| LaraMary | 16.06.2016 10:11 |
Hier die frischen FRST Logs: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-06-2016
durchgeführt von Becky (Administrator) auf CLARKY (15-06-2016 18:14:48)
Gestartet von C:\Users\Becky\Desktop
Geladene Profile: Becky (Verfügbare Profile: Becky & fbwuser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Spotify Ltd) C:\Users\Becky\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Schomäcker GmbH) C:\Program Files (x86)\Q-Pilot Client\GUI\QPilot-Client-GUI.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Dropbox, Inc.) C:\Users\Becky\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Schomäcker GmbH) C:\Program Files (x86)\Q-Pilot Client\Service\QPilot-Client-Service.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hydra.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-02-27] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-13] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336 2010-09-20] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-03-18] (Sony Corporation)
HKLM-x32\...\Run: [QPilotClientGUI] => C:\Program Files (x86)\Q-Pilot Client\GUI\QPilot-Client-GUI.exe [18442752 2010-04-21] (Schomäcker GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2014-11-19] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1682194932-64252910-1022618409-1000\...\Run: [Spotify Web Helper] => C:\Users\Becky\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2016-04-14] (Spotify Ltd)
HKU\S-1-5-21-1682194932-64252910-1022618409-1000\...\Run: [Dropbox Update] => C:\Users\Becky\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-03-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B438F399-9079-4956-93E6-A2B6C2677C77}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-1682194932-64252910-1022618409-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1682194932-64252910-1022618409-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1682194932-64252910-1022618409-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1682194932-64252910-1022618409-1000 -> {AED9C3F9-278C-4B18-B116-D0960A556A3D} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-04-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll => Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-04-12] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-1682194932-64252910-1022618409-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\qb19cxrt.default
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-03-18] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-31] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-12-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1682194932-64252910-1022618409-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-07] ()
FF SearchPlugin: C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\qb19cxrt.default\searchplugins\englische-ergebnisse.xml [2013-08-26]
FF SearchPlugin: C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\qb19cxrt.default\searchplugins\gmx-suche.xml [2013-08-26]
FF SearchPlugin: C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\qb19cxrt.default\searchplugins\lastminute.xml [2013-08-26]
FF SearchPlugin: C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\qb19cxrt.default\searchplugins\webde-suche.xml [2014-06-05]
FF Extension: WOT - C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\qb19cxrt.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: NoScript - C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\qb19cxrt.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: WEB.DE MailCheck - C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\qb19cxrt.default\Extensions\mailcheck@web.de [2016-03-16]
FF Extension: Adblock Plus - C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\qb19cxrt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
Chrome:
=======
CHR Profile: C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-31]
CHR Extension: (Google Drive) - C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-31]
CHR Extension: (YouTube) - C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-31]
CHR Extension: (Google Tabellen) - C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-31]
CHR Extension: (Google Docs Offline) - C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-31]
