Windows 10: USB-Stick Ordner als Verknüpfungen

Simon333 · 07.04.2017, 17:15

Hallo liebes Trojaner-Board-Team,

ich habe einen USB-Stick im Copyshop angesteckt, dort wurde er vermutlich mit Malware infiziert. Seitdem werden nämlich alle Ordner, die sich darauf befinden, als Verknüpfungen angezeigt. Ich hatte das gleiche Problem bereits 2014, schrauber hat mir damals geholfen und meinen Rechner und die Sticks befreit, hier der Thread: http://www.trojaner-board.de/152440-...angezeigt.html

Allerdings ist das jetzt schon 3 Jahre her, ich habe einen anderen Laptop und Windows 10, deshalb bin ich mir nicht sicher, ob die Anleitung noch gültig ist. Könnt ihr mir bitte weiterhelfen?

Vielen lieben Dank und liebe Grüße

Simon

Entschuldigt bitte, ich habe die FRST Logfiles vergessen. Hier sind sie:

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von ***** (Administrator) auf NP730U3E-X04DE (07-04-2017 18:08:00)
Gestartet von C:\Users\*****\Downloads
Geladene Profile: ***** &  (Verfügbare Profile: *****)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Flux Software LLC) C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [909744 2017-03-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKLM-x32\...\Run: [CheckNDISPortF0acA7] => C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe [419072 2013-05-10] ()
HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe [446720 2013-05-10] ()
HKLM-x32\...\Run: [DSL Soforthilfe] => C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [63432 2017-03-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [PulseSecure] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2826584 2015-07-28] (Pulse Secure, LLC)
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Run: [Amazon Music] => C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe [3464680 2016-11-16] ()
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\1.3.32.8\GoogleUpdateCore.exe [601752 2017-04-07] (Google Inc.)
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Run: [f.lux] => C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-03] (Spotify Ltd)
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Run: [SysinfY2X] => C:\WINDOWS\system32\cmd.exe /c start wscript  /e:VBScript.Encode %temp%\SysinfY2X.db
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\MountPoints2: {5ee60eeb-ec88-11e5-bf55-b4b676c88fd8} - "D:\AutoRun.exe" 
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe [3464680 2016-11-16] ()
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-03] (Spotify Ltd)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SysinfY2X] => C:\WINDOWS\system32\cmd.exe /c start wscript  /e:VBScript.Encode %temp%\SysinfY2X.db
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5ee60eeb-ec88-11e5-bf55-b4b676c88fd8} - "D:\AutoRun.exe" 
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Amazon Music] => C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe [3464680 2016-11-16] ()
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [f.lux] => C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-03] (Spotify Ltd)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [SysinfY2X] => C:\WINDOWS\system32\cmd.exe /c start wscript  /e:VBScript.Encode %temp%\SysinfY2X.db
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {5ee60eeb-ec88-11e5-bf55-b4b676c88fd8} - "D:\AutoRun.exe" 
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-11-09]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{739bafad-f725-464b-b239-cfcc34ab7a50}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b47d9a86-7cdb-48fe-955f-fae754c6dd05}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-680370811-642922712-648177064-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKU\S-1-5-21-680370811-642922712-648177064-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-19] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-03-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-19] (Oracle Corporation)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default [2017-04-07]
FF Homepage: Mozilla\Firefox\Profiles\zy2zji0a.default -> hxxps://www.maschinenring.de/wetter.html#/mrWetter=ewogICJsb2NhdGlvbiI6ICI1MDY3NCBLw7ZsbiAoREUpIgp9/
FF Session Restore: Mozilla\Firefox\Profiles\zy2zji0a.default -> ist aktiviert.
FF Extension: (OneTab) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\extension@one-tab.com.xpi [2017-01-24]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\firefox@zenmate.com.xpi [2016-09-29]
FF Extension: (HTTPS Everywhere) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\https-everywhere-eff@eff.org.xpi [2017-04-07]
FF Extension: (Pocket) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\isreaditlater@ideashower.com [2015-06-02]
FF Extension: (Privacy Badger) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2017-03-29]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-03-31]
FF Extension: (WOT) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-11]
FF Extension: (Video DownloadHelper) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-31]
FF Extension: (SoundCloud Downloader - Technowise) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2016-06-23]
FF Extension: (Adblock Plus) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (DownThemAll!) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-11-04]
FF Extension: (Disable Prefetch) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\features\{15417ee8-7328-4a2d-9322-3acee87b9d52}\disable-prefetch@mozilla.org.xpi [2017-04-04]
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\searchplugins\dudende-suche.xml [2014-09-22]
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zy2zji0a.default\searchplugins\youtube.xml [2014-10-25]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-29] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.8\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.8\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-680370811-642922712-648177064-1005: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.8\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-680370811-642922712-648177064-1005: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.8\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-680370811-642922712-648177064-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2017-04-07]
CHR Extension: (Google Slides) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-13]
CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-13]
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (Google Cast) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-29]
CHR Extension: (Adblock Plus) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-29]
CHR Extension: (Google Search) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-03-18]
CHR Extension: (Google Sheets) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-13]
CHR Extension: (Avira Browser Safety) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-29]
CHR Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-29]
CHR Extension: (FirstDraftNewsCheck) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\japockpeaaanknlkhagilkgcledilbfk [2017-02-21]
CHR Extension: (RevEye Reverse Image Search) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\keaaclcjhehbbapnphnmpiklalfhelgf [2016-04-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Gmail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR Extension: (Chrome Media Router) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1115552 2017-03-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [487432 2017-03-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [487432 2017-03-22] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1519136 2017-03-22] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349560 2017-03-09] (Avira Operations GmbH & Co. KG)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593664 2015-06-19] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-11-08] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 JuniperAccessService; C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [162136 2015-07-28] (Pulse Secure, LLC)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3289448 2016-05-11] (Samsung Electronics Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41024 2015-09-23] (ELAN Microelectronic Corp.)
R1 jnprns; C:\WINDOWS\system32\DRIVERS\jnprns.sys [507192 2015-07-28] (Juniper Networks)
S4 jnprTdi_814_60331; C:\WINDOWS\system32\Drivers\jnprTdi_814_60331.sys [108344 2015-07-28] (Pulse Secure, LLC)
S3 jnprva; C:\WINDOWS\System32\drivers\jnprva.sys [30072 2015-07-28] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\WINDOWS\System32\drivers\jnprvamgr.sys [45352 2015-07-28] (Juniper Networks, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-04-07] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
S3 NvnUsbAudio; C:\WINDOWS\system32\DRIVERS\nvnusbaudio.sys [53552 2013-04-30] (Novation DMS Ltd.)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [252448 2015-09-25] (QUALCOMM Incorporated)
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek                                            )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [435200 2016-09-03] (Realsil Semiconductor Corporation)
R3 SensorsAlsDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
S3 taphss6; C:\WINDOWS\system32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-07 18:08 - 2017-04-07 18:08 - 00034720 _____ C:\Users\*****\Downloads\FRST.txt
2017-04-07 17:59 - 2017-04-07 18:08 - 00000000 ____D C:\FRST
2017-04-07 17:58 - 2017-04-07 17:58 - 02424832 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2017-04-06 20:10 - 2017-04-07 17:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-06 20:09 - 2017-04-06 20:09 - 00001167 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-04-06 20:09 - 2017-04-06 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2017-04-06 20:09 - 2017-04-06 20:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-06 20:09 - 2017-04-06 20:09 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2017-04-06 20:09 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-06 20:09 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-04-06 20:09 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-06 20:08 - 2017-04-06 20:09 - 22851472 _____ (Malwarebytes ) C:\Users\*****\Downloads\mbam-setup-2.2.1.1043.exe
2017-04-03 09:07 - 2017-04-03 09:08 - 143465616 _____ C:\Users\*****\Downloads\Palmbomen II - Memories of Cindy Pt. 1.mp4
2017-04-01 13:44 - 2017-04-01 13:44 - 06541981 _____ C:\Users\*****\Downloads\Rebound by ELI ESCOBAR Song Free Music, Listen Now on Myspac.m4a
2017-04-01 13:10 - 2017-04-01 13:11 - 12726560 _____ C:\Users\*****\Downloads\Degrees of Freedom - August is an Angel.mp4
2017-04-01 13:04 - 2017-04-01 13:04 - 24543902 _____ C:\Users\*****\Downloads\August Is An Angel - Degrees of Freedom - Montreal 1985.mp4
2017-03-31 16:45 - 2017-03-31 16:47 - 81146658 _____ C:\Users\*****\Downloads\Woman mp3s.zip
2017-03-31 16:07 - 2017-03-31 16:07 - 03203236 _____ C:\Users\*****\Downloads\Bestaetgungen GVL_032017.pdf
2017-03-29 08:46 - 2017-03-29 08:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2017-03-25 05:23 - 2017-03-25 05:23 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-21 18:24 - 2017-04-05 13:50 - 00000000 ____D C:\Users\*****\Desktop\co pop
2017-03-19 22:44 - 2017-03-19 22:44 - 00000279 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2017-03-18 15:01 - 2017-03-29 08:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-18 14:52 - 2017-03-18 14:53 - 00000000 ____D C:\Users\*****\Downloads\cool_faac-1.28-2.7
2017-03-16 11:50 - 2017-03-16 11:51 - 00038498 _____ C:\Users\*****\Desktop\Tabs 16.03.17.txt
2017-03-16 10:41 - 2017-03-16 10:41 - 00000000 ____D C:\874bf333a0cc20d98246ae31724cdb72
2017-03-09 13:30 - 2017-03-09 13:40 - 54812245 _____ C:\Users\*****\Downloads\Primal Scream - Come Together.rar

