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [488592 2021-04-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181072 2019-11-19] (GENESYS LOGIC, INC. -> Genesys Logic) R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [195232 2020-10-19] (Bitdefender SRL -> BitDefender LLC) R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185312 2020-12-14] (Bitdefender SRL -> Bitdefender) R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2021-05-30] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk]) U0 klupd_a2607caca_arkmon; C:\WINDOWS\System32\Drivers\klupd_a2607caca_arkmon.sys [263888 2021-05-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) U3 klupd_a2607caca_arkmon_58F37976; C:\KVRT2020_Data\Temp\58F379760B519E358F7C46FF4D7FB49E\klupd_a2607caca_arkmon.sys [263888 2021-05-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) U3 klupd_a2607caca_klark; C:\WINDOWS\System32\Drivers\klupd_a2607caca_klark.sys [309104 2021-05-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) U0 klupd_a2607caca_klbg; C:\WINDOWS\System32\Drivers\klupd_a2607caca_klbg.sys [115744 2021-05-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) U3 klupd_a2607caca_mark; C:\WINDOWS\System32\Drivers\klupd_a2607caca_mark.sys [224880 2021-05-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 MpKsl0de9d0a0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D973F2F7-380C-4E2B-960C-076EBB74148E}\MpKslDrv.sys [107744 2021-05-30] (Microsoft Windows -> Microsoft Corporation) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2021-05-24] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2021-05-24] (MiniTool Solution Ltd -> ) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R1 SMR523; C:\WINDOWS\System32\drivers\SMR523.SYS [119888 2020-12-14] (Symantec Corporation -> Symantec Corporation) R2 SSGDIO; C:\WINDOWS\SysWOW64\DRIVERS\ssgdio64.sys [14608 2020-03-12] (ATI Technologies, Inc -> ATI Technologies Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [641728 2021-03-24] (Bitdefender SRL -> Bitdefender) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-17] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-17] (Microsoft Windows -> Microsoft Corporation) S3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [121864 2021-03-17] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-05-30 21:16 - 2021-05-30 21:17 - 000031302 _____ C:\Users\segel\Downloads\FRST.txt 2021-05-30 21:16 - 2021-05-30 21:17 - 000000000 ____D C:\FRST 2021-05-30 21:15 - 2021-05-30 21:15 - 002299904 _____ (Farbar) C:\Users\segel\Downloads\FRST64.exe 2021-05-30 21:08 - 2021-05-30 21:08 - 000015008 _____ (Highresolution Enterprises [www.highrez.co.uk]) C:\WINDOWS\system32\Drivers\inpoutx64.sys 2021-05-30 21:00 - 2021-05-30 21:00 - 000309104 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_a2607caca_klark.sys 2021-05-30 21:00 - 2021-05-30 21:00 - 000263888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_a2607caca_arkmon.sys 2021-05-30 21:00 - 2021-05-30 21:00 - 000224880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_a2607caca_mark.sys 2021-05-30 21:00 - 2021-05-30 21:00 - 000127792 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\a2607cac.sys 2021-05-30 21:00 - 2021-05-30 21:00 - 000115744 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_a2607caca_klbg.sys 2021-05-30 20:59 - 2021-05-30 21:11 - 000000000 ____D C:\KVRT2020_Data 2021-05-30 20:58 - 2021-05-30 20:58 - 104242544 _____ (AO Kaspersky Lab) C:\Users\segel\Downloads\KVRT.exe 2021-05-30 20:42 - 2021-05-30 20:42 - 001252364 _____ C:\WINDOWS\Minidump\053021-8531-01.dmp 2021-05-30 18:47 - 2021-05-30 18:47 - 000000000 ____D C:\WINDOWS\LastGood 2021-05-28 18:07 - 2020-01-20 23:46 - 000133944 _____ (Samsung Electronics Co., Ltd) C:\WINDOWS\system32\Drivers\secnvme.sys 2021-05-28 16:52 - 2021-05-28 16:52 - 000321664 _____ C:\Users\segel\Documents\test.pdf 2021-05-28 11:37 - 2021-05-28 11:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2021-05-28 11:31 - 2021-05-28 11:31 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys 2021-05-28 11:31 - 2018-04-14 06:15 - 001854072 _____ (Logitech, Inc.) C:\WINDOWS\system32\LkmdfCoInst.dll 2021-05-28 11:31 - 2018-04-14 06:15 - 000094840 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LEqdUsb.sys 2021-05-28 11:30 - 2021-04-18 23:08 - 001149432 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2021-05-28 11:30 - 2020-08-17 21:19 - 000097032 _____ (Asmedia Technology) C:\WINDOWS\system32\Drivers\asstahci64.sys 2021-05-28 11:30 - 2020-03-24 10:11 - 000442384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdtee_api.dll 2021-05-28 11:30 - 2020-03-24 10:11 - 000355856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdtee_api.dll 2021-05-28 11:30 - 2020-03-24 10:11 - 000135184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdpsp.sys 