CHR Extension: (Google Mail) - C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-31]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009264 2016-05-17] (Microsoft Corporation)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2747008 2016-05-05] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103176 2016-05-05] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 QPilotClientService; C:\Program Files (x86)\Q-Pilot Client\Service\QPilot-Client-Service.exe [10706432 2010-04-21] (Schomäcker GmbH) [Datei ist nicht signiert]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [Datei ist nicht signiert]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-02-15] (Sony Corporation) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-11-02] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-15] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-08-05] (Windows (R) 2003 DDK 3790 provider)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
S1 prodrv04; \SystemRoot\System32\drivers\prodrv04.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-13 10:16 - 2016-06-14 08:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-10 19:33 - 2016-06-10 19:33 - 00064069 _____ C:\Users\Becky\Desktop\FRST 2.txt
2016-06-10 19:10 - 2016-06-15 18:13 - 00000000 ____D C:\Users\Becky\Desktop\FRST-OlderVersion
2016-06-09 21:31 - 2016-06-09 21:31 - 00002459 _____ C:\Users\Becky\Desktop\AdwCleaner[C1].txt
2016-06-09 21:26 - 2016-06-09 21:26 - 00000000 ____D C:\Users\Becky\AppData\Local\CrashRpt
2016-06-09 21:14 - 2016-06-09 21:14 - 00024393 _____ C:\Users\Becky\Desktop\JRT.txt
2016-06-09 20:36 - 2016-06-09 20:36 - 01610816 _____ (Malwarebytes) C:\Users\Becky\Desktop\JRT.exe
2016-06-09 20:34 - 2016-06-09 21:25 - 00000000 ____D C:\AdwCleaner
2016-06-09 20:34 - 2016-06-09 20:34 - 03677248 _____ C:\Users\Becky\Desktop\AdwCleaner_5.119.exe
2016-06-06 18:19 - 2016-06-06 19:20 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-06-06 18:16 - 2016-06-06 19:20 - 00000000 ____D C:\Users\Becky\Desktop\mbar
2016-06-06 18:15 - 2016-06-06 18:15 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Becky\Desktop\mbar-1.09.3.1001.exe
2016-06-04 20:18 - 2016-06-04 20:18 - 00000000 ____D C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-01 23:55 - 2016-06-01 23:55 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat
2016-06-01 20:17 - 2016-06-01 20:17 - 00001202 _____ C:\Users\Becky\Desktop\malware.txt
2016-06-01 19:34 - 2016-06-15 18:13 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-01 19:34 - 2016-06-06 18:17 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-01 19:34 - 2016-06-01 19:34 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-01 19:34 - 2016-06-01 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-01 19:34 - 2016-06-01 19:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-01 19:34 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-01 19:34 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-01 19:32 - 2016-06-01 19:32 - 22851472 _____ (Malwarebytes ) C:\Users\Becky\Desktop\mbam-setup-2.2.1.1043.exe
2016-06-01 19:25 - 2016-06-10 19:33 - 00054933 _____ C:\Users\Becky\Desktop\Addition.txt
2016-06-01 19:21 - 2016-06-15 18:17 - 00024190 _____ C:\Users\Becky\Desktop\FRST.txt
2016-06-01 19:21 - 2016-06-15 18:14 - 00000000 ____D C:\FRST
2016-06-01 19:21 - 2016-06-15 18:13 - 02385920 _____ (Farbar) C:\Users\Becky\Desktop\FRST64.exe
2016-05-31 18:34 - 2016-06-08 23:46 - 00002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-31 18:34 - 2016-06-08 23:46 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-31 18:33 - 2016-06-15 18:13 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-31 18:33 - 2016-06-15 10:32 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-31 18:33 - 2016-05-31 18:39 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-31 18:33 - 2016-05-31 18:39 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-31 18:27 - 2016-05-31 18:27 - 00987728 _____ (Google Inc.) C:\Users\Becky\Downloads\ChromeSetup.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-15 18:13 - 2015-06-21 18:38 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1682194932-64252910-1022618409-1000UA.job
2016-06-15 18:13 - 2012-11-12 15:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-15 10:47 - 2009-07-14 06:45 - 00022752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-15 10:47 - 2009-07-14 06:45 - 00022752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-15 10:37 - 2015-09-13 18:51 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-15 10:34 - 2014-01-05 20:56 - 00000000 ___RD C:\Users\Becky\Dropbox