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-07 18:03 - 2017-01-22 02:25 - 00000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2017-04-07 18:03 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2017-04-07 18:01 - 2015-03-30 22:45 - 00000000 ____D C:\Users\*****\Downloads\Neuer Ordner
2017-04-07 17:55 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-07 17:50 - 2016-11-19 16:56 - 00000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2017-04-07 17:21 - 2015-10-28 23:58 - 00001290 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1005UA.job
2017-04-07 17:13 - 2014-09-23 22:06 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2017-04-07 17:05 - 2014-09-23 22:05 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2017-04-07 16:10 - 2014-07-07 13:05 - 00000958 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1002UA.job
2017-04-07 15:30 - 2015-11-19 22:37 - 00003898 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1005UA
2017-04-07 15:30 - 2015-11-19 22:37 - 00003630 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1005Core
2017-04-07 15:29 - 2015-05-13 20:20 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-07 15:29 - 2015-05-13 20:20 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-07 15:26 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-07 15:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-07 15:22 - 2014-10-16 10:45 - 00000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2017-04-06 21:19 - 2015-09-06 15:31 - 00001616 _____ C:\Users\*****\Desktop\Musik Shops.txt
2017-04-06 20:54 - 2015-11-08 22:32 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-06 20:54 - 2015-10-30 20:35 - 00777804 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-06 20:54 - 2015-10-30 20:35 - 00156080 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-06 17:26 - 2017-01-21 22:15 - 00000000 ____D C:\Users\*****\AppData\Roaming\PioneerLog
2017-04-06 17:11 - 2014-10-16 10:47 - 00000000 ___RD C:\Users\*****\Dropbox
2017-04-06 13:10 - 2014-07-07 13:05 - 00000936 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1002Core.job
2017-04-06 12:02 - 2014-11-08 20:26 - 00000000 ____D C:\Users\*****\Desktop\WDR
2017-04-06 10:21 - 2015-10-28 23:58 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1005Core.job
2017-04-06 09:28 - 2013-06-04 02:52 - 00000000 ____D C:\ProgramData\WinClon
2017-04-06 09:25 - 2015-11-08 22:34 - 00000000 __SHD C:\Users\*****\IntelGraphicsProfiles
2017-04-05 23:01 - 2015-05-13 20:20 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-05 21:40 - 2014-10-15 20:14 - 00000000 ____D C:\Users\*****\AppData\Roaming\Mp3tag
2017-04-05 20:42 - 2017-02-15 22:26 - 00000000 ___SD C:\Users\*****\LANDR Bounces
2017-04-03 20:29 - 2015-08-27 21:57 - 00000000 ____D C:\Users\*****\Desktop\Neue Alben
2017-03-31 16:39 - 2016-04-12 18:32 - 00000000 ____D C:\Users\*****\Desktop\Jakarta Records
2017-03-30 14:35 - 2015-01-01 17:44 - 00000000 ____D C:\Users\*****\Desktop\Tickets & Quittungen
2017-03-30 12:48 - 2015-02-08 22:32 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2017-03-22 14:58 - 2014-09-22 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-22 14:57 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2017-03-21 10:04 - 2013-06-04 01:53 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-20 21:35 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-03-19 12:59 - 2015-06-27 13:00 - 00006879 _____ C:\Users\*****\Desktop\Downloads.txt
2017-03-18 14:56 - 2015-04-03 16:48 - 00000000 ____D C:\Users\*****\Desktop\Abhöre
2017-03-17 17:24 - 2015-10-28 23:58 - 00000000 ____D C:\Users\*****\AppData\Local\Dropbox
2017-03-17 13:46 - 2014-01-23 18:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-17 13:45 - 2014-01-23 18:52 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-17 13:44 - 2014-08-27 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-17 13:44 - 2014-08-27 11:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-17 13:44 - 2014-08-27 11:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-16 19:18 - 2016-01-03 21:10 - 00000000 ____D C:\Users\*****\AppData\Roaming\AccurateRip
2017-03-16 15:18 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-14 20:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-14 20:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-14 20:48 - 2014-09-22 22:06 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-10 06:42 - 2015-10-30 09:26 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 06:42 - 2015-10-30 09:26 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-08 19:26 - 2016-10-11 09:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-08 13:47 - 2014-09-22 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-22 20:23 - 2014-09-22 20:23 - 0000000 _____ () C:\Users\*****\AppData\Roaming\AbsoluteReminder.xml
2016-06-08 16:48 - 2016-06-08 16:48 - 0001522 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2017-03-15 11:18 - 2017-04-07 17:51 - 0010486 _____ () C:\ProgramData\Coinstaller.log
2015-12-05 14:04 - 2015-12-05 14:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-06-04 02:56 - 2013-02-19 09:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-06-04 02:56 - 2013-01-12 16:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-30 14:40