2021-05-28 11:30 - 2019-11-19 03:37 - 003183120 _____ (Genesys Logic) C:\WINDOWS\SysWOW64\GLCRIcon.dll 2021-05-28 11:30 - 2019-11-19 03:37 - 000181072 _____ (Genesys Logic) C:\WINDOWS\system32\Drivers\GeneStor.sys 2021-05-28 11:24 - 2021-05-28 11:24 - 000000000 ____D C:\WINDOWS\system32\lxss 2021-05-28 11:24 - 2021-05-28 11:24 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2021-05-28 11:23 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-05-28 11:23 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-05-28 11:23 - 2021-05-13 20:22 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-05-28 11:23 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-05-28 11:23 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-05-28 11:23 - 2021-05-13 20:22 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-05-28 11:23 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-05-28 11:23 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-05-28 11:23 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-05-28 11:23 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-05-28 11:23 - 2021-05-13 20:19 - 001514800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-05-28 11:23 - 2021-05-13 20:19 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-05-28 11:23 - 2021-05-13 20:19 - 000715544 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-05-28 11:23 - 2021-05-13 20:19 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-05-28 11:23 - 2021-05-13 20:19 - 000626968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-05-28 11:23 - 2021-05-13 20:19 - 000575768 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-05-28 11:23 - 2021-05-13 20:19 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-05-28 11:23 - 2021-05-13 20:18 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-05-28 11:23 - 2021-05-13 20:18 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-05-28 11:23 - 2021-05-13 20:18 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-05-28 11:23 - 2021-05-13 20:18 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-05-28 11:23 - 2021-05-13 20:18 - 000656176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-05-28 11:23 - 2021-05-13 20:18 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-05-28 11:23 - 2021-05-13 20:17 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-05-28 11:23 - 2021-05-13 20:17 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-05-28 11:23 - 2021-05-13 20:17 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-05-28 11:23 - 2021-05-13 20:17 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2021-05-28 11:23 - 2021-05-13 20:16 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-05-28 11:23 - 2021-05-13 12:38 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb 2021-05-28 11:13 - 2021-05-28 11:13 - 001245828 _____ C:\WINDOWS\Minidump\052821-6796-01.dmp 2021-05-28 11:10 - 2021-05-28 11:10 - 000004948 _____ C:\Users\segel\Downloads\Crash List.html 2021-05-28 10:44 - 2021-05-30 20:42 - 1759630073 _____ C:\WINDOWS\MEMORY.DMP 2021-05-28 10:44 - 2021-05-30 20:42 - 000000000 ____D C:\WINDOWS\Minidump 2021-05-28 10:44 - 2021-05-28 10:45 - 001373188 _____ C:\WINDOWS\Minidump\052821-5796-01.dmp 2021-05-28 10:14 - 2021-05-28 10:14 - 000000000 ____D C:\Users\segel\AppData\Local\Stardock 2021-05-28 10:14 - 2021-05-28 10:14 - 000000000 ____D C:\ProgramData\Stardock 2021-05-28 10:13 - 2021-05-28 10:13 - 000000000 ____D C:\Users\segel\AppData\Local\SDLauncher 2021-05-28 09:56 - 2021-05-28 10:00 - 000000000 ____D C:\ProgramData\Epic 2021-05-28 09:56 - 2021-05-28 09:57 - 000000000 ____D C:\Program Files (x86)\Epic Games 2021-05-28 09:56 - 2021-05-28 09:56 - 000001272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2021-05-28 09:56 - 2021-05-28 09:56 - 000000000 ____D C:\Users\segel\AppData\Local\UnrealEngineLauncher 2021-05-28 09:56 - 2021-05-28 09:56 - 000000000 ____D C:\Users\segel\AppData\Local\EpicGamesLauncher 2021-05-26 16:12 - 2021-05-26 16:12 - 000000000 ____D C:\Users\segel\AppData\LocalLow\Temp 2021-05-26 10:06 - 2021-05-26 10:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-05-26 10:06 - 2021-05-26 10:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-05-26 10:06 - 2021-05-26 10:06 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-05-26 10:06 - 2021-05-26 10:06 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-05-26 10:06 - 2021-05-26 10:06 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-05-26 10:06 - 2021-05-26 10:06 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-05-26 10:06 - 2021-05-26 10:06 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-05-26 10:06 - 2021-05-26 10:06 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-05-26 10:06 - 2021-05-26 10:06 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-05-26 10:06 - 2021-05-26 10:06 - 000011327 