2016-06-15 10:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-14 21:09 - 2015-06-21 18:38 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1682194932-64252910-1022618409-1000Core.job
2016-06-14 21:07 - 2011-10-09 12:31 - 00000000 ____D C:\Users\Becky\AppData\Local\CrashDumps
2016-06-14 08:57 - 2013-02-15 15:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-04 20:18 - 2014-01-05 20:50 - 00000000 ____D C:\Users\Becky\AppData\Roaming\Dropbox
2016-06-01 19:42 - 2013-12-16 20:02 - 00361984 ___SH C:\Users\Becky\Desktop\Thumbs.db
2016-06-01 09:43 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-31 18:34 - 2012-02-13 21:47 - 00000000 ____D C:\Users\Becky\AppData\Local\Google
2016-05-31 18:33 - 2012-02-13 21:47 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-31 18:22 - 2014-12-09 00:30 - 00000000 __SHD C:\Users\Becky\AppData\Local\EmieUserList
2016-05-31 18:22 - 2014-12-09 00:30 - 00000000 __SHD C:\Users\Becky\AppData\Local\EmieSiteList
2016-05-31 18:22 - 2014-12-09 00:30 - 00000000 __SHD C:\Users\Becky\AppData\Local\EmieBrowserModeList
2016-05-27 07:22 - 2013-12-07 17:46 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-27 07:20 - 2013-12-07 17:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-25 22:39 - 2015-04-06 19:51 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-25 22:39 - 2015-04-06 19:51 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-17 10:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-19 20:04 - 2013-12-19 20:04 - 0001536 _____ () C:\Users\Becky\AppData\Local\recently-used.xbel
2011-11-28 15:10 - 2011-11-28 15:10 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-03-17 06:45 - 2011-03-17 06:46 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-03-17 06:39 - 2011-03-17 06:39 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-03-17 06:42 - 2011-03-17 06:43 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-03-17 06:39 - 2011-03-17 06:42 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-03-17 06:43 - 2011-03-17 06:45 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Einige Dateien in TEMP:
====================
C:\Users\Becky\AppData\Local\Temp\avgnt.exe
C:\Users\Becky\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzjkpvb.dll
C:\Users\Becky\AppData\Local\Temp\libeay32.dll
C:\Users\Becky\AppData\Local\Temp\msvcr120.dll
C:\Users\Becky\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-08 19:11
==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-06-2016
durchgeführt von Becky (2016-06-15 18:18:08)
Gestartet von C:\Users\Becky\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-21 15:02:33)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1682194932-64252910-1022618409-500 - Administrator - Disabled)
Becky (S-1-5-21-1682194932-64252910-1022618409-1000 - Administrator - Enabled) => C:\Users\Becky
fbwuser (S-1-5-21-1682194932-64252910-1022618409-1003 - Limited - Disabled) => C:\Users\fbwuser
Gast (S-1-5-21-1682194932-64252910-1022618409-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1682194932-64252910-1022618409-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-PDF Maker Version 1.4.0 (Build 128) (HKLM-x32\...\7-PDF Maker_is1) (Version: 7-PDF Maker - Version 1.4.0 (Build 128) - 7-PDF, Germany - Thorsten Hodes)
Abenteuer auf dem Reiterhof (HKLM-x32\...\Abenteuer auf dem Reiterhof) (Version: - )
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.06073 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.06073 - Cisco Systems, Inc.) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DIE SIEDLER - Das Erbe der Könige (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-1682194932-64252910-1022618409-1000\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0.0.5 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{16880765-677F-440B-B16A-BFD9B9C00012}) (Version: 1.0.12 - Samsung)
ETDWare PS/2-X64 8.0.7.2_WHQL (HKLM\...\Elantech) (Version: 8.0.7.2 - ELAN Microelectronic Corp.)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.1 - SAMSUNG)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.1.320 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.1.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hotspot Shield 5.4.0 (HKLM-x32\...\HotspotShield) (Version: 5.4.0 - AnchorFree Inc.)