==================== Ende von FRST.txt ============================

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von ***** (07-04-2017 18:08:33)
Gestartet von C:\Users\*****\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-05 12:14:10)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-680370811-642922712-648177064-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-680370811-642922712-648177064-503 - Limited - Disabled)
Gast (S-1-5-21-680370811-642922712-648177064-501 - Limited - Disabled)
***** (S-1-5-21-680370811-642922712-648177064-1005 - Administrator - Enabled) => C:\Users\*****

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ableton Live 9 Trial (HKLM-x32\...\{611B40BC-7070-4946-BCC1-5AADF140DC04}) (Version: 9.0.0.0 - Ableton)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Amazon Amazon Music) (Version: 5.0.4.1562 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 5.0.4.1562 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Amazon Amazon Music) (Version: 5.0.4.1562 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{9043E92C-183C-7633-0237-96CE00F5C909}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.172 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
ChromecastApp (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Dropbox) (Version: 22.4.24 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 22.4.24 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dropbox) (Version: 22.4.24 - Dropbox, Inc.)
DSL Soforthilfe (HKLM-x32\...\DSL Soforthilfe) (Version: 1.1.0.51 - Telefónica Germany GmbH & Co. OHG)
ELAN Touchpad driver X64 15.7.9.2_WHQL (HKLM\...\Elantech) (Version: 15.7.9.2 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.19695 - Landesfinanzdirektion Thüringen)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Evernote v. 6.5.4 (HKLM-x32\...\{D47E7D82-0D98-11E7-A6D6-005056951CAD}) (Version: 6.5.4.4720 - Evernote Corp.)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
f.lux (HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Flux) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{87d45b7e-19da-4dd5-9214-5e0d587c312f}) (Version: 15.6.1 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{40320F22-7D70-49DB-9D66-B6FAE5F36B47}) (Version: 1.0.32.0 - Condusiv Technologies)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kentucky Route Zero (HKLM\...\Steam App 231200) (Version:  - Cardboard Computer)
LANDR (HKLM-x32\...\{948e168c-6622-44e2-9a3e-046a147156bc}) (Version: 1.5.1.0 - LANDR Audio)
LANDR (x32 Version: 1.5.1.0 - LANDR Audio) Hidden
LibreOffice 5.2.4.2 (HKLM-x32\...\{70E9A143-18EB-4FAB-B020-E3854B12202C}) (Version: 5.2.4.2 - The Document Foundation)
Livestream Producer (HKLM-x32\...\{D7CA2C8B-6A7C-4D50-B8BD-7FE28868C3E7}) (Version: 1.0.13 - Livestream)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 de)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
Mp3tag v2.78 (HKLM-x32\...\Mp3tag) (Version: v2.78 - Florian Heidenreich)
o2 Surfstick (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.6 - OBS Project)
OEM Application Profile (HKLM-x32\...\{EE55B368-EBDF-98F3-CFE7-7CE4ADBC4553}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 2.0.0.21 - RSUPPORT)
Pioneer CDJXDJ Driver (HKLM-x32\...\Pioneer CDJXDJ) (Version: 1.500.000.000 - Pioneer DJ Corporation.)
Pioneer MIX 64bit Driver (HKLM\...\Pioneer MIX) (Version: 4.3.0.0020 - Pioneer DJ Corporation.)
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Pulse Secure (Version: 5.1.60331 - Pulse Secure, LLC) Hidden
Pulse Secure 5.1 (HKLM-x32\...\Pulse Secure 5.1) (Version: 5.1.60331 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Juniper_Setup_Client) (Version: 8.1.4.60331 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Juniper_Setup_Client) (Version: 8.1.4.60331 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Juniper_Setup_Client) (Version: 8.1.4.60331 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.1.0.3 - Samsung Electronics CO., LTD.)
rekordbox 4.3.0 64bit (HKLM\...\Pioneer rekordbox 4.3.0) (Version: 4.3.0.0020 - Pioneer DJ)
S Agent (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Samsung Update (HKLM-x32\...\{0BC4AC38-E7C5-4394-A6BD-32CDCE2C8B9D}) (Version: 2.2.36 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.25.0 - SAMSUNG Electronics Co., Ltd.)
Serato DJ  (HKLM-x32\...\{752e27a0-7ce7-48a1-8579-a9e1bfd7b4f0}) (Version: 1.9.1.4046 - )
Serato DJ  (x32 Version: 1.9.1.4046 - Serato) Hidden
SideSync (HKLM-x32\...\{59687468-8CE9-4ABF-9C6A-5C31F0E09F8B}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-680370811-642922712-648177064-1005\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)
Spotify (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)
Spotify (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.4700 - DTS, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{FFE05956-090B-4413-A158-B0CFF0682259}) (Version: 6.1.6.0 - Husdawg, LLC)
Tomahawk (HKLM-x32\...\Tomahawk) (Version: 0.8.4 - Tomahawk-player.org)
Unity Web Player (HKU\S-1-5-21-680370811-642922712-648177064-1005\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
User Guide (HKLM-x32\...\{491C3106-0333-4CC0-8085-7F82065FBFA4}) (Version: 1.3.00 - Samsung Electronics CO., LTD.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Essentials Pack (HKLM-x32\...\Winamp Essentials Pack) (Version: v5.58 - Christoph Grether)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wisdom-soft AutoScreenRecorder 3.1 Free (HKLM-x32\...\Wisdom-soft AutoScreenRecorder 3.1 Free) (Version:  - Wisdom Software Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-680370811-642922712-648177064-1005_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09EE975B-6109-4777-8F56-162EE42FB31A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1005Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {144F991F-932B-49F9-BB9D-A4B938ACBA68} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {27BBDC66-C96A-4B26-B757-49B14EBC517C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-08-28] (Realtek Semiconductor)
Task: {30E131EE-2E03-45DC-B962-450076A11EC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-13] (Google Inc.)
Task: {32E585D9-CB35-498A-8EFC-2E2E658241F6} - System32\Tasks\{3F1DAE92-97A5-457B-98B1-403FFC84C462} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.21.0.104&amp;LastError=404
Task: {47F435FA-EAA8-43F9-92EF-EE3F4A34800A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {530F2EBB-2FB2-4C94-80F9-4074BE11DED1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {54177C0D-5862-4304-B987-1AD7AF6A9623} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe 
Task: {5B5FA4A8-FF47-49CF-BD03-7E3ABA7DE9F8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5B95929C-2D53-4652-86FB-B8664276011B} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2016-02-24] (Samsung Electronics Co., Ltd.)
Task: {626471A4-9E6A-40B4-BDF1-8082117E2BAB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {657C683B-C354-4995-9FAD-E6A63231B58F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1005UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-19] (Google Inc.)
Task: {76BE747F-16DA-4E8D-A06E-605EAE78880D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {82A501BD-5965-49DC-81D7-0AA63532893F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated)
Task: {85400368-1794-463E-8258-2D1EDF6DD61B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-13] (Google Inc.)
Task: {8FAA6FA3-1DA8-41FE-8174-62E71208A013} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2015-06-19] (Samsung Electronics CO., LTD.)
Task: {A1033642-680C-4E50-A5BB-B74CE1F5E71A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1005UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {A482930A-3BC5-4675-9EA0-D18648D77705} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {AA4103FC-7A78-416D-94B7-162F62D0A8FE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1002Core => C:\Users\kiosk\AppData\Local\Facebook\Update\FacebookUpdate.exe 
Task: {ACC3DACB-BCF1-4751-880D-2CE72ACEFC92} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2016-07-05] (SEC)
Task: {AF9A16E2-9B2A-4E0E-B009-CBEEE3597583} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B134A9E6-1863-4F8F-BF72-35F1BB85092B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1002UA => C:\Users\kiosk\AppData\Local\Facebook\Update\FacebookUpdate.exe 
Task: {B2625808-A19A-425F-B615-08861CC24AA8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {B65A0B99-E485-43A7-92C1-A9A06EA4709F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C7C0511F-011F-463B-833B-F02A6FD95970} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {CFEA2F61-DFEE-4320-90EC-2ECA1389BB99} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DBDC6064-F9F8-459E-A392-7A99FA3EE93F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {DBEEC956-843B-445B-A0C1-2158B77BDBAC} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2010-06-01] ()
Task: {E87C45A2-B475-409B-A795-7D6C1554605B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {E9891AB9-29D9-4C1A-8868-00A890E9DDF9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EE688FA0-ACCF-4C19-84C2-4CEC2E2312F7} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F64C4AE0-863E-4870-9E8F-1297322E8FAA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-17] (Microsoft Corporation)
Task: {F6E9B348-A3AC-4B52-AFBC-59E8DBFC88B7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {FA846DA5-F2CC-4876-8ADC-0939126BF150} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1005Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-19] (Google Inc.)
Task: {FC311588-D2C8-419F-9117-027969650628} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FDF75EFA-569A-4ECA-B93E-19F17C1BC762} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1005Core.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1005UA.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1002Core.job => C:\Users\kiosk\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-680370811-642922712-648177064-1002UA.job => C:\Users\kiosk\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-10-05 19:17 - 2016-10-05 19:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2016-12-06 09:17 - 2016-10-25 11:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-06 09:17 - 2016-10-25 11:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-18 09:22 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 22:52 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-12-06 09:20 - 2016-10-25 09:01 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-12-06 09:17 - 2016-10-25 06:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-12-06 09:17 - 2016-10-25 06:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-06 09:17 - 2016-10-25 06:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-12-06 09:17 - 2016-10-25 06:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-19 08:30 - 2016-04-19 08:30 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2017-03-14 12:33 - 2017-03-14 12:33 - 03879424 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-06-19 15:55 - 2015-06-19 15:55 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 01272128 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 00111936 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsAPI.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 00111936 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2017-03-20 11:57 - 2017-03-20 11:57 - 00321208 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2016-04-19 08:30 - 2016-04-19 08:30 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 08:30 - 2016-04-19 08:30 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2017-03-20 11:57 - 2017-03-20 11:57 - 00148664 _____ () C:\Program Files (x86)\Evernote\Evernote\zlibwapi.dll
2017-03-20 11:57 - 2017-03-20 11:57 - 26137272 _____ () C:\Program Files (x86)\Evernote\Evernote\libcef.dll
2017-03-20 11:57 - 2017-03-20 11:57 - 00212664 _____ () C:\Program Files (x86)\Evernote\Evernote\websockets.dll
2017-03-20 11:10 - 2017-03-20 11:10 - 00740352 _____ () C:\Program Files (x86)\Evernote\Evernote\libglesv2.dll
2017-03-20 11:10 - 2017-03-20 11:10 - 00130048 _____ () C:\Program Files (x86)\Evernote\Evernote\libegl.dll