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-05-26 10:05 - 2021-05-26 10:05 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-05-26 10:05 - 2021-05-26 10:05 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-05-26 10:05 - 2021-05-26 10:05 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-05-26 10:05 - 2021-05-26 10:05 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-05-26 10:05 - 2021-05-26 10:05 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-05-26 10:05 - 2021-05-26 10:05 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-05-26 10:05 - 2021-05-26 10:05 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-05-26 10:05 - 2021-05-26 10:05 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-05-25 14:10 - 2021-05-25 14:10 - 000016192 _____ C:\Users\segel\Downloads\magentacloud.zip 2021-05-25 09:53 - 2021-05-25 09:53 - 000087726 _____ C:\Users\segel\Downloads\cm._2021-05-25_0953263538445981931426552.pdf 2021-05-25 09:51 - 2021-05-25 09:51 - 000095107 _____ C:\Users\segel\Downloads\Terminplan_2021_Neurecht_barrierefrei.pdf 2021-05-25 09:45 - 2021-05-25 09:45 - 019385644 _____ C:\Users\segel\Downloads\Seite-1-8-GRUÌ_Nspecht-April-2021 (3).pdf 2021-05-24 14:21 - 2021-05-24 14:21 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe 2021-05-24 14:21 - 2021-05-24 14:21 - 000019152 _____ C:\WINDOWS\system32\pwdrvio.sys 2021-05-24 14:21 - 2021-05-24 14:21 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys 2021-05-24 11:02 - 2021-05-24 11:18 - 000000000 ____D C:\ESD 2021-05-24 11:00 - 2021-05-24 11:00 - 000000000 ____D C:\$WINDOWS.~BT 2021-05-24 10:59 - 2021-05-24 10:59 - 000000000 ___HD C:\$Windows.~WS 2021-05-24 10:57 - 2021-05-24 10:59 - 000000000 ____D C:\Users\segel\Downloads\stick 2021-05-21 09:51 - 2021-05-21 09:51 - 000000000 ____D C:\Users\segel\AppData\Local\Creative_Technology_Ltd 2021-05-21 09:51 - 2021-05-21 09:51 - 000000000 ____D C:\Users\segel\AppData\Local\Creative 2021-05-21 09:49 - 2021-05-21 09:49 - 000001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sound Blaster Command.lnk 2021-05-21 09:49 - 2021-05-21 09:49 - 000000000 ____D C:\ProgramData\Creative 2021-05-21 09:49 - 2020-09-07 18:07 - 000009645 _____ C:\WINDOWS\SysWOW64\CTOPT352.cat 2021-05-21 09:49 - 2020-09-07 18:07 - 000009213 _____ C:\WINDOWS\system32\CTOPT399.cat 2021-05-21 09:49 - 2020-09-07 18:07 - 000009117 _____ C:\WINDOWS\SysWOW64\CTOPT399.cat 2021-05-21 09:49 - 2020-09-07 11:42 - 000167424 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CTOPT352.dll 2021-05-21 09:49 - 2020-09-07 11:41 - 000079872 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CTOPT399.dll 2021-05-21 09:49 - 2020-09-07 11:40 - 000088576 _____ (Creative Technology Ltd) C:\WINDOWS\system32\CTOPT399.dll 2021-05-21 09:49 - 2006-12-05 13:53 - 000042496 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AddCat.exe 2021-05-21 09:47 - 2021-01-11 02:41 - 000540120 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CtHdaCtl.dll 2021-05-21 09:47 - 2021-01-11 02:40 - 002203240 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\CTHRFX64.dll 2021-05-21 09:47 - 2021-01-11 02:40 - 000456704 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\CTHMLX64.dll 2021-05-21 09:47 - 2020-12-07 18:09 - 000004888 _____ C:\WINDOWS\cthdaGER.reg 2021-05-21 09:47 - 2020-12-07 18:09 - 000004850 _____ C:\WINDOWS\cthdaENG.reg 2021-05-20 20:59 - 2021-05-20 22:23 - 000000000 ____D C:\Program Files (x86)\Synology 2021-05-19 09:24 - 2021-05-19 09:24 - 000164168 _____ C:\WINDOWS\system32\cmdiag.exe 2021-05-19 09:24 - 2021-05-19 09:24 - 000103936 _____ C:\WINDOWS\system32\cmimageworker.exe 2021-05-17 19:02 - 2021-05-17 19:02 - 000000000 ____D C:\Users\segel\Documents\XSplit 2021-05-17 19:02 - 2021-05-17 19:02 - 000000000 ____D C:\ProgramData\Caphyon 2021-05-17 19:01 - 2021-05-20 18:57 - 000000000 ____D C:\ProgramData\XSplit 2021-05-17 10:15 - 2021-04-22 06:12 - 000159800 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys 2021-05-11 19:31 - 2021-05-30 18:29 - 000000650 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-210967507-139054641-1062387239-1001.job 2021-05-11 19:31 - 2021-05-30 18:29 - 000000554 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-210967507-139054641-1062387239-1001.job 2021-05-11 19:31 - 2021-05-29 22:06 - 000003800 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-210967507-139054641-1062387239-1001 2021-05-11 19:31 - 2021-05-29 22:06 - 000003704 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-210967507-139054641-1062387239-1001 2021-05-11 19:31 - 2021-05-29 22:06 - 000000000 ____D C:\Users\segel\AppData\Local\GoToMeeting 2021-05-11 19:31 - 2021-05-11 19:31 - 000000000 ____D C:\Users\segel\AppData\Local\GoTo Opener 2021-05-07 22:05 - 2021-05-07 22:08 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-05-07 11:53 - 2021-05-07 11:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-05-07 10:44 - 2021-05-07 18:28 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-05-07 10:43 - 2021-05-07 10:43 - 001014600 _____ C:\Users\segel\Downloads\Uebersichten Lerntechniken Teil 1.pdf 2021-05-07 10:43 - 2021-05-07 10:43 - 000853034 _____ C:\Users\segel\Downloads\Workshopunterlagen Lerntechniken Teil 1.pdf 2021-05-07 10:41 - 2021-05-07 10:41 - 000660702 _____ C:\Users\segel\Downloads\Workshopunterlagen Einführung Beispiel.pdf 2021-05-07 09:39 - 2021-05-07 09:39 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-05-07 09:39 - 2021-05-07 09:39 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-05-07 09:39 - 2021-05-07 09:39 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-05-07 09:39 - 2021-05-07 09:39 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-05-07 09:39 - 2021-05-07 09:39 - 000014848 _____ C:\WINDOWS\system32\hnsproxy.dll 2021-05-07 09:38 - 2021-05-07 09:38 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-05-07 09:38 - 2021-05-07 09:38 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-05-07 09:38 - 2021-05-07 09:38 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-05-07 09:38 - 2021-05-07 09:38 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-05-05 09:24 - 2021-05-28 09:56 - 000000000 ____D C:\Users\segel\AppData\Local\UnrealEngine 2021-05-05 09:15 - 2021-05-05 09:15 - 000095933 _____ C:\Users\segel\Downloads\Bezahlung_ Rechnung INV202105-ztjYeA.pdf 2021-05-03 14:42 - 2021-05-03 14:42 - 000196884 _____ C:\Users\segel\Downloads\Workpackage12_GPOs.zip 2021-04-30 10:42 - 2020-11-11 03:54 - 000167280 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2021-04-30 10:06 - 2021-05-18 13:58 - 000000000 ____D C:\Users\segel\AppData\LocalLow\Mozilla 2021-04-30 10:06 - 2021-05-07 22:08 - 000001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-04-30 10:06 - 2021-04-30 10:06 - 000001003 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2021-04-30 10:06 - 2021-04-30 10:06 - 000001003 _____ C:\ProgramData\Desktop\Mozilla Thunderbird.lnk 2021-04-30 10:06 - 2021-04-30 10:06 - 000000000 ____D C:\Users\segel\AppData\Roaming\Thunderbird 2021-04-30 10:06 - 2021-04-30 10:06 - 000000000 ____D C:\Users\segel\AppData\Local\Thunderbird 2021-04-30 09:22 - 2021-04-30 09:22 - 000000000 ____D C:\Users\segel\AppData\Local\GOG.com 2021-04-30 09:21 - 2021-05-06 10:44 - 000000000 ____D C:\ProgramData\GOG.com ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-05-30 21:17 - 2018-08-08 18:38 - 000000000 ____D C:\Users\segel\AppData\Roaming\discord 2021-05-30 21:10 - 2020-08-07 11:40 - 000000000 ____D C:\Users\segel\AppData\Local\CrashDumps 2021-05-30 21:09 - 2017-08-25 18:48 - 000000000 ____D C:\Users\segel\Downloads\Benchen 2021-05-30 20:58 - 2021-01-12 15:02 - 000000000 _____ C:\WINDOWS\system32\Drivers\etc\hosts.tmp 2021-05-30 20:50 - 2020-10-22 09:50 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-05-30 20:50 - 2019-12-07 16:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat 2021-05-30 20:50 - 2019-12-07 16:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat 2021-05-30 20:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-05-30 20:48 - 2017-08-25 19:26 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-05-30 20:45 - 2018-08-08 18:38 - 000000000 ____D C:\Users\segel\AppData\Local\Discord 2021-05-30 20:44 - 2021-04-19 09:45 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-05-30 20:44 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-30 20:43 - 2020-09-27 09:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-05-30 20:43 - 2020-08-13 12:41 - 000000000 ____D C:\ProgramData\NVIDIA 2021-05-30 20:43 - 2020-05-28 14:05 - 000008192 ___SH C:\DumpStack.log.tmp 2021-05-30 20:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-05-30 20:43 - 2017-08-25 19:15 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-05-30 20:42 - 2021-03-13 21:36 - 000003126 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner 2021-05-30 20:42 - 2020-10-22 09:41 - 000000000 ____D C:\Users\segel 2021-05-30 20:42 - 2020-09-27 07:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-05-30 20:42 - 2019-12-07 11:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2021-05-30 19:28 - 2017-08-25 19:11 - 000000128 _____ C:\Users\segel\AppData\Roaming\winscp.rnd 2021-05-30 19:26 - 2020-04-19 21:11 - 000000000 ____D C:\Program Files (x86)\Steam 2021-05-30 18:31 - 2020-10-22 09:54 - 000000000 ____D C:\Users\segel\AppData\Local\Deployment 2021-05-29 22:08 - 2020-09-27 09:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-29 22:08 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-29 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-05-28 17:02 - 2021-02-02 21:45 - 000000000 ____D C:\Users\segel\AppData\Roaming\KeePass 2021-05-28 17:01 - 2021-02-04 12:05 - 000006462 _____ C:\Users\segel\Documents\Key.kdbx 2021-05-28 11:36 - 2020-05-20 08:44 - 000000000 ____D C:\Program Files\Logitech 2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2021-05-28 11:24 - 2020-07-21 15:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2021-05-28 11:15 - 2017-10-17 21:44 - 000000000 ____D C:\Users\segel\AppData\Local\Packages 2021-05-28 10:26 - 2018-12-10 20:31 - 000000000 ____D C:\Users\segel\AppData\Local\D3DSCache 2021-05-26 16:12 - 2020-04-22 08:43 - 000000000 ____D C:\Users\segel\Downloads\Examen 2021-05-26 14:44 - 2018-08-08 18:38 - 000002227 _____ C:\Users\segel\Desktop\Discord.lnk 2021-05-26 10:12 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-05-26 10:11 - 2020-09-27 07:33 - 005190184 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-05-26 10:10 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-05-26 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-05-26 10:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-05-26 09:44 - 2019-12-07 11:03 - 000131072 _____ C:\WINDOWS\system32\config\ELAM 2021-05-25 13:19 - 2017-08-25 19:23 - 000000000 ____D C:\Users\segel\AppData\Roaming\vlc 2021-05-25 09:49 - 2020-05-14 21:52 - 000000000 ____D C:\Users\segel\Downloads\S20 2021-05-24 15:31 - 2017-08-25 18:48 - 000000000 ____D C:\Users\segel\Downloads\Zum Neuinstallieren 2021-05-24 15:21 - 2021-02-02 21:37 - 000000923 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2021-05-24 15:21 - 2021-02-02 21:37 - 000000000 ____D C:\Program Files\KeePass Password Safe 2 2021-05-24 14:25 - 2018-11-26 18:41 - 000000000 ____D C:\Users\segel\.atom 2021-05-24 14:05 - 2020-10-22 09:39 - 000001162 _____ C:\WINDOWS\system32\config\VSMIDK 2021-05-24 11:18 - 2020-10-30 12:04 - 000000000 ____D C:\WINDOWS\Panther 2021-05-24 10:58 - 2017-08-26 08:00 - 000000000 ____D C:\Program Files\Microsoft Office 2021-05-23 19:40 - 2020-11-04 13:34 - 000000128 _____ C:\Users\segel\AppData\Local\PUTTY.RND 2021-05-21 09:50 - 2017-08-25 18:42 - 000000000 ____D C:\Users\Public\Creative 2021-05-21 09:49 - 2020-07-16 18:12 - 000000000 ____D C:\Program Files (x86)\Creative 2021-05-21 09:49 - 2017-08-25 18:59 - 000000105 ___RH C:\WINDOWS\ctfile.rfc 2021-05-20 20:44 - 2018-09-27 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-05-20 20:44 - 2018-07-12 19:44 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2021-05-20 20:44 - 2017-08-26 08:09 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2021-05-20 20:44 - 2017-08-26 08:09 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2021-05-20 20:44 - 2017-08-26 08:09 - 000002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2021-05-20 20:44 - 2017-08-26 08:09 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2021-05-20 20:44 - 2017-08-26 08:09 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2021-05-20 20:44 - 2017-08-26 08:09 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2021-05-20 20:44 - 2017-08-26 08:09 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-05-19 09:16 - 2017-08-25 19:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-05-19 09:15 - 2017-08-25 19:32 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-05-18 13:58 - 2019-02-18 13:49 - 000000000 ____D C:\ProgramData\Mozilla 2021-05-17 10:21 - 2020-09-27 09:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-05-17 10:21 - 2019-09-19 13:08 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2021-05-17 10:21 - 2019-09-19 13:08 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2021-05-17 10:15 - 2019-08-21 23:00 - 000000000 ____D C:\Program Files (x86)\CalDavSynchronizer 2021-05-13 20:15 - 2021-01-06 12:47 - 006159152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-05-13 20:15 - 2020-10-19 11:00 - 007212224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-05-09 18:38 - 2018-01-16 09:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-05-07 21:53 - 2020-12-02 14:57 - 000000000 ____D C:\Users\segel\Downloads\Ausprobieren 2021-05-07 21:47 - 2018-02-01 11:23 - 000000000 ____D C:\Users\segel\Documents\My Games 2021-05-07 21:25 - 2017-08-25 19:11 - 000001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk 2021-05-07 21:25 - 2017-08-25 19:11 - 000001152 _____ C:\Users\Public\Desktop\WinSCP.lnk 2021-05-07 21:25 - 2017-08-25 19:11 - 000001152 _____ C:\ProgramData\Desktop\WinSCP.lnk 2021-05-07 21:25 - 2017-08-25 19:11 - 000000000 ____D C:\Program Files (x86)\WinSCP 2021-05-07 11:52 - 2018-01-16 09:17 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-05-07 10:08 - 2019-12-07 16:52 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-05-07 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-05-07 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-05-07 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-05-07 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-05-07 