Hallo Matthias,
also Probleme am Rechner oder auch bei Chrome kann ich so keine feststellen, es scheint alles ganz normal zu laufen.
Fixlog.txt : Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Tim (02-04-2017 12:35:37) Run:1
Gestartet von C:\Users\Tim\Desktop
Geladene Profile: Tim (Verfügbare Profile: Tim)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
Task: {2E5E6D7B-1C6D-47D2-8DA7-6B00A7554B53} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E5E6D7B-1C6D-47D2-8DA7-6B00A7554B53} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E5E6D7B-1C6D-47D2-8DA7-6B00A7554B53} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3302800213-1478103081-2195180353-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3302800213-1478103081-2195180353-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 831588 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62768057 B
Java, Flash, Steam htmlcache => 30904862 B
Windows/system/drivers => 10526518 B
Edge => 9728 B
Chrome => 935676225 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 23330 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 80814 B
NetworkService => 8308 B
Tim => 111985483 B
RecycleBin => 11977626982 B
EmptyTemp: => 12.2 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 12:36:26 ==== Hitman Log: Code:
Code:
HitmanPro 3.7.15.281
www.hitmanpro.com
Computer name . . . . : TIM-PC
Windows . . . . . . . : 10.0.0.14393.X64/4
User name . . . . . . : Tim-PC\Tim
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2017-04-02 12:42:28
Scan mode . . . . . . : Normal
Scan duration . . . . : 7m 4s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 2
Objects scanned . . . : 2.143.125
Files scanned . . . . : 54.637
Remnants scanned . . : 619.756 files / 1.468.732 keys
Suspicious files ____________________________________________________________
C:\Users\Tim\Desktop\FRST64.exe
Size . . . . . . . : 2.424.832 bytes
Age . . . . . . . : 7.9 days (2017-03-25 14:49:55)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 3A3DCD0D3C9C1FE10C45AF795DC9452DA192246BB67D896AB7F16151A53C1B5F
Needs elevation . : Yes
Fuzzy . . . . . . : 23.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
C:\Users\Tim\Downloads\FRST64.exe
Size . . . . . . . : 2.424.832 bytes
Age . . . . . . . : 7.9 days (2017-03-25 14:49:38)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 3A3DCD0D3C9C1FE10C45AF795DC9452DA192246BB67D896AB7F16151A53C1B5F
Needs elevation . : Yes
Fuzzy . . . . . . : 23.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
So ist leider etwas später geworden, aber hier nun der komplette ESET Log, dieses Mal ist die Untersuchung ganz durchgelaufen, es gab 6 Treffer. Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a6daf5b64f5c064ca70d351c95e0df90
# end=init
# utc_time=2017-04-02 10:50:29
# local_time=2017-04-02 12:50:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32925
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a6daf5b64f5c064ca70d351c95e0df90
# end=updated
# utc_time=2017-04-02 10:53:34
# local_time=2017-04-02 12:53:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a6daf5b64f5c064ca70d351c95e0df90
# engine=32925
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-04-02 12:14:33
# local_time=2017-04-02 02:14:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1313 16777213 100 100 5834 24065806 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 989989 22465886 0 0
# scanned=17969
# found=6
# cleaned=0
# scan_time=4857
sh=33B565A7F21965559962A8D8799BACB2A9AC0219 ft=1 fh=e2fe8d1fbe2d7ec8 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="B:\$RECYCLE.BIN\S-1-5-21-3302800213-1478103081-2195180353-1000\$R6R3GO9.exe"
sh=242C45D1ECFAB858101CD8D58007E9044A0FDB60 ft=1 fh=c665af6c060717dd vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="B:\$RECYCLE.BIN\S-1-5-21-3302800213-1478103081-2195180353-1000\$R6YBZHW.exe"
sh=3B5DC68E752A88DEB64C05F722086C5607ADD8CF ft=0 fh=0000000000000000 vn="Variante von Win32/Auslogics.C eventuell unerwünschte Anwendung" ac=I fn="B:\TIM-PC\Backup Set 2015-03-01 190011\Backup Files 2015-03-08 190011\Backup files 2.zip"
sh=25AFA0E0630593A712DDADB335D51CDD9CB4CE14 ft=0 fh=0000000000000000 vn="Variante von Win32/Auslogics.C eventuell unerwünschte Anwendung" ac=I fn="B:\TIM-PC\Backup Set 2015-07-19 190010\Backup Files 2015-07-19 190010\Backup files 10.zip"
sh=7658F5AEBCC98E1332F31373896CF1524650A773 ft=0 fh=0000000000000000 vn="Variante von Win32/Auslogics.C eventuell unerwünschte Anwendung" ac=I fn="B:\TIM-PC\Backup Set 2016-01-25 190041\Backup Files 2016-01-25 190041\Backup files 11.zip"
sh=4973371A210F3C04F9241D7A64D547C484009489 ft=0 fh=0000000000000000 vn="Variante von Win32/Auslogics.C eventuell unerwünschte Anwendung" ac=I fn="B:\TIM-PC\Backup Set 2016-03-06 205505\Backup Files 2016-03-06 205505\Backup files 8.zip"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a6daf5b64f5c064ca70d351c95e0df90
# end=init
# utc_time=2017-04-02 12:21:40
# local_time=2017-04-02 02:21:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 32925
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a6daf5b64f5c064ca70d351c95e0df90
# end=updated
# utc_time=2017-04-02 12:22:22
# local_time=2017-04-02 02:22:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a6daf5b64f5c064ca70d351c95e0df90
# engine=32925
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-04-02 03:39:28