Hotspot Shield 5.4.0 Embedded (x32 Version: 5.4.0.9696 - Buildbot) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Mein Pferdehof 1.0 (HKLM-x32\...\Mein Pferdehof_is1) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4823.1004 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4823.1004 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1682194932-64252910-1022618409-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhoneShare (HKLM-x32\...\{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}) (Version: 9.1.4 - Samsung)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Q-Pilot Client 4.0.0.5727 (HKLM-x32\...\{870126DA-33D5-4DA8-BB6D-6E3A61969072}) (Version: 4.0.0.5727 - Schomäcker GmbH)
Q-Pilot: Konfiguration der Druck-Queues und -Treiber (HKLM-x32\...\HRZQPilotQueues) (Version: 0.51 - Uni Marburg, HRZ)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Reader for PC (HKLM-x32\...\{11CBB0F5-989E-4B16-AE7E-D569AC4BF241}) (Version: 2.0.02.15180 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6318 - Realtek Semiconductor Corp.)
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.0 - Samsung)
Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Secunia PSI (3.0.0.4001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.4001 - Secunia)
SISShortcut (HKLM-x32\...\{FDAE128F-A355-42B1-8422-1AF3ACEE34F4}) (Version: 1.00.000 - Samsung)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1682194932-64252910-1022618409-1000\...\Spotify) (Version: 1.0.15.133.gf21970bd - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.1300 - SRS Labs, Inc.)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.2.1 - Krzysztof Kowalczyk)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.10.5 - WildTangent)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wise Registry Cleaner 8.31 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.31 - WiseCleaner.com, Inc.)
WordCaptureX Pro (HKLM-x32\...\{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}) (Version: 4.0.0 - Deskperience)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1682194932-64252910-1022618409-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Becky\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {086B50B7-F64B-4EBD-8A1D-7264E0452975} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {123CB41D-331F-4864-92DB-9E68824DE585} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {1EC69F7A-058B-496A-B0EB-80C4FDD3D02C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {2B579F49-C71D-408F-B378-62F9A50B20D3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {3408DFB3-FE7E-49FB-B4B1-4FAA9BD9741B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1682194932-64252910-1022618409-1000UA => C:\Users\Becky\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {3949BDC8-6D4D-48CF-832C-85F20A83666F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {3B3CF448-3448-4676-9A7C-DECE7DE2E8DB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-04-12] (Microsoft Corporation)
Task: {406F6E60-5E49-4B30-80D3-8DCC0F058469} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {55348480-1B5F-4FED-BFD8-6CC90BDF3F02} - System32\Tasks\{06AEB603-5874-4A65-B784-561481E477B3} => pcalua.exe -a E:\PferdeHof.exe -d E:\
Task: {58B01C3D-7875-43AE-B5DC-FA1BA5787CC8} - System32\Tasks\{5E1083F3-6EFF-4A62-AD5F-196EC21C630C} => E:\PferdeHof.exe
Task: {63496C9D-CD55-4592-82F0-1D0FAA16A15B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {6E050F94-8B61-4CAA-8A66-607102F1B260} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {7393340B-1A82-49F0-9434-66AFA25610E0} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2011-01-04] (Samsung Electronics Co., Ltd.)
Task: {7B22453E-A81B-45C9-BFB3-D3881A6AAD91} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {7D61AD6D-7828-4036-9F15-C69CE4483086} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated)
Task: {867BA061-D132-4C05-B045-A4C02D010DAB} - System32\Tasks\{11312F69-5C95-4EE8-B0B2-02E831F0024B} => E:\PferdeHof.exe
Task: {86EC4423-A4C7-4179-84AE-D06A24412130} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {8F531D07-0BD6-4B7E-B278-D6441821F2D9} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-02-14] (SEC)
Task: {98AC1905-E13D-4BEF-84BA-503A450AF2EF} - System32\Tasks\{5E318E99-49D9-4853-AF53-4E9718E36D59} => E:\PferdeHof.exe
Task: {A23093A1-0567-46D8-BB9C-D1B5DCB4CEBF} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Control Panel\srspanel_64.exe [2011-02-24] (SRS Labs, Inc.)