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-05-07 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-05-07 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-05-07 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-05-07 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-05-07 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-05-07 09:40 - 2019-12-07 16:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-05-05 19:16 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-05-04 17:11 - 2021-03-28 19:51 - 000000000 ____D C:\Users\segel\AppData\Local\LarianLauncher 2021-05-04 08:58 - 2017-08-25 18:46 - 000000000 ____D C:\ProgramData\Package Cache 2021-05-01 13:08 - 2021-02-22 14:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-04-30 10:06 - 2017-11-06 16:13 - 000000000 ____D C:\Users\segel\AppData\Roaming\Mozilla ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2017-11-06 17:09 - 2017-11-06 17:09 - 000000171 _____ () C:\Users\segel\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f 2017-11-06 17:09 - 2018-09-04 10:08 - 000000453 _____ () C:\Users\segel\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf 2018-11-08 13:08 - 2018-11-08 13:08 - 000000171 _____ () C:\Users\segel\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0 2017-11-06 17:09 - 2017-11-06 17:09 - 000000175 _____ () C:\Users\segel\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388 2017-08-25 19:11 - 2021-05-30 19:28 - 000000128 _____ () C:\Users\segel\AppData\Roaming\winscp.rnd 2019-06-26 17:21 - 2019-06-26 17:56 - 000001456 _____ () C:\Users\segel\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2019-09-17 19:14 - 2019-09-17 19:14 - 000000053 _____ () C:\Users\segel\AppData\Local\DVDFab.INI 2018-09-28 12:27 - 2021-04-27 19:10 - 000000820 _____ () C:\Users\segel\AppData\Local\oobelibMkey.log 2020-11-04 13:34 - 2021-05-23 19:40 - 000000128 _____ () C:\Users\segel\AppData\Local\PUTTY.RND 2019-06-26 18:13 - 2019-06-26 18:13 - 000000749 _____ () C:\Users\segel\AppData\Local\recently-used.xbel 2017-12-21 18:21 - 2017-12-21 18:21 - 000007604 _____ () C:\Users\segel\AppData\Local\Resmon.ResmonCfg 2019-11-03 20:29 - 2019-11-03 20:30 - 000000000 _____ () C:\Users\segel\AppData\Local\{4D33B8CC-C097-4AE0-9E96-DFABD205A89B} ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 29-05-2021 01 durchgeführt von segel (30-05-2021 21:21:09) Gestartet von C:\Users\segel\Downloads Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe (Adobe Systems Incorporated.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Systems) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk -> C:\Program Files\Adobe\Adobe Photoshop 2020\Photoshop.exe (Adobe) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro CC 2015\Adobe Premiere Pro.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 18.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD18\PDVDLP.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk -> C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sound Blaster Command.lnk -> C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe (Creative Technology Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Sandbox.lnk -> C:\Windows\System32\WindowsSandbox.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\Pageant.lnk -> C:\Program Files\PuTTY\pageant.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PSFTP.lnk -> C:\Program Files\PuTTY\psftp.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Manual.lnk -> C:\Program Files\PuTTY\putty.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Web Site.lnk -> C:\Program Files\PuTTY\website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY.lnk -> C:\Program Files\PuTTY\putty.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTYgen.lnk -> C:\Program Files\PuTTY\puttygen.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Options.lnk -> C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo (32bit).lnk -> C:\Program Files\CrystalDiskInfo\DiskInfo32.exe (Crystal Dew World) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo (64bit).lnk -> C:\Program Files\CrystalDiskInfo\DiskInfo64.exe (Crystal Dew World) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Produktregistrierung.lnk -> C:\Program Files (x86)\Creative\Produktregistrierung\German\InetReg.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security\Bitdefender Safepay.lnk -> C:\Program Files\Bitdefender\Bitdefender Security\obk.exe (Bitdefender) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aquasuite\aquasuite.lnk -> C:\Program Files\aquasuite\aquasuite.exe (Aqua Computer GmbH & Co. KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aquasuite\Uninstall.lnk -> C:\Program Files\aquasuite\uninstaller.