# local_time=2017-04-02 05:39:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1313 16777213 100 100 18130 24078102 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1002285 22478182 0 0
# scanned=350758
# found=6
# cleaned=0
# scan_time=11826
sh=33B565A7F21965559962A8D8799BACB2A9AC0219 ft=1 fh=e2fe8d1fbe2d7ec8 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="B:\$RECYCLE.BIN\S-1-5-21-3302800213-1478103081-2195180353-1000\$R6R3GO9.exe"
sh=242C45D1ECFAB858101CD8D58007E9044A0FDB60 ft=1 fh=c665af6c060717dd vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="B:\$RECYCLE.BIN\S-1-5-21-3302800213-1478103081-2195180353-1000\$R6YBZHW.exe"
sh=3B5DC68E752A88DEB64C05F722086C5607ADD8CF ft=0 fh=0000000000000000 vn="Variante von Win32/Auslogics.C eventuell unerwünschte Anwendung" ac=I fn="B:\TIM-PC\Backup Set 2015-03-01 190011\Backup Files 2015-03-08 190011\Backup files 2.zip"
sh=25AFA0E0630593A712DDADB335D51CDD9CB4CE14 ft=0 fh=0000000000000000 vn="Variante von Win32/Auslogics.C eventuell unerwünschte Anwendung" ac=I fn="B:\TIM-PC\Backup Set 2015-07-19 190010\Backup Files 2015-07-19 190010\Backup files 10.zip"
sh=7658F5AEBCC98E1332F31373896CF1524650A773 ft=0 fh=0000000000000000 vn="Variante von Win32/Auslogics.C eventuell unerwünschte Anwendung" ac=I fn="B:\TIM-PC\Backup Set 2016-01-25 190041\Backup Files 2016-01-25 190041\Backup files 11.zip"
sh=4973371A210F3C04F9241D7A64D547C484009489 ft=0 fh=0000000000000000 vn="Variante von Win32/Auslogics.C eventuell unerwünschte Anwendung" ac=I fn="B:\TIM-PC\Backup Set 2016-03-06 205505\Backup Files 2016-03-06 205505\Backup files 8.zip" und schonmal die FRST Addition: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Tim (02-04-2017 20:53:32)
Gestartet von C:\Users\Tim\Desktop
Windows 10 Pro Version 1607 (X64) (2017-03-21 21:55:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3302800213-1478103081-2195180353-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3302800213-1478103081-2195180353-503 - Limited - Disabled)
Gast (S-1-5-21-3302800213-1478103081-2195180353-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3302800213-1478103081-2195180353-1002 - Limited - Enabled)
Tim (S-1-5-21-3302800213-1478103081-2195180353-1000 - Administrator - Enabled) => C:\Users\Tim
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{18BBF24A-6D04-4CA4-B6B4-1CF372162EEC}) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Avira Connect (HKLM-x32\...\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3302800213-1478103081-2195180353-1000\...\Dropbox) (Version: 2.10.29 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
FRITZ!Powerline (HKLM-x32\...\{CFBFDE2D-DABF-417D-B18C-8A9E2D6D9044}) (Version: 01.01.00 - AVM Berlin)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
K-Lite Codec Pack (64-bit) v4.5.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 4.5.0 - )
K-Lite Codec Pack 7.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
My Lockbox 3.3 (HKLM\...\My Lockbox_is1) (Version: 3.3 - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PDF24 Creator 8.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-XChange Editor (HKLM-x32\...\{87738bc6-bdf0-4e55-86b5-32ddece8f51d}) (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.11.1-r113407-release - Plays.tv, LLC)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.174 - Clarus, Inc.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link 1.8.0.1401171024 (HKLM\...\8474-7877-9059-0204) (Version: 1.8.0.1401171024 - Copyright 2013 SAMSUNG)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2529.2 - Hi-Rez Studios)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3302800213-1478103081-2195180353-1000\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
SteelSeries Engine 3.3.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.3.1 - SteelSeries ApS)
System Requirements Lab (HKLM-x32\...\{B35DBBD7-B42E-494A-8913-431A2E448131}) (Version: 6.1.1.0 - Husdawg, LLC)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XFast LAN v10.10 (HKLM\...\XFast LAN) (Version: 10.10 - cFos Software GmbH, Bonn)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.38 - ASRock Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3302800213-1478103081-2195180353-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302800213-1478103081-2195180353-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302800213-1478103081-2195180353-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302800213-1478103081-2195180353-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302800213-1478103081-2195180353-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302800213-1478103081-2195180353-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302800213-1478103081-2195180353-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302800213-1478103081-2195180353-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302800213-1478103081-2195180353-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {09E9678F-81BF-48BF-985B-D2EEFE59C902} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {0B86AB49-BF1D-4A8D-B051-EDC5B86CA88A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1793FDA7-01DD-418E-99A9-58C49B1C3C86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1B0FDC33-C4A4-4F9A-BF98-5DFBCDECE13B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {26C94725-30EA-4052-BD59-7479A854B9C9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3C30449E-9DD1-40D2-AAF5-DB645DDFE734} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {42A5049F-B465-4547-92A6-06BB60506FCC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {450E40D5-17CB-4776-9150-AF1FFD2BF682} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {4ADCAD64-2CAD-4EE4-A13E-E080326D30F3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6C6C1746-0CBA-439A-ABA9-56DAC68E5362} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {6E8F1F0E-D3D4-4485-AADF-37ED71190BA2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {7F6B332F-44E5-4E6F-9804-A526925724DC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {83384209-2EFF-4646-94AF-41419B025208} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {844F8A1A-39D5-4659-91BD-07A23D01DE90} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {901334BD-FFF4-4035-95C2-D8570EDCFB4F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {982A1CE0-D07E-4ABA-8724-A6399F727F93} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A5BF0FA2-C462-415F-96DD-8D14AE93834E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {AD1BC6CC-6743-475A-BDA3-8CB460173729} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {B5BD251F-9103-4C9D-BC9F-2CF6F169596E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {B6A064DA-EDD1-4AB1-8DE6-511E61E38D02} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {BCD1002D-7E37-4B42-8400-BDE068665F65} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {BFD2DA83-D0F5-4F6D-9DAE-BE521F6C696A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C44EC62C-F7B7-48DF-B0AE-50AEDF88E0D2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CA54EF86-35BF-4E26-8B23-AF0A8573CB4C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {CCD6E3DF-445C-4C35-B359-2A7CAFBC0F98} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-03-21] (Adobe Systems Incorporated)
Task: {CF56AE81-0787-493E-A000-45237B2B3867} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {E72FEDC6-AC5E-4A3F-A49E-AE04C2FA91DB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {EE76B68D-570E-44D8-9125-01136E5AB5EC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {F3EA8A28-B9C5-499C-804D-6F51665EC316} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FAA8CB04-00F9-4A95-9F6F-69C8F72A943E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Tim\Desktop\Microsoft\Windows\Start Menu\Programs\XFast LAN\www.cfos.de.lnk -> hxxp://www.cfos.de/de/?reg-9.05.2063-asroc
ShortcutWithArgument: C:\Users\Public\Desktop\1&1 Surf-Stick.lnk -> C:\Program Files (x86)\Hostless Modem\1&1 Surf-Stick\LaunchWebUI.exe () -> hxxp://surf.stick
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-22 01:48 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-15 19:24 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2017-04-01 17:54 - 2017-03-24 04:09 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-01 17:54 - 2017-03-24 04:10 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-01-01 19:46 - 2014-01-17 11:24 - 00013824 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2017-04-02 12:37 - 2017-04-02 12:37 - 00515584 _____ () C:\Windows\Temp\sqlite-3.7.2-sqlitejdbc.dll
2015-01-01 19:46 - 2014-01-17 11:24 - 01394176 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2015-01-01 19:46 - 2014-01-17 11:24 - 01435648 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 12:25 - 2013-12-21 12:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 12:26 - 2013-12-21 12:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2017-03-22 01:48 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-03-22 00:36 - 2017-03-22 00:36 - 00959168 _____ () C:\Users\Tim\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2014-12-18 16:10 - 2014-12-18 16:10 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2016-11-20 23:06 - 2016-11-20 23:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-22 01:48 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2015-01-01 19:46 - 2014-01-17 11:24 - 00048640 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-11-13 23:19 - 2014-11-13 23:19 - 17542656 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
2014-10-14 16:10 - 2014-10-14 16:10 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\x2api.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-12-15 20:23 - 2015-05-14 10:48 - 00468736 _____ () C:\Program Files (x86)\Hostless Modem\1&1 Surf-Stick\CheckNDISPort_df.exe
2016-12-15 20:23 - 2015-05-14 10:48 - 00447744 _____ () C:\Program Files (x86)\Hostless Modem\1&1 Surf-Stick\CancelAutoPlay_df.exe
2016-11-21 18:19 - 2016-11-21 18:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2017-03-22 00:56 - 2017-03-22 00:57 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-22 00:56 - 2017-03-22 00:57 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-22 00:56 - 2017-03-22 00:57 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-22 00:56 - 2017-03-22 00:56 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2017-03-22 00:58 - 2017-03-22 00:58 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-22 00:58 - 2017-03-22 00:58 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-22 00:58 - 2017-03-22 00:58 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-03-22 00:58 - 2017-03-22 00:58 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-22 00:58 - 2017-03-22 00:58 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-22 00:58 - 2017-03-22 00:58 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-20 23:33 - 2016-11-20 23:33 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-22 00:54 - 2017-03-22 00:55 - 03879424 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-03-22 01:48 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-22 01:48 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-22 01:48 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-22 01:48 - 2017-03-04 08:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-22 01:48 - 2017-03-04 08:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-22 01:48 - 2017-03-04 08:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2014-08-08 19:50 - 2014-08-08 19:50 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:08 - 2014-12-18 16:08 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-08-08 19:51 - 2014-08-08 19:51 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-08-08 19:51 - 2014-08-08 19:51 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-08-08 19:51 - 2014-08-08 19:51 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-08-08 19:52 - 2014-08-08 19:52 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-08-08 19:53 - 2014-08-08 19:53 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2013-12-11 17:46 - 2013-12-11 17:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 10:48 - 2013-10-22 10:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 17:38 - 2013-04-19 17:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 20:49 - 2013-10-25 20:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2017-03-22 00:30 - 2017-03-22 00:30 - 00679624 _____ () C:\Users\Tim\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\ClientTelemetry.dll
2017-04-02 12:38 - 2017-04-02 12:38 - 00098816 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32api.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00110080 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\pywintypes27.dll
2017-04-02 12:38 - 2017-04-02 12:38 - 00364544 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\pythoncom27.dll
2017-04-02 12:38 - 2017-04-02 12:38 - 00320512 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32com.shell.shell.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00914432 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\_hashlib.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 01176576 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\wx._core_.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00806400 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\wx._gdi_.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00816128 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\wx._windows_.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 01067008 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\wx._controls_.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00733184 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\wx._misc_.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00682496 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\pysqlite2._sqlite.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00088064 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\_ctypes.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00686080 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\unicodedata.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00119808 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32file.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00108544 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32security.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00007168 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\hashobjs_ext.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00017920 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\thumbnails_ext.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00088064 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\usb_ext.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00012800 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\common.time34.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00018432 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32event.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00167936 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32gui.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00046080 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\_socket.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 01303552 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\_ssl.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00128512 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\_elementtree.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00127488 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\pyexpat.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00038912 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32inet.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00036864 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\_psutil_windows.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00524248 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\windows._lib_cacheinvalidation.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00011264 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32crypt.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00123392 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\wx._wizard.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00077312 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\wx._html2.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00027648 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\_multiprocessing.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00020480 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\_yappi.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00035840 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32process.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00078848 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\wx._animate.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00024064 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32pipe.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00010240 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\select.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00025600 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32pdh.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00017408 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32profile.pyd
2017-04-02 12:38 - 2017-04-02 12:38 - 00022528 ____R () C:\Users\Tim\AppData\Local\Temp\_MEI90282\win32ts.pyd
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2017-02-09 08:22 - 2017-02-01 11:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-09 08:22 - 2017-02-01 11:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3302800213-1478103081-2195180353-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tim\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{3d63785d-6d46-4e13-98c2-00fa9fe58b36}.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
HKLM\...\StartupApproved\Run: => "Samsung Link"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKU\S-1-5-21-3302800213-1478103081-2195180353-1000\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
==================== Wiederherstellungspunkte =========================
22-03-2017 08:44:38 JRT Pre-Junkware Removal
30-03-2017 06:28:05 Windows Modules Installer
30-03-2017 06:28:49 Windows-Sicherung
02-04-2017 19:00:32 Windows-Sicherung
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/02/2017 07:25:19 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: Fehler beim Erstellen eines Verzeichnisses am Sicherungsspeicherort. (0x8078014B).
Error: (04/02/2017 07:25:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (04/02/2017 07:25:14 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: NT-AUTORITÄT)
Description: Fehler bei der um 2017-04-02T17:00:32.779419500Z gestarteten Sicherung. Fehlercode: "0x8078014b" (Fehler beim Erstellen eines Verzeichnisses am Sicherungsspeicherort.
). Suchen Sie in den Ereignisdetails nach einer Lösung, und führen Sie die Sicherung erneut aus, nachdem das Problem behoben wurde.
Error: (04/02/2017 07:24:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (04/02/2017 07:24:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (04/02/2017 07:23:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (04/02/2017 07:00:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (04/02/2017 07:00:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (04/02/2017 02:21:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tim\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (04/02/2017 02:21:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tim\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Systemfehler:
=============
Error: (04/02/2017 02:22:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (04/02/2017 02:22:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tim\AppData\Local\Temp\ehdrv.sys
Error: (04/02/2017 02:22:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (04/02/2017 02:22:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tim\AppData\Local\Temp\ehdrv.sys
Error: (04/02/2017 02:22:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (04/02/2017 02:22:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tim\AppData\Local\Temp\ehdrv.sys
Error: (04/02/2017 02:22:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (04/02/2017 02:22:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tim\AppData\Local\Temp\ehdrv.sys
Error: (04/02/2017 02:22:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (04/02/2017 02:22:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tim\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2017-03-31 06:47:11.995
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-03-31 06:47:11.981
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-03-31 06:47:11.957
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-03-31 06:47:11.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-03-31 06:47:11.881
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-03-31 06:47:11.825
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-03-31 06:47:10.447
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-03-31 06:47:09.594
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-03-31 06:37:39.103
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-03-31 06:37:39.089
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 8117.27 MB
Verfügbarer physikalischer RAM: 4050.2 MB
Summe virtueller Speicher: 16309.27 MB
Verfügbarer virtueller Speicher: 10299.06 MB
==================== Laufwerke ================================
Drive b: () (Fixed) (Total:3725.9 GB) (Free:831.16 GB) NTFS
Drive c: () (Fixed) (Total:930.97 GB) (Free:724.99 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 99D9A8ED)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================ |