Task: {B4B4A126-E7A6-4E2F-A5CA-A53A061F154A} - System32\Tasks\{0FCEDFEE-0DFE-4BC8-BCB0-7CDE684F0AA7} => pcalua.exe -a E:\DIRECTX\DX81NTger.exe -d E:\DIRECTX
Task: {B5C903C5-4457-4513-A0B5-FD6C3874FC8A} - System32\Tasks\{FAD41848-C3FA-482E-8E4A-D89F57760F66} => pcalua.exe -a E:\SetupLauncher.exe -d E:\
Task: {BA3A429A-A569-47D3-85BD-9B73ADD61C99} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1682194932-64252910-1022618409-1000
Task: {C070756D-0C00-4447-84B2-A4AC3DCF919A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1682194932-64252910-1022618409-1000Core => C:\Users\Becky\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {CCBA68C4-C1D8-460E-8D9E-7C73A2D6F0D0} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {D49520CB-B34E-4C13-8BC3-B69362F84532} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {D6E63239-0851-46FC-87A6-35EB0F6DB4B6} - System32\Tasks\{3FC3D30B-8DD1-4EF0-B2AA-016F736DFE6A} => E:\DIRECTX\DX81NTger.exe
Task: {DDE0DCA7-6825-4D87-9C72-F3DFF20C5F49} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-31] (Google Inc.)
Task: {DF748906-35E0-436F-9C55-7E86C24D083B} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {E166AA53-6392-42AC-B367-0A5FECB9B7BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-31] (Google Inc.)
Task: {E49ECE40-215B-444A-9F74-CB39293E14E8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1682194932-64252910-1022618409-1000Core.job => C:\Users\Becky\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1682194932-64252910-1022618409-1000UA.job => C:\Users\Becky\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-03-17 22:02 - 2008-06-05 01:53 - 00027648 _____ () C:\Windows\System32\spd__l.dll
2014-03-19 20:13 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-03-17 21:56 - 2010-12-17 03:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-03-17 06:42 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-03-17 22:02 - 2010-10-21 20:22 - 00709632 _____ () C:\Windows\system32\SnMinDrv.dll
2014-11-19 17:36 - 2014-11-19 17:36 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-05-05 23:33 - 2016-05-05 23:33 - 00166528 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-03-18 13:56 - 2013-03-18 13:56 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2013-02-15 12:17 - 2013-02-15 12:17 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2009-12-12 17:40 - 2009-12-12 17:40 - 00020480 _____ () C:\Program Files (x86)\Q-Pilot Client\Common\Java\bin\jetvm\jvm.dll
2009-12-12 17:40 - 2009-12-12 17:40 - 00069632 _____ () C:\Program Files (x86)\Q-Pilot Client\Common\Java\bin\java.dll
2010-03-10 19:21 - 2010-03-10 19:21 - 00126976 _____ () C:\Program Files (x86)\Q-Pilot Client\Common\Java\bin\zip.dll
2009-12-12 17:35 - 2009-12-12 17:35 - 00155648 _____ () C:\Program Files (x86)\Q-Pilot Client\Common\Java\jetrt\baseline700.dll
2015-12-13 21:27 - 2016-05-05 12:09 - 00034768 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-06-04 20:17 - 2016-05-05 12:10 - 00019408 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-06-04 20:17 - 2016-05-05 12:09 - 00116688 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-13 21:27 - 2016-05-05 12:09 - 00093640 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-13 21:27 - 2016-05-05 12:09 - 00018376 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-13 21:27 - 2016-05-31 20:34 - 00019760 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00105928 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-06-04 20:17 - 2016-05-05 12:09 - 00392144 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-13 21:27 - 2016-05-31 20:34 - 00381752 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-13 21:27 - 2016-05-05 12:09 - 00692688 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00020816 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 21:27 - 2016-05-05 12:10 - 00123856 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 01682760 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00020808 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-13 21:27 - 2016-05-31 20:34 - 00021840 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00038696 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-04 20:17 - 2016-05-05 12:11 - 00020936 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00024528 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00114640 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00124880 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-19 13:56 - 2016-05-31 20:34 - 00021832 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00175560 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00030160 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00043472 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00048592 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-19 13:56 - 2016-05-31 20:34 - 00023872 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-06-04 20:17 - 2016-05-05 12:09 - 00134088 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00026456 