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\segel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Keine Datei) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.) Shortcut: C:\Users\Public\Desktop\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\Users\Public\Desktop\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) Shortcut: C:\Users\segel\Links\Desktop.lnk -> C:\Users\segel\Desktop () Shortcut: C:\Users\segel\Links\Downloads.lnk -> C:\Users\segel\Downloads () Shortcut: C:\Users\segel\Downloads\Zum Neuinstallieren\Tor Browser\Start Tor Browser.lnk -> C:\Users\segel\Downloads\Zum Neuinstallieren\Tor Browser\Browser\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\segel\Downloads\Zum Neuinstallieren\LeDimmer\LeDimmer - Verknüpfung.lnk -> C:\Users\segel\Downloads\Software\LeDimmer\LeDimmer.exe (Keine Datei) Shortcut: C:\Users\segel\Downloads\stick\Tor Browser\Start Tor Browser.lnk -> D:\Tor Browser\Browser\firefox.exe (Keine Datei) Shortcut: C:\Users\segel\Desktop\Adobe Lightroom Classic.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Systems) Shortcut: C:\Users\segel\Desktop\Adobe Photoshop 2020.lnk -> C:\Program Files\Adobe\Adobe Photoshop 2020\Photoshop.exe (Adobe) Shortcut: C:\Users\segel\Desktop\CrystalDiskInfo.lnk -> C:\Program Files\CrystalDiskInfo\DiskInfo64.exe (Crystal Dew World) Shortcut: C:\Users\segel\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\segel\Desktop\KeePass 2.lnk -> C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\Users\segel\Desktop\Outlook 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\Users\segel\Desktop\Start Tor Browser.lnk -> C:\Users\segel\Downloads\Zum Neuinstallieren\Tor Browser\Browser\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\segel\AppData\Roaming\SplitmediaLabs\XSplit VCam 2.1.2102.1003\install\6AF38A4\x64\XSplitVCam.lnk -> D:\Program Files (x86)\SplitmediaLabs\XSplit VCam\x64\XSplitVCam.exe (Keine Datei) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk -> C:\Users\segel\AppData\Local\FluxSoftware\Flux\flux.exe (f.lux Software LLC) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\segel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Keine Datei) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\segel\Downloads\Zum Neuinstallieren\Tor Browser\Browser\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\segel\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe () Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk -> C:\Program Files (x86)\MSI Afterburner\Doc\ReadMe.pdf () Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk -> C:\Program Files (x86)\MSI Afterburner\Uninstall.exe () Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\Localization reference.pdf () Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\USF skin format reference.pdf () Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Samples () Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc\Atom.lnk -> C:\Users\segel\AppData\Local\atom\atom.exe (GitHub, Inc.) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\c't Windows Protec'tor\Deinstallieren.lnk -> C:\Program Files (x86)\ctProtector\uninstall.exe (c't Magazin für Computertechnik) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Lightroom Classic.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Systems) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\KeePass 2.lnk -> C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Logitech Options.lnk -> C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PuTTY.lnk -> C:\Program Files\PuTTY\putty.exe (Simon Tatham) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamViewer 15.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) Shortcut: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Database Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office Upload Center.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files\Microsoft Office\Root\Office16\MSOUC.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security\Bitdefender.lnk -> C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe (Bitdefender) -> /seccenter ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Public\Desktop\Bitdefender.lnk -> C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe (Bitdefender) -> source:desktop ShortcutWithArgument: C:\Users\segel\Downloads\Zum Neuinstallieren\Windows 10\Herunterfahren.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /s /t 0 ShortcutWithArgument: C:\Users\segel\Downloads\Zum Neuinstallieren\Windows 10\Hybrid.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /s /hybrid /t 0 ShortcutWithArgument: C:\Users\segel\Downloads\Zum Neuinstallieren\Windows 10\Neustart.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /r /t 0 ShortcutWithArgument: C:\Users\segel\Downloads\Zum Neuinstallieren\Windows 10\Ruhezustand.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> powrprof.dll,SetSuspendState ShortcutWithArgument: C:\Users\segel\Downloads\stick\Herunterfahren.