2017-03-25 05:23 - 2017-03-21 20:06 - 00842560 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2015-12-13 04:04 - 2017-02-28 22:49 - 00035792 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-13 04:04 - 2017-02-28 22:49 - 00100296 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-13 04:04 - 2017-02-28 22:49 - 00018888 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-13 04:04 - 2017-03-21 20:10 - 00019776 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-03-25 05:23 - 2017-03-21 20:09 - 00020824 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 04:04 - 2017-02-28 22:50 - 00123856 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-13 04:04 - 2017-02-28 22:49 - 00694224 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-03-25 05:23 - 2017-03-21 20:09 - 01729360 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-03-25 05:23 - 2017-03-21 20:09 - 00020816 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-03-25 05:23 - 2017-02-28 22:49 - 00145864 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-03-25 05:23 - 2017-02-28 22:50 - 00019408 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-03-25 05:23 - 2017-02-28 22:49 - 00116688 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-13 04:04 - 2017-02-28 22:52 - 00105928 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-06 04:09 - 2017-03-21 20:10 - 00022864 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-03-25 05:23 - 2017-03-21 20:09 - 00060736 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-03-25 05:23 - 2017-03-21 20:09 - 00038712 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00024528 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-03-25 05:23 - 2017-02-28 22:49 - 00392656 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-03-25 05:23 - 2017-02-28 22:52 - 00020936 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00116176 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-13 04:04 - 2017-03-21 20:10 - 00392512 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00124880 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-06 04:09 - 2017-03-21 20:10 - 00026456 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00024016 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00175560 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00030160 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00043472 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00048592 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00057808 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00024016 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-03-25 05:23 - 2017-03-21 20:09 - 00246608 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-03-25 05:23 - 2017-03-21 20:09 - 00027488 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-06 04:09 - 2017-02-28 22:51 - 00241104 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-03-25 05:23 - 2017-03-21 20:09 - 00022336 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-13 04:04 - 2017-03-21 20:10 - 00025432 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00028616 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 01826104 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-13 04:04 - 2017-02-28 22:50 - 00083912 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\sip.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 01972024 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 03928896 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 00531264 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-02-28 14:23 - 2017-03-21 20:10 - 00053072 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 00133432 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 00224064 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 00207680 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-01-20 22:23 - 2017-03-21 20:10 - 00022864 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 11:06 - 2017-03-21 20:10 - 00069968 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-01-20 22:23 - 2017-03-21 20:10 - 00022872 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-20 22:23 - 2017-03-21 20:10 - 00021848 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-20 22:23 - 2017-03-21 20:10 - 00022872 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00349128 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 00103232 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2016-02-20 18:11 - 2017-03-21 20:10 - 00023896 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-03-25 05:23 - 2017-03-21 20:09 - 00025936 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-03-25 05:23 - 2017-02-28 22:47 - 00036296 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\librsync.dll
2017-03-25 05:23 - 2017-03-21 20:09 - 00033112 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-03-25 05:23 - 2017-03-11 01:17 - 00293392 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-03-25 05:23 - 2017-03-21 20:09 - 00084288 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-07-09 12:05 - 2017-03-21 20:10 - 00030536 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2017-03-25 05:23 - 2017-02-28 22:56 - 00017864 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-03-25 05:23 - 2017-02-28 22:56 - 01631184 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-03-25 05:23 - 2017-03-21 20:10 - 00042816 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 00171336 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 00357688 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-12-13 04:04 - 2017-02-28 22:52 - 00060880 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-06 04:09 - 2017-03-21 20:10 - 00026456 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-25 05:23 - 2017-03-21 20:10 - 00546104 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2010-05-25 10:40 - 2010-05-25 10:40 - 00016896 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wav.dll
2005-09-14 21:08 - 2005-09-14 21:08 - 00031232 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wav.trb
2009-04-28 22:20 - 2009-04-28 22:20 - 00084480 _____ () C:\Program Files (x86)\Winamp\Plugins\read_file.dll
2010-06-01 17:29 - 2010-06-01 17:29 - 00224768 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wv.dll
2013-12-13 04:47 - 2013-12-13 04:47 - 00333824 _____ () C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
2010-06-25 22:03 - 2010-06-25 22:03 - 00077312 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_find_on_disk.dll
2010-06-17 18:59 - 2010-06-17 18:59 - 00084992 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_skinmanager.dll
2010-04-07 12:31 - 2010-04-07 12:31 - 00036864 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_undo.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-680370811-642922712-648177064-1005\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "CancelAutoPlay_df"
HKLM\...\StartupApproved\Run32: => "CheckNDISPortF0acA7"
HKLM\...\StartupApproved\Run32: => "DSL Soforthilfe"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-680370811-642922712-648177064-1005\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-680370811-642922712-648177064-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E8557183-47FC-4D7D-96E8-0F2BFCA250FC}] => (Block) C:\users\*****\downloads\broforce_windows_2015_november_17\windows\broforce_beta.exe
FirewallRules: [{64A5660C-048F-4325-98CC-356EAECB60C0}] => (Block) C:\users\*****\downloads\broforce_windows_2015_november_17\windows\broforce_beta.exe
FirewallRules: [UDP Query User{09656955-470D-44C4-8D05-42ACDFCC237D}C:\users\*****\downloads\broforce_windows_2015_november_17\windows\broforce_beta.exe] => (Allow) C:\users\*****\downloads\broforce_windows_2015_november_17\windows\broforce_beta.exe
FirewallRules: [TCP Query User{17F057EF-4F27-45AC-86AD-F0A85B9F7EF4}C:\users\*****\downloads\broforce_windows_2015_november_17\windows\broforce_beta.exe] => (Allow) C:\users\*****\downloads\broforce_windows_2015_november_17\windows\broforce_beta.exe
FirewallRules: [UDP Query User{4B0BE795-39C7-4EA6-BCCF-479C4A67E1D2}C:\program files (x86)\steam\steamapps\common\rainbow six vegas\binaries\r6vegas_launcher.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rainbow six vegas\binaries\r6vegas_launcher.exe
FirewallRules: [TCP Query User{D6D1EA87-2DFA-4155-A32A-6528956980BA}C:\program files (x86)\steam\steamapps\common\rainbow six vegas\binaries\r6vegas_launcher.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rainbow six vegas\binaries\r6vegas_launcher.exe
FirewallRules: [{85557EB1-C0A4-4BFC-8472-F37877C3A56E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas\Binaries\runme.exe
FirewallRules: [{1AA9E9B7-F83D-4A71-A1EF-D25C7F7C327E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas\Binaries\runme.exe
FirewallRules: [{F71BE0FF-4D4D-4152-AEE5-F222186E9ACF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{683087AA-90F3-411A-896B-FD2F1FFB7798}] => (Allow) LPort=1900
FirewallRules: [{8CE191E3-A8AE-4CEC-A8F9-2E8E0B1EDAD9}] => (Allow) LPort=2869
FirewallRules: [{2AD55660-0050-467B-B2B1-4A4A61AAEB1D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5275BAF6-CD64-4E96-94BF-F6CC2E4EC21D}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{F2040106-887C-47B9-B968-A370EFD1BB76}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{9D61094E-ED39-4A82-8338-40C5C4D3411E}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [TCP Query User{B3B6D94E-1612-440C-B1AD-203C5D91D1EA}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{47914F57-3365-4185-B864-209C1D863A9F}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [{67329E70-1C8B-4B5B-88FF-B59C21CF3D95}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A94BFD88-1A38-4F47-8165-C68468B4BF27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67B23FA4-C433-4E9D-9DA0-7634583F52F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DA40C1DB-10B2-470C-BA83-4A8A6823E5EE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E6B328AC-A306-4527-941E-8B576ECE19C1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{21FD4A13-1299-43CD-8562-087988B461ED}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{AE7EEEDA-6D34-42A3-B3F0-5D92964FA080}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{615B7EA6-FDE5-41B6-BFE7-03915413ABDF}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{80081036-A4DC-4C1D-BEA9-48A2A7526CE6}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{11101408-5229-4E90-B86A-24E8D874F91A}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{6D018BED-C824-426D-9D22-4EDDEEEB2F40}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{997D201D-4A4D-4903-9071-59AA0EA6DD5A}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{445DE35E-4A96-4F67-8F21-1AA6D6A37F70}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{334E7DC0-6420-4BC0-867C-5981912BC8C0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{DB26A79E-1AE3-4125-B8FA-9C4760C6DC33}C:\users\*****\downloads\broforce_beta_windows_2014_december_18\windows\broforce_beta.exe] => (Allow) C:\users\*****\downloads\broforce_beta_windows_2014_december_18\windows\broforce_beta.exe
FirewallRules: [UDP Query User{499CE17C-F2A0-487E-B78F-DFE874C63693}C:\users\*****\downloads\broforce_beta_windows_2014_december_18\windows\broforce_beta.exe] => (Allow) C:\users\*****\downloads\broforce_beta_windows_2014_december_18\windows\broforce_beta.exe
FirewallRules: [{FE6E2A20-CC5D-4934-8A51-C8311342F2E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FF566D8F-D0D5-4C80-B96C-E375F0979334}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3653484A-4B9F-4EB5-B156-0EA8F71E8D3C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B87DE84E-4350-4327-BF9C-0334BC26CBD6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8A78F6C7-2EB4-4276-BE20-D0106CC5B6E4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{68D97DA4-4C62-460F-85F5-12AA5941526E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{6AECDB0F-724C-4BEE-9EEC-F321698BA642}C:\users\*****\downloads\broforce_beta_windows_2015_march_12\windows\broforce_beta.exe] => (Allow) C:\users\*****\downloads\broforce_beta_windows_2015_march_12\windows\broforce_beta.exe
FirewallRules: [UDP Query User{2392465B-23EF-410C-A0B7-A00314E81E68}C:\users\*****\downloads\broforce_beta_windows_2015_march_12\windows\broforce_beta.exe] => (Allow) C:\users\*****\downloads\broforce_beta_windows_2015_march_12\windows\broforce_beta.exe
FirewallRules: [{132D1E6E-0485-483B-8D45-601445401DCD}] => (Allow) C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe
FirewallRules: [{1B64EADD-0F51-48DC-9585-4A8C268633A9}] => (Allow) C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe
FirewallRules: [TCP Query User{5104351D-A295-444A-BDD8-410E603EA7F2}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4E1A61B2-AF39-4C5D-8D4B-C7635D959BFF}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{1C027A8C-D72D-4900-8E6F-6656F6A02E62}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{5F488F6F-AA2B-44EE-9060-F8258FE8FDD2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{91F4CC67-D2E3-4EB8-A3C6-9C972114A45B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DC315BA3-E388-47C2-A7D8-DC0F0EAAC5DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5C990297-98A8-4D55-A333-5AA0E5EF80D2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{81B12B6F-9483-40D0-B68C-F5CD6E285905}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{8627AFAB-5FB8-419A-9AEA-400C60D2A9F3}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{E14B0A79-E832-440B-80FF-6834ABC8B75C}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{CD7AE0A2-54E5-4C2C-83E8-47164140BC28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{530012D2-5C10-4C53-A932-B26720DC7D89}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81D51175-7CD0-400D-96A0-DAEA85229A86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LISA\JOYFUL\Game.exe
FirewallRules: [{A21B162C-9763-4480-BC4C-6405F041E350}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LISA\JOYFUL\Game.exe
FirewallRules: [TCP Query User{0759A45C-5069-4FB3-B21A-C90A2006BCA6}C:\program files (x86)\tomahawk\tomahawk.exe] => (Allow) C:\program files (x86)\tomahawk\tomahawk.exe
FirewallRules: [UDP Query User{337C6954-A082-4F21-9674-2A171E788700}C:\program files (x86)\tomahawk\tomahawk.exe] => (Allow) C:\program files (x86)\tomahawk\tomahawk.exe
FirewallRules: [TCP Query User{A80EE07E-2F9B-473B-A072-BDDF43646885}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{9524BFE7-48C1-4B8E-84F2-AFEC214DA960}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B6000533-5C40-4E28-8E6B-C0F36F11DD48}C:\users\*****\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\*****\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{DC1F7B42-A40E-4B11-818E-F7ED78314448}C:\users\*****\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\*****\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{ADCA5ED5-DBE2-400B-80EE-C3FCE7F85337}] => (Block) C:\users\*****\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{6EFA1D01-0415-4F7F-8734-6E1D18A025A0}] => (Block) C:\users\*****\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [TCP Query User{30619189-E96F-4404-8229-83082BD153C3}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{3EBBAE9D-95E2-4ABD-A88E-8C01C8F04A81}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{766363C5-E1AB-4E0B-BFB6-AEE9173871EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KentuckyRouteZero\KentuckyRouteZero.exe
FirewallRules: [{C2123AA9-4534-4116-9DAA-0F11599767DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KentuckyRouteZero\KentuckyRouteZero.exe
FirewallRules: [{1DACA5DA-DC2C-4BFD-B2D6-1EF20BB1CC80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{31F65E20-3D94-49F5-9DE3-7EB7E02F1A7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{48A49328-CD70-41A0-9E13-4A4A76EE0BDA}C:\program files\pioneer\rekordbox 4.2.5\psvnfsd.exe] => (Allow) C:\program files\pioneer\rekordbox 4.2.5\psvnfsd.exe
FirewallRules: [UDP Query User{8A2BBF30-12FB-4894-B4AB-3563EB2704FD}C:\program files\pioneer\rekordbox 4.2.5\psvnfsd.exe] => (Allow) C:\program files\pioneer\rekordbox 4.2.5\psvnfsd.exe
FirewallRules: [TCP Query User{27C339D4-4CED-44ED-8955-746DC0DA7BD1}C:\program files\pioneer\rekordbox 4.2.5\psvlinksysmgr.exe] => (Allow) C:\program files\pioneer\rekordbox 4.2.5\psvlinksysmgr.exe
FirewallRules: [UDP Query User{01425E94-59B5-47D9-B7E9-E856AB4380BE}C:\program files\pioneer\rekordbox 4.2.5\psvlinksysmgr.exe] => (Allow) C:\program files\pioneer\rekordbox 4.2.5\psvlinksysmgr.exe
FirewallRules: [TCP Query User{18670B38-665E-4AAF-B575-C60326933202}C:\program files\pioneer\rekordbox 4.2.5\rekordbox.exe] => (Allow) C:\program files\pioneer\rekordbox 4.2.5\rekordbox.exe
FirewallRules: [UDP Query User{B85F0B9F-375A-40E4-BEF4-1E9664158FF2}C:\program files\pioneer\rekordbox 4.2.5\rekordbox.exe] => (Allow) C:\program files\pioneer\rekordbox 4.2.5\rekordbox.exe
FirewallRules: [{D704F513-4BCD-4F4D-9271-B798D51EA363}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{A7E1DF20-0B87-48D0-B55F-58E115AD8F20}C:\program files\pioneer\rekordbox 4.3.0\psvnfsd.exe] => (Allow) C:\program files\pioneer\rekordbox 4.3.0\psvnfsd.exe
FirewallRules: [UDP Query User{0DB043C3-0DE4-4D88-AA7F-02C3CBC12531}C:\program files\pioneer\rekordbox 4.3.0\psvnfsd.exe] => (Allow) C:\program files\pioneer\rekordbox 4.3.0\psvnfsd.exe
FirewallRules: [TCP Query User{4295AD05-CD47-4C87-AE24-3588686C82D4}C:\program files\pioneer\rekordbox 4.3.0\psvlinksysmgr.exe] => (Allow) C:\program files\pioneer\rekordbox 4.3.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{F8C446B4-D10B-4E61-8E15-02B55AC4FE66}C:\program files\pioneer\rekordbox 4.3.0\psvlinksysmgr.exe] => (Allow) C:\program files\pioneer\rekordbox 4.3.0\psvlinksysmgr.exe
FirewallRules: [TCP Query User{C3A3701F-355C-4E1E-A7D9-3B59AA5CB08C}C:\program files\pioneer\rekordbox 4.3.0\rekordbox.exe] => (Allow) C:\program files\pioneer\rekordbox 4.3.0\rekordbox.exe
FirewallRules: [UDP Query User{9B3F315A-632F-4DC9-8D4B-0B405DF5686B}C:\program files\pioneer\rekordbox 4.3.0\rekordbox.exe] => (Allow) C:\program files\pioneer\rekordbox 4.3.0\rekordbox.exe
FirewallRules: [{9B7EC849-9716-446E-A388-694A4FDE0B3B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/07/2017 06:03:15 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-680370811-642922712-648177064-1005}/">.

Error: (04/07/2017 05:54:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/07/2017 05:43:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NP730U3E-X04DE)
Description: Bei der Aktivierung der App „Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/07/2017 04:25:39 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: Der geplante Wiederherstellungspunkt konnte nicht erstellt werden. Zusätzliche Informationen: (0x8004231f).

Error: (04/07/2017 04:25:39 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x8004231f).

Error: (04/07/2017 04:25:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/07/2017 04:24:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (04/07/2017 03:55:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NP730U3E-X04DE)
Description: Bei der Aktivierung der App „Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/07/2017 03:18:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NP730U3E-X04DE)
Description: Bei der Aktivierung der App „Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/07/2017 03:18:31 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed


Systemfehler:
=============
Error: (04/07/2017 06:03:19 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (04/07/2017 05:55:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070005 fehlgeschlagen: Kumulatives Update für Windows 10 Version 1511 für x64-basierte Systeme (KB4013198)

Error: (04/07/2017 03:27:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x87af000d fehlgeschlagen: Microsoft People

Error: (04/07/2017 03:21:33 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/07/2017 03:18:56 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2" zum Namen "NP730U3E-X04DE" auf Transport "NetBT_Tcpip_{739BAFAD-F725-464B-B239-CFCC34AB7A50}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (04/06/2017 08:56:26 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/06/2017 07:36:00 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (04/06/2017 06:52:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070070 fehlgeschlagen: Kumulatives Update für Windows 10 Version 1511 für x64-basierte Systeme (KB4013198)

Error: (04/06/2017 03:20:11 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/06/2017 09:28:47 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-03-18 12:26:34.502
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-23 08:44:16.021
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-19 14:34:34.880
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-12 13:26:59.659
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-12 03:06:50.651
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-11 23:29:53.423
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-17 07:15:06.800
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-16 12:15:06.345
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-15 08:52:13.271
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-06 19:26:25.636
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 72%
Installierter physikalischer RAM: 3980.51 MB
Verfügbarer physikalischer RAM: 1083.4 MB
Summe virtueller Speicher: 5789.79 MB
Verfügbarer virtueller Speicher: 1285.76 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:212.82 GB) (Free:0.92 GB) NTFS
Drive d: () (Removable) (Total:14.73 GB) (Free:14.73 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 1933A963)

Partition: GPT.

========================================================
Disk: 1 (Size: 14.7 GB) (Disk ID: 8F2DAC46)
Partition 1: (Not Active) - (Size=14.7 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

Windows 10: USB-Stick Ordner als Verknüpfungen

Plagegeister aller Art und deren Bekämpfung: Windows 10: USB-Stick Ordner als Verknüpfungen

Windows 10: USB-Stick Ordner als Verknüpfungen

Ähnliche Themen: Windows 10: USB-Stick Ordner als Verknüpfungen