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00057808 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-06-04 20:17 - 2016-05-31 20:33 - 00246592 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00028616 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00052024 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-13 21:27 - 2016-05-05 12:09 - 00134608 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-06-04 20:17 - 2016-05-05 12:10 - 00240584 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-19 13:56 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 13:56 - 2016-05-31 20:34 - 00019776 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-19 13:56 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00020280 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-13 21:27 - 2016-05-31 20:34 - 00023376 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00350152 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-19 13:56 - 2016-05-31 20:34 - 00022352 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00024392 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-06-04 20:17 - 2016-05-05 12:12 - 00036296 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\librsync.dll
2016-06-04 20:17 - 2016-05-31 20:34 - 00084280 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-06-04 20:17 - 2016-05-31 20:34 - 01826096 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-13 21:27 - 2016-05-05 12:10 - 00083912 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\sip.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 03928880 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 01971504 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00531248 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00132912 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00223544 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00207672 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-13 21:27 - 2016-05-05 12:11 - 00060880 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\win32print.pyd
2015-12-13 21:27 - 2016-05-31 20:34 - 00024904 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00546096 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-06-04 20:17 - 2016-05-31 20:34 - 00357680 _____ () C:\Users\Becky\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2011-03-17 06:47 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2011-03-17 06:55 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2011-03-17 06:49 - 2010-07-05 12:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2016-05-12 21:20 - 2016-05-12 21:20 - 19427520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2013-02-12 12:40 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1682194932-64252910-1022618409-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Becky^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Becky^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{F5F510E4-1761-4370-8867-9614F81ED87F}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe
FirewallRules: [{BD57BAD0-8C92-438E-B78B-A47E30387998}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{296E054E-B47E-4B54-B626-9757ED5A5EBB}] => (Allow) C:\Windows\System32\SUPDSvc.exe
FirewallRules: [{42F121F9-2930-4C5D-916E-71EBFE003987}] => (Allow) C:\Windows\System32\SUPDSvc.exe
FirewallRules: [{52CE0699-E4D3-4564-AA13-843A18874941}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{0F72199A-230E-4CBC-9527-1CEB01D1DFAE}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{6F46C3E5-2F3C-48DC-93A3-D52A97237EDA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{0B8ED4A4-53C8-46D5-83AA-076758F0A5C3}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{5951AF8D-D492-4929-9759-7B974D112D9B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{37E92ECC-D32B-49C4-8DC8-6EFCFAF115E8}] => (Allow) LPort=2869
FirewallRules: [{9B85C56A-540B-4418-B390-377F0D6C7A80}] => (Allow) LPort=1900
FirewallRules: [{30D25976-4B2B-472F-8BD3-494F1510AF06}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4FD7E7C5-D859-493F-9476-28F17C30A61B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{1FD1A700-2E10-4E0E-ABA2-BF8492839141}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe
FirewallRules: [{23E3BF04-2A35-43FA-AC31-EDCA9460E48B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe
FirewallRules: [TCP Query User{C7978EC6-3030-4F0E-9B6E-AA074A35E977}E:\ttn.exe] => (Allow) E:\ttn.exe
FirewallRules: [UDP Query User{0C1961B3-0AF7-400B-9984-59B3BACF1181}E:\ttn.exe] => (Allow) E:\ttn.exe