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /s /t 0 ShortcutWithArgument: C:\Users\segel\Downloads\stick\Neustart.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /r /t 0 ShortcutWithArgument: C:\Users\segel\Desktop\Discord.lnk -> C:\Users\segel\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\segel\Desktop\Herunterfahren.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /s /t 0 ShortcutWithArgument: C:\Users\segel\Desktop\Neustart.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /r /t 0 ShortcutWithArgument: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\segel\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall ShortcutWithArgument: C:\Users\segel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\segel\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\segel\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\segel\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\segel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\segel\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/ InternetURL: C:\Users\segel\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\segel\Favorites\Links\Expeditionen ins Tierreich - Abenteuer Ozean online schauen und streamen bei Amazon Instant Video, Amazons Online-Videothek.url -> URL: hxxp://www.amazon.de/gp/product/B00ET0OF1C?redirect=true&ref_=dv_web_wtls_list_pr_762 InternetURL: C:\Users\segel\Favorites\Links\Navy CIS - Staffel 1 online schauen und streamen bei Amazon Instant Video, Amazons Online-Videothek.url -> BASEURL: hxxp://www.amazon.de/gp/product/B00ERKPKPO?ref_=atv_dp_season_select_s1 URL: hxxp://www.amazon.de/gp/product/B00ERKPKPO?ref_=atv_dp_season_select_s1 InternetURL: C:\Users\segel\Favorites\Links\Shaun das Schaf - Staffel 1 online schauen und streamen bei Amazon Instant Video, Amazons Online-Videothek.url -> URL: hxxp://www.amazon.de/gp/product/B00ERNJTZ8?ref_=atv_dp_season_select_s1 InternetURL: C:\Users\segel\Downloads\Benchen\HD.Tune.Pro.v5.50.Retail-FOSI\nsane.down - software, as it should be.url -> URL: hxxp://www.nsanedown.com/ ==================== Ende vom Shortcut.txt ============================= |
31.05.2021, 09:19 | #2 |
/// TB-Ausbilder | Windows 10 Bluescreen durch ntoskrnl.exe und Scans von Virenscanner verursachen teilweise Bluescreens oder stürzen ab Anleitung / Hilfe1. Da ich keine Anzeichen von Malware sehe, verschiebe ich dein Thema in den Windowsbereich. Vielmehr deuten die Logdateien von FRST darauf hin, dass Systemdateien beschädigt sind und Bitdefender die Probleme verursacht. Hast du schon mal daran gedacht, das Programm, welches die Probleme verursacht, testweise zu deinstallieren, um zu sehen, ob es danach besser ist? 2. Des Weiteren gibt es Anzeichen dafür, dass du die Logdateien "manipuliert" hast... die Hosts Datei lässt grüßen... mehr muss man dazu auch nicht schreiben, jeder Mitleser weiß, worauf das hindeutet. Fazit: Eine saubere Neuinstallation inklusive die Beachtung grundlegener Sicherheitstipps für die Zeit danach täten deinem System ganz gut. |
31.05.2021, 09:29 | #3 |
| Windows 10 Bluescreen durch ntoskrnl.exe und Scans von Virenscanner verursachen teilweise Bluescreens oder stürzen ab Details Kein Anzeichen von Malware beruhigt mich sehr. Ich werde dann wohl mal neuinstallieren und vorher mal Bitdefender entfernen. An den Log Dateien habe ich nur meine Mailadresse mit * entfernt.
__________________Danke für deine Hilfe! |
31.05.2021, 13:19 | #4 | |
| Lösung: Windows 10 Bluescreen durch ntoskrnl.exe und Scans von Virenscanner verursachen teilweise Bluescreens oder stürzen abZitat:
|
31.05.2021, 13:58 | #5 |
| Wie Windows 10 Bluescreen durch ntoskrnl.exe und Scans von Virenscanner verursachen teilweise Bluescreens oder stürzen ab Ich habe damals ein langes Abo sehr günstig für 10 Geräte erworben und wollte nach den Laufzeit eh auf Windows Defender umsteigen. Wäre so erst in 300 Tagen gewesen. Habe nun mal neuinstalliert und schaue mal |
31.05.2021, 14:06 | #6 |
| Wo Windows 10 Bluescreen durch ntoskrnl.exe und Scans von Virenscanner verursachen teilweise Bluescreens oder stürzen ab Lösung! Umsteigen braucht man nicht. Der Windows Defender wird immer mitinstalliert und ist aktiviert, wenn man nicht mit anderen Supertools dazwischenfunkt und damit deaktiviert.
__________________ --> Windows 10 Bluescreen durch ntoskrnl.exe und Scans von Virenscanner verursachen teilweise Bluescreens oder stürzen ab |
Themen zu Windows 10 Bluescreen durch ntoskrnl.exe und Scans von Virenscanner verursachen teilweise Bluescreens oder stürzen ab |
abstürzen, adobe, bluescreen, computer, defender, fehler, firefox, google, homepage, internet, internet explorer, kaspersky, mozilla, performance, photoshop, prozesse, realtek, registry, rundll, security, software, symantec, system, usb, windows |