FirewallRules: [{A7B0D576-1172-48B9-8716-47638B735A1D}] => (Allow) C:\Users\Becky\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{BD50AA3F-EEA8-4823-B081-8BE265647930}] => (Allow) C:\Users\Becky\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DB1A5B13-2EE2-4157-84E9-3C27CA8BDFA1}] => (Allow) C:\Users\Becky\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A35638BE-00AD-4045-B278-7F8006E5E1E8}C:\users\becky\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\becky\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{CC52A98D-6001-4817-B61F-17C4EEA106DD}C:\users\becky\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\becky\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8BFFE9AB-094C-42F9-8335-9E2780F143B4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{68FF3E3F-CCF7-49ED-BB93-B95E8F9E37E6}C:\users\becky\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\becky\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{14EB07D4-6841-4685-81D4-BE63693DC411}C:\users\becky\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\becky\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FB15F897-0B9D-4C55-8480-D402BADB8902}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CA118179-F038-4745-8E85-1F42821FA8D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D595D318-E74A-4BE3-90FA-792DCEFF47D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63CDD852-E96C-42AF-8234-9EEDE5AE27E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{EA5FFA2D-2062-4851-A83A-C2518C562FD7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A318938C-2CF5-4C5B-B758-194FF264CD6A}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{F6812691-4654-4945-8833-2FB190E4B24E}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{7ABB02BA-A906-4B00-8AC6-5853DED4D726}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F8D4C6F-31A6-4EF5-8CA2-B6D737038F2B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6CACDEF0-622F-4C61-8938-642013233B78}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E01B0885-0522-4ECB-BB5E-3B919A41D547}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{31B73EA3-642B-457B-BD1D-8BD0ED5982D3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{E214F876-6997-4089-93C4-156108A892BE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{59F422A2-CBB0-4D9C-9CC3-3A9DB60D3015}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
09-06-2016 20:37:02 JRT Pre-Junkware Removal
14-06-2016 09:06:46 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/15/2016 10:44:21 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (06/14/2016 09:07:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_21_0_0_242.exe, Version: 21.0.0.242, Zeitstempel: 0x57310fb9
Name des fehlerhaften Moduls: FlashPlayerPlugin_21_0_0_242.exe, Version: 21.0.0.242, Zeitstempel: 0x57310fb9
Ausnahmecode: 0x40000015
Fehleroffset: 0x00017f40
ID des fehlerhaften Prozesses: 0x994
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_21_0_0_242.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_21_0_0_242.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_21_0_0_242.exe2
Berichtskennung: FlashPlayerPlugin_21_0_0_242.exe3
Error: (06/14/2016 09:09:15 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (06/13/2016 09:22:15 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (06/10/2016 07:15:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (06/09/2016 09:42:07 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (06/09/2016 11:17:35 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (06/08/2016 10:30:22 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (06/06/2016 06:15:04 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (06/06/2016 09:33:41 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Systemfehler:
=============
Error: (06/15/2016 10:34:21 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv04
Error: (06/15/2016 10:30:33 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv04.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/14/2016 08:59:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv04
Error: (06/14/2016 08:57:27 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv04.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/13/2016 09:12:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv04
Error: (06/13/2016 09:08:06 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv04.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/10/2016 11:44:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (06/10/2016 07:04:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv04
Error: (06/10/2016 07:02:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
CodeIntegrity:
===================================
Date: 2013-02-12 11:39:35.956
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-12 11:39:35.816
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 4009.55 MB
Verfügbarer physikalischer RAM: 2084.67 MB
Summe virtueller Speicher: 8017.28 MB
Verfügbarer virtueller Speicher: 4911.45 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111 GB) (Free:12.3 GB) NTFS
Drive d: () (Fixed) (Total:164.05 GB) (Free:159.56 GB) NTFS
Drive e: (SMALLVILLE_SEASON_6_DISC_3) (CDROM) (Total:7.21 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: C5D3BC32)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=164.1 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=22.9 GB) - (Type=27)
==================== Ende von Addition.txt ============================
|
Malwarebytes Anti-Malware 
SecurityCheck und: