Laptop/Rechner bootet und arbeitet langsam..

nabil21 · 10.09.2016, 20:50

Hallo,

ich bin wieder mal auf eure Hilfe angewiesen...

Mein Laptop und Rechner booten wieder extrem langsam und mir kommt es vor das Allgemein das System langsam arbeitet...

leider sind öfters mein jüngerer Bruder und Schwager an dem Rechner und Laptop und wer weiss was die das machen....

Ich hoffe ihr könnt mir wieder helfen mein Laptop/Rechner wieder auf Trapp zu kriegen ich bedanke mich für die Unterstützung.

Nabil21

M-K-D-B · 11.09.2016, 09:04

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zitat:

Zitat von nabil21

leider sind öfters mein jüngerer Bruder und Schwager an dem Rechner und Laptop und wer weiss was die das machen....

Sowas wäre für mich ein "No-Go"...

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

nabil21 · 11.09.2016, 18:40

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von NABIL (Administrator) auf NABIL-PC (11-09-2016 19:37:11)
Gestartet von C:\Users\NABIL\Downloads
Geladene Profile: NABIL (Verfügbare Profile: NABIL & asd & bazet & Gast & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Windows\KMS-R@1n.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10_64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDFCreate8\PdfCreate8Hook.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Valve Corporation) M:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\KMS-R@1nhook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1517088 2014-09-22] (ABBYY Production LLC.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe [3021528 2014-11-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance OmniPage Ultimate-reminder] => "C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage Ultimate\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDFCreate8\pdfcreate8hook.exe [1109016 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDFCreate8\RegistryController.exe [189976 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-07-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2013-08-08] (Gladinet, INC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2016-04-06]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2016-02-23]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{281f7690-3078-4910-b67d-7743d4eb2a9a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: ZeonIEEventHelper Class -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-225648569-1694930765-1264359465-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-30] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> m:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-30] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-03-18] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-225648569-1694930765-1264359465-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [nicht gefunden]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-22] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-01]

Chrome: 
=======
CHR Profile: C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-01]
CHR Extension: (Google-Suche) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\fancjlijdfajbmighlldmgmeobfmempn [2015-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Google Mail) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert]
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1145216 2015-05-19] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-27] (Digital Wave Ltd.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [30032 2013-08-08] (Gladinet, INC)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-02-11] () [Datei ist nicht signiert]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe [73200 2015-02-15] (SiSoftware) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 Start10; C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Datei ist nicht signiert]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [124168 2016-01-19] (Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-12-22] (Advanced Micro Devices)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-10] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [531424 2015-12-22] (Intel Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [74984 2016-07-28] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-08] (REALiX(tm))
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-14] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-22] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-04-30] ()
U4 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-11 19:37 - 2016-09-11 19:37 - 00032527 _____ C:\Users\NABIL\Downloads\FRST.txt
2016-09-11 19:37 - 2016-09-11 19:37 - 00000000 ____D C:\FRST
2016-09-11 19:36 - 2016-09-11 19:36 - 02397696 _____ (Farbar) C:\Users\NABIL\Downloads\FRST64.exe
2016-09-04 20:53 - 2016-09-04 20:53 - 00005208 _____ C:\Users\NABIL\Downloads\relink.to__Rampage_2009_German_DTS_DL_1080p_BluRay_x264_-_SoW_158023ecdb764581577579d64a4c06.dlc
2016-09-04 20:19 - 2016-09-04 20:19 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-09-04 20:19 - 2016-08-26 09:18 - 72520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 24414760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 24323312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 17377488 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 15202040 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 13122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 12988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 10534696 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06947183 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-09-04 20:19 - 2016-08-26 09:18 - 06374320 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05793528 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05593616 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05341352 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05293064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-09-04 20:19 - 2016-08-26 09:18 - 03299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03291320 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03134720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-09-04 20:19 - 2016-08-26 09:18 - 02825104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02776224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02706864 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02439048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02203752 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02073096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01920820 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01607136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01529144 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01422928 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01337648 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01186840 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01166160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01115144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01041744 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01001800 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00999856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00962136 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00864344 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00858200 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00854032 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00725944 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00571376 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00498648 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447184 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00438696 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00372744 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00179600 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00112496 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00005604 _____ C:\WINDOWS\system32\cxapo.lncs
2016-09-04 20:19 - 2016-08-26 09:18 - 00000736 _____ C:\WINDOWS\system32\cxapo.prop
2016-09-04 20:13 - 2016-04-11 13:38 - 02838232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-09-04 20:04 - 2016-09-04 20:08 - 348623152 _____ C:\Users\NABIL\Downloads\7917_PG448_Win10_TH_RS_Win8.1_Win8_Win7_WHQL.zip
2016-09-04 20:03 - 2016-09-04 20:03 - 01474568 _____ C:\Users\NABIL\Downloads\Realtek HD Audio Treiber inoffizielle WHQL Treiber - CHIP-Installer.exe
2016-09-04 20:02 - 2016-09-04 20:09 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\NABIL\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe
2016-08-21 20:23 - 2016-08-21 20:23 - 00000219 _____ C:\Users\NABIL\Desktop\Counter-Strike Global Offensive.url
2016-08-15 21:49 - 2016-08-15 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-14 20:54 - 2016-08-14 20:54 - 00110244 _____ C:\WINDOWS\Minidump\081416-17609-01.dmp
2016-08-14 17:29 - 2016-08-14 17:29 - 00000000 ____D C:\Program Files\ATI Technologies
2016-08-14 17:28 - 2016-09-04 20:20 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-12 01:07 - 2016-08-12 01:07 - 08892696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 08738920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 07115928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00479368 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00164280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00159088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00154920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 48819200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 38266368 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 32555512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 27489280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 26639360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 21641216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 15729152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 14320128 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08830456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08627704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 07076352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02376704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02286584 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02147328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 01837568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00883192 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00751616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00627192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00459776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00402944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00350208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00292352 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00287744 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00275968 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00270336 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00268792 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00249336 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00241152 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00234496 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00231424 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00222208 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00209408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00202744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00201728 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00181760 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00159736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00137208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00135168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00130560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00123896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00118784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00111616 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00083960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00079864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00069632 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00068608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00068096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00066560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00060920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00055800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-11 19:36 - 2015-07-26 23:01 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\TS3Client
2016-09-11 19:32 - 2013-10-25 18:03 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-11 19:16 - 2013-10-19 03:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-11 18:42 - 2015-08-27 14:42 - 00000911 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-11 18:42 - 2015-08-27 14:42 - 00000725 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-11 18:40 - 2013-10-08 21:23 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\vlc
2016-09-11 12:32 - 2013-10-25 18:03 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-11 10:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-10 14:30 - 2016-02-23 01:50 - 00000000 ____D C:\Users\NABIL\AppData\Local\gladinet
2016-09-10 14:28 - 2014-04-17 17:43 - 00000000 ____D C:\ProgramData\TEMP
2016-09-10 14:27 - 2016-01-03 17:42 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\Skype
2016-09-10 14:10 - 2016-02-21 13:31 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-10 14:10 - 2014-03-19 17:30 - 00000000 ____D C:\Users\NABIL\AppData\Local\JDownloader 2.0
2016-09-09 14:58 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-08 20:38 - 2015-11-08 01:18 - 00003978 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1446938337
2016-09-08 20:38 - 2015-11-08 01:18 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-08 20:38 - 2015-11-08 01:18 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-08 02:29 - 2016-01-27 18:45 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-09-04 20:27 - 2016-04-30 07:23 - 02089750 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-04 20:27 - 2016-02-13 18:59 - 00889234 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-04 20:27 - 2016-02-13 18:59 - 00197816 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-04 20:27 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-04 20:23 - 2013-11-12 22:14 - 00000000 ____D C:\ProgramData\AMD
2016-09-04 20:22 - 2014-11-08 04:57 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2016-09-04 20:21 - 2016-02-13 19:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-04 20:20 - 2016-04-30 07:22 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-04 20:20 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-09-04 20:20 - 2013-10-05 03:00 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-09-04 20:19 - 2016-04-30 07:22 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-09-04 19:59 - 2015-07-26 23:01 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-09-01 09:14 - 2016-06-17 22:09 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-01 03:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 03:00 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-31 16:00 - 2016-04-30 07:23 - 00000000 ____D C:\Users\NABIL
2016-08-24 14:11 - 2016-06-05 19:08 - 00000000 ____D C:\Users\NABIL\Desktop\absagen vom 05.06.16
2016-08-24 13:47 - 2013-11-06 21:41 - 00000000 ____D C:\Users\NABIL\AppData\Local\Packages
2016-08-24 00:26 - 2013-10-25 16:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-15 21:49 - 2015-11-10 09:46 - 00002009 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-08-15 21:49 - 2015-11-10 09:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-08-15 10:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-14 22:47 - 2013-10-07 15:17 - 00000000 ____D C:\Users\NABIL\AppData\Local\ElevatedDiagnostics
2016-08-14 20:54 - 2016-07-27 17:51 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-14 17:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-14 17:28 - 2016-04-30 07:22 - 00000000 ____D C:\Program Files\AMD
2016-08-14 17:28 - 2014-05-28 01:55 - 00000000 ____D C:\AMD
2016-08-12 01:07 - 2016-04-23 00:56 - 10995344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 10317568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 09340136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 09131736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 07258160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 01547544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 01273928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00183952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00152800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00137224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 26706432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-08-12 01:06 - 2016-04-23 00:56 - 01323008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 00521728 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-12 01:06 - 2016-04-23 00:56 - 00518656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-08-12 01:06 - 2016-04-23 00:56 - 00287232 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-15 18:56 - 2015-09-15 18:56 - 0000000 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-15 18:56 - 2015-09-15 18:56 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2015-03-01 04:43 - 2015-03-01 05:31 - 14848000 _____ () C:\Users\NABIL\AppData\Roaming\Sandra.mdb
2016-04-30 07:22 - 2016-04-30 07:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\asd\AppData\Local\Temp\proxy_vole2008580591415989544.dll
C:\Users\asd\AppData\Local\Temp\proxy_vole5313419656434273934.dll
C:\Users\asd\AppData\Local\Temp\proxy_vole6505369171543915562.dll
C:\Users\NABIL\AppData\Local\Temp\i4jdel0.exe
C:\Users\NABIL\AppData\Local\Temp\MSETUP4.EXE
C:\Users\NABIL\AppData\Local\Temp\proxy_vole5631846365696866387.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole571332217995924973.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole576922321117719755.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-09 20:18

==================== Ende von FRST.txt ============================

nabil21 · 11.09.2016, 18:41

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgefÃ¼hrt von NABIL (11-09-2016 19:37:51)
Gestartet von C:\Users\NABIL\Downloads
Windows 10 Pro Version 1511 (X64) (2016-04-30 05:33:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-225648569-1694930765-1264359465-500 - Administrator - Disabled)
asd (S-1-5-21-225648569-1694930765-1264359465-1004 - Administrator - Enabled) => C:\Users\asd
bazet (S-1-5-21-225648569-1694930765-1264359465-1008 - Administrator - Enabled) => C:\Users\bazet
DefaultAccount (S-1-5-21-225648569-1694930765-1264359465-503 - Limited - Disabled)
Gast (S-1-5-21-225648569-1694930765-1264359465-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-225648569-1694930765-1264359465-1002 - Limited - Enabled)
NABIL (S-1-5-21-225648569-1694930765-1264359465-1000 - Administrator - Enabled) => C:\Users\NABIL

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Disabled - Out of date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.426 - ABBYY Production LLC)
Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation)
AMD Catalyst Install Manager (HKLM\...\{14D58A97-B60E-A858-34D8-95469C02F7EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06 (HKLM-x32\...\Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06) (Version:  - )
Assassin's Creed Unity Gold Edition MULTi2 1.0 (HKLM-x32\...\Assassin's Creed Unity Gold Edition MULTi2 1.0) (Version:  - )
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
Batman: Arkham Cityâ„¢ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\GOGPACKBROKENSWORD5EP1EP2_is1) (Version: 2.0.0.2 - GOG.com)
Bully - Scholarship Edition (HKLM-x32\...\Bully - Scholarship Edition_is1) (Version:  - )
Call of Duty Black Ops III Version 1.0 (HKLM-x32\...\{322C0A98-947C-4EB4-A48B-C8C818B137C8}_is1) (Version: 1.0 - Activision Blizzard)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - â€*Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.1.8 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.8 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dead or Alive 5 Last Round Version 1.02A u1 (HKLM-x32\...\{344CBB83-6CB8-4B68-ACC0-56C41F292D5B}_is1) (Version: 1.02A u1 - Koei Tecmo)
Deponia The Complete Journey MULTi2 3.3.0155 (HKLM-x32\...\Deponia The Complete Journey MULTi2 3.3.0155) (Version:  - )
Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 13 MULTi2 v1.13.104.1220 (HKLM-x32\...\Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 13 MULTi2 v1.13.104.1220) (Version:  - )
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Emily Wants To Play (HKLM-x32\...\Emily Wants To Play_is1) (Version:  - )
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Epson Benutzerhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Useg) (Version:  - )
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-HandbÃ¼cher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Dailymotion Download (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.55.1127 - DVDVideoSoft Ltd.)
Free Driver Scout (HKLM-x32\...\{50a7e828-15d3-40e6-a37d-22d5c5357878}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
HarryPotter und der Stein der Weisen (HKLM-x32\...\HarryPotter und der Stein der Weisen1.1) (Version: 1.1 - TheRaven1)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)
Life is Strange Complete First Season Version 1.0.0.371598 (HKLM-x32\...\{D5DF0D21-62C1-46E0-BD21-4E3DAE94DA32}_is1) (Version: 1.0.0.371598 - Square Enix)
Malwarebytes Anti-Exploit version 1.8.1.2572 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2572 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
Metal Gear Solid 5 The Phantom Pain MULTI8 1.005 (HKLM-x32\...\Metal Gear Solid 5 The Phantom Pain MULTI8 1.005) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools fÃ¼r Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mortal Kombat X Premium Edition MULTi2 1.0 (HKLM-x32\...\Mortal Kombat X Premium Edition MULTi2 1.0) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst (HKLM-x32\...\Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst_is1) (Version:  - )
Nero 2014 (HKLM-x32\...\{A618CE26-1E36-4FA4-A1F4-D079DC6022B8}) (Version: 15.0.08500 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero Burning ROM 2014 (HKLM-x32\...\{A4DC74AA-F4DF-48B9-AA4B-C30CA0DBCA33}) (Version: 15.0.04600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nuance Cloud Connector (HKLM-x32\...\{128FBB62-9750-4C08-ABF9-47D73D9A3918}) (Version: 3.2.1084 - Nuance Communications, Inc.)
Nuance OmniPage Ultimate (HKLM-x32\...\{17223DA4-6B76-439E-BD49-5940FAD8AE19}) (Version: 19.16.0000 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM\...\{CB5B66BC-406C-4C1F-913D-A06E83C7CD81}) (Version: 8.20.6418 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM-x32\...\{CB5B66BC-406C-4C1F-913D-A06E83C7CD81}) (Version: 8.20.6418 - Nuance Communications, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 39.0.2256.71 (HKLM-x32\...\Opera 39.0.2256.71) (Version: 39.0.2256.71 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outils de vÃ©rification linguistique 2013 de Microsoft OfficeÂ*- FranÃ§ais (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.0 - Tracker Software Products Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Runaway - A Road Adventure (HKLM-x32\...\GOGPACKRUNAWAY_is1) (Version: 2.0.0.3 - GOG.com)
Saints Row IV Game of the Century Edition 1.0 (HKLM-x32\...\Saints Row IV Game of the Century Edition 1.0) (Version:  - )
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Create (x32 Version:  - ) Hidden
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Sherlock Holmes Crimes and Punishments German Subbed Edition 1.0 (HKLM-x32\...\Sherlock Holmes Crimes and Punishments German Subbed Edition 1.0) (Version:  - )
Sherlock Holmes: The Devil's Daughter (HKLM\...\Steam App 350640) (Version:  - Frogwares)
SiSoftware Sandra Lite 2015.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.27.2015.2 - SiSoftware)
Skypeâ„¢ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Hidden
South Park - The Stick of Truth Version 1.0.1353 (HKLM-x32\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
SSD Tweaker version 3.0.5 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.0.5 - Elpamsoft.com)
Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.0 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
Street Fighter V Deluxe Edition MULTi13 1.0 (HKLM-x32\...\Street Fighter V Deluxe Edition MULTi13 1.0) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Book of Unwritten Tales Collection Version 1.0 (HKLM-x32\...\{552EE0FA-C570-4283-9E79-358A95068DCA}_is1) (Version: 1.0 - Nordic Games)
The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02 (HKLM-x32\...\The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02) (Version:  - )
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version:  - )
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version:  - Microsoft)
Valiant Hearts: The Great War (HKLM-x32\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Vocalizer (HKLM-x32\...\{7F267540-71F7-4FC0-A39D-DD0206142814}) (Version: 19.16.0000 - Nuance Communications, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare MobileGo(Version 8.2.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.0 - Wondershare)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01955A10-3280-46FE-B295-16984CFF4AB3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0CE42A92-4C76-4FD1-83EE-B48021CBA13F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {163A17B5-F3DE-486E-9FD8-AE460A042434} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\XmasPromote.exe
Task: {1BDC3015-055B-4643-A612-B548F44B3168} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {1D6EAC2C-CCCC-48D3-A9B2-0BF073A859DD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1F55AC57-5BA5-4A77-8512-E48E7F663F7A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {1FA75676-E7D0-44FA-A6E4-D1CC7124E499} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2219BAF3-970C-442B-AA03-6D10302BA04F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {25E967C3-EA75-4CB8-9FCC-0AE64DE1D754} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {2776DC5D-B0AC-4588-AB90-45257F175B71} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {27B49083-4E57-43A3-8339-DF6843AB4125} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2F910DE1-C01D-4F91-9672-CA57A347D8A0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {30EE4FCD-E88C-4FFB-B957-A3D82F648A03} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {348F3260-4BAE-4743-A9D1-B023A55EE5E3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {37EEDB11-5C90-47E8-B40F-144D8F9FEA33} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {40FCA32E-2588-4671-A0E1-8E12C100365B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5113B6CC-4DE8-44AF-9599-C0219896EAB8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5B6CC23A-D5C6-4522-B4DF-D1F35D4DFA74} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {5EF0F301-E74A-461C-813D-D5298404EB44} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {6B05F11A-0FAA-459F-8398-5A68E112F578} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7499461B-5DC4-4C2A-8990-F17947981EE7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {781B7E50-8B6D-4764-8AFA-46E8C7417708} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {78C2FD3D-5725-47D8-9751-10D343A2894F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7AF61DD3-4CD4-4508-97E1-778984972570} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {7ED06AB3-3419-4D6E-9C9D-0856A9156FF4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7F34203D-7E5A-4698-9622-D093B9BBFA68} - System32\Tasks\{77584C26-73F5-4330-9F49-0396C6D171AE} => pcalua.exe -a C:\Users\NABIL\AppData\Roaming\key-find\UninstallManager.exe -c  -ptid=cvs
Task: {876EA98A-187D-4A26-8183-339326B7D990} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8775F958-4DC9-4F38-82B3-381C6FF519B6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-30] (Adobe Systems Incorporated)
Task: {96771FD7-B11F-43D3-B439-011C2B276961} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {97432494-44EB-4E0E-BAB5-1A73A165C1FE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {9CD4DDF6-33D0-4174-A137-9A84D7B4B263} - System32\Tasks\Opera scheduled Autoupdate 1446938337 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-05] (Opera Software)
Task: {A49341F1-6E31-4579-A298-5EEC4CBCDC01} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {A7F242A1-2D4C-49E1-A99B-BA4F6A5EE323} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {AC238CCC-371E-426B-9944-E423D0302CD1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {B27D50C5-906A-4AD6-BE29-AAD1BD3EB5D7} - System32\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {B6FB57AF-5104-4E12-9FD5-88D761B2AED5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {CF27364E-6CD6-49E3-BE7A-BDBBAE6AAF2D} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {D27BE5C6-A5F6-4031-ABA9-429A3E82A67F} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {D57EF4A8-1624-4244-814F-A2B2F632642C} - System32\Tasks\R@1n-KMS\Office15ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="b322da9c-a2e2-4058-9e4e-f59a6970bd69") call Activate]
Task: {DBCCFDB7-E380-42A4-82BA-B20BC69765B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F9DB0870-59E2-4373-90D5-AE97BB6D64C7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {FCB0CF30-3917-45CE-AA1D-466F4D9E1D17} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{00138945-9C65-4A60-B651-17E309D19196} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{92EF7091-E3AF-4879-84FE-EE26D1C3216F} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== VerknÃ¼pfungen =============================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)

Shortcut: C:\Users\NABIL\Desktop\Metal Gear Solid 5 The Phantom Pain TimeZone geÃ¤ndert.lnk -> M:\Program Files (x86)\Metal Gear Solid 5 The Phantom Pain\MGS TimeZone geÃ¤ndert.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-02-11 19:58 - 2016-02-11 19:58 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2012-09-11 17:27 - 2012-09-11 17:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-17 22:09 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-08-08 05:03 - 2013-08-08 05:03 - 00222544 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
2016-06-24 12:51 - 2016-06-24 12:51 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-12 23:54 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-12 23:54 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 23:55 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 23:54 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 23:54 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 23:54 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 23:54 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-08-25 17:48 - 2016-08-25 17:48 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-04-30 10:34 - 2016-04-30 10:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2014-02-28 11:14 - 2016-09-04 19:59 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-08-04 15:43 - 2016-09-04 19:59 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2016-09-04 19:59 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-08-04 15:46 - 2016-09-04 19:59 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:46 - 2016-09-04 19:59 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-02-11 19:58 - 2016-02-11 19:58 - 00004608 _____ () C:\WINDOWS\KMS-R@1nhook.exe
2016-02-11 19:58 - 2016-02-11 19:58 - 00003584 _____ () C:\WINDOWS\KMS-QADhook.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00293200 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\sqlite3.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00080208 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\zlib125.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00016720 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-11-08 01:54 - 2014-10-16 04:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-08-08 23:33 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-08 23:33 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-08 04:54 - 2013-08-08 04:54 - 00158032 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui_GER.dll
2013-08-08 04:57 - 2013-08-08 04:57 - 00252240 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSBr_nuance.dll
2016-04-30 10:34 - 2016-04-30 10:34 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-30 10:34 - 2016-04-30 10:34 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-06-17 23:16 - 2015-12-15 07:54 - 00782336 _____ () M:\Program Files (x86)\Steam\SDL2.dll
2015-03-01 23:03 - 2015-07-03 18:12 - 04962816 _____ () M:\Program Files (x86)\Steam\v8.dll
2014-06-17 23:16 - 2016-02-04 23:02 - 02546768 _____ () M:\Program Files (x86)\Steam\video.dll
2015-03-01 23:03 - 2015-07-03 18:12 - 01556992 _____ () M:\Program Files (x86)\Steam\icui18n.dll
2015-03-01 23:03 - 2015-07-03 18:12 - 01187840 _____ () M:\Program Files (x86)\Steam\icuuc.dll
2015-03-01 23:03 - 2015-09-24 02:33 - 02549248 _____ () M:\Program Files (x86)\Steam\libavcodec-56.dll
2015-03-01 23:03 - 2015-09-24 02:33 - 00491008 _____ () M:\Program Files (x86)\Steam\libavformat-56.dll
2015-03-01 23:03 - 2015-09-24 02:33 - 00332800 _____ () M:\Program Files (x86)\Steam\libavresample-2.dll
2015-03-01 23:03 - 2015-09-24 02:33 - 00442880 _____ () M:\Program Files (x86)\Steam\libavutil-54.dll
2015-03-01 23:03 - 2015-09-24 02:33 - 00485888 _____ () M:\Program Files (x86)\Steam\libswscale-3.dll
2014-06-17 23:16 - 2016-02-04 23:01 - 00802896 _____ () M:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-26 22:59 - 2015-12-30 03:51 - 00208896 _____ () M:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-06-17 23:16 - 2016-01-06 03:52 - 48387872 _____ () M:\Program Files (x86)\Steam\bin\libcef.dll
2015-03-01 23:03 - 2015-09-25 01:56 - 00119208 _____ () M:\Program Files (x86)\Steam\winh264.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\AcroTray.deu

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:A303874F [173]
AlternateDataStreams: C:\Users\NABIL\Downloads\amddriverdownloader.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\CrystalDiskInfo6_1_8-en.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\everesthome220.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\UseNeXTSetup_5.62.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\WebInstallerJD2_c.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7863 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2009-07-14 04:34 - 2016-08-15 21:49 - 00000064 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NABIL\Desktop\burj_khalifa_tower_dubai-wide.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{47907086-4A48-41BC-873D-7E04F85AAB97}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{821FAD4C-70A5-4958-87EF-5DB5A596892B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{93C5A410-107B-4CCE-AE3C-6D100F2FDAC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{672A3998-93DA-4F64-A4E3-257C81B3E635}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{278F36E3-E5E5-496D-9967-86C892CB0535}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{61F0B3D8-6E05-4631-B607-765D7888E1B3}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{DFE35632-8DAB-41EB-AA84-01F9977553B9}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{C76F638A-9504-42D7-A763-B3F7C7C77A4D}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{3FA6F97C-FD99-443D-B260-7E179B357C71}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{94D1B07C-EDAF-4C90-8CC3-5785A62BEC09}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{33FC0D78-00E7-4EE7-826F-357D76533C66}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{3191DBD4-99B4-4FA6-94B8-51273941163D}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{188F0954-4EC3-4399-83F6-EE0BF23AE077}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{4C434557-268B-4506-8795-E89E79BDC932}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{022D5197-F34E-469E-AF46-4EBF7D76F20B}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{C19E7C2E-71DE-4E7D-9003-455B4F7AF125}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{8F0D9833-8AF0-4F46-ACA3-C18E8E68626D}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{B2DF9200-F7FB-4ACE-ADFE-93A335FFDED7}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{9132CCF3-4021-44E6-BB4F-750D84997DCE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7C628337-5393-4F4D-8B3A-0FC8A0871292}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03C5A55C-FEDA-4462-B1A6-7A5125C08CD3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E126A09-ED1B-4853-9FD3-7F730C3A7720}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{654A073E-6ED1-4003-8F42-5F7EB86A0D98}M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{C978A76E-96DC-413F-8615-462A2C9BBABF}M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{B8231BBE-8C3E-434C-85CD-600F133918B2}C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C1B67484-1EFA-4BCE-BF47-57706EF1AA68}C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7EF7F052-A6A9-443E-9F38-54442346F206}M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe] => (Allow) M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [TCP Query User{0D6A2E0E-9E9B-4A8E-822F-36F70C8168E0}M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe] => (Allow) M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [UDP Query User{EEAE159A-8B3C-4675-87AE-3BD636F1750A}C:\program files (x86)\steamless counterstrikesource pack\hl2.exe] => (Block) C:\program files (x86)\steamless counterstrikesource pack\hl2.exe
FirewallRules: [TCP Query User{021BE0C6-E61D-4499-952C-FE8DB4E21874}C:\program files (x86)\steamless counterstrikesource pack\hl2.exe] => (Block) C:\program files (x86)\steamless counterstrikesource pack\hl2.exe
FirewallRules: [{A32FAF58-1412-4155-B798-F363DD50CC08}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{E303A31E-16CA-4844-8AE1-F60109DBA675}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [UDP Query User{600F0A67-9FF7-4CB5-9863-3DF6FF0C2D6B}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe
FirewallRules: [TCP Query User{4EA24165-101E-41CF-9C45-B4F69E5A3C74}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe
FirewallRules: [{50617DBB-D641-4217-B751-BD810DB7F119}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E3DF5FD2-B668-4E3E-9D3E-8E5BB0BF87BA}] => (Allow) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{89114CC2-34F0-4122-B301-61AA4319945F}] => (Allow) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2440C70A-7A6B-4B6D-A123-712FBD70A9CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6462BAA3-0284-4552-A8DE-589A37AC6BCE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9852CEB2-2423-4233-B583-35544D84D9A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2215C6AB-62FB-4EEB-8717-07E567C59244}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{51D35BE1-7AFF-4262-BE02-61BD921DF615}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0781B69A-4B35-473F-AB47-89CE6318ED73}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{47FD8685-D285-49CB-ABD0-0977F2F84DD8}M:\games\call of duty black ops iii\blackops3.exe] => (Allow) M:\games\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{20E12BCC-D3DD-4775-BE35-10FF60E010BB}M:\games\call of duty black ops iii\blackops3.exe] => (Allow) M:\games\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{978374A8-AD20-4359-BE77-A67D94DA9896}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{1C42E517-0CBF-4D71-8D85-969177EA4138}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{9558C53E-37FF-45E7-9A8B-1EC4C71880C3}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{0578CCF7-AE1D-4C9C-943C-C69726E231B2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{80785240-54DC-4A65-81ED-4E4E4935CBE0}M:\jdownloader\jre\bin\javaw.exe] => (Allow) M:\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{42847236-F025-4A30-B7B4-2AE9BF5DCCF1}M:\jdownloader\jre\bin\javaw.exe] => (Allow) M:\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1D8D5B98-EB69-4C6A-AC19-F712EFF883CC}M:\jdownloader\jre\bin\java.exe] => (Allow) M:\jdownloader\jre\bin\java.exe
FirewallRules: [UDP Query User{994936E9-37C4-47A0-BDEB-6A846D73F363}M:\jdownloader\jre\bin\java.exe] => (Allow) M:\jdownloader\jre\bin\java.exe
FirewallRules: [{BDBA1559-0767-4003-B9C0-F7E1807BB450}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{054F7E49-BAC3-46B6-B654-491B7FC98899}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{8F4C311D-D711-48C8-8940-A2C3CC194115}M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe] => (Allow) M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe
FirewallRules: [UDP Query User{15C82FC6-62AB-4904-B306-70AD69A9F8AD}M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe] => (Allow) M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe
FirewallRules: [{21FE5001-0179-4A7F-B498-5A4FC555CC78}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{39F833ED-D645-4DF5-83B4-831D54CC965E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{68B18BCB-3874-46A4-80DD-9699222566CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A816DD60-DD86-4EA0-B739-3C9B7863C439}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F6B58786-8162-49F8-A162-73C2A3240B33}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe
FirewallRules: [{911438D9-1E32-4989-84B7-DEB3B3280F77}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\RpcSandraSrv.exe
FirewallRules: [TCP Query User{2848611B-7895-4823-B6D6-EF1CB0A006B6}M:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) M:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{1A33A746-BD72-44D4-9EDC-C53D8F2E8C08}M:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) M:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{68E4D429-DBA5-4597-951D-CAF7117A56F2}] => (Allow) M:\Program Files (x86)\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{B263A842-E664-4611-B127-0E9041E80D1E}] => (Allow) M:\Program Files (x86)\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{C5DFAF2D-B544-4910-A68A-FC0155A1ACAF}M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{D9AE8798-8B04-4742-93CA-7AB2A9C5D39A}M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [{9EA90930-8669-4BCB-AE2C-B41D164F14E5}] => (Allow) M:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4380FC8-563B-472A-81A3-22FADE6734CA}] => (Allow) M:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A2E30EF8-99FA-4ABA-B833-741974D6BC05}] => (Allow) M:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B48BF075-2C5F-47F9-ACAF-2980D48ACE01}] => (Allow) M:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BAC03561-5F5C-4155-9946-6B82F61A6381}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4C4C228A-CE78-4F94-AB6A-9A37178B6087}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{994B3FD3-15BE-418D-AFEA-A70CBBEC89AE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{20526224-9C49-480F-803C-192E53CF7DCD}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{FD77485A-0F7F-4A3B-8533-96CD5272A824}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7A16777D-B0E9-46FE-888E-9F62CD0D5ECB}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [UDP Query User{C342B424-54BE-42BC-91AD-47F83EDEA9AC}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [{661DF73C-B241-477E-AA84-B087393EEA7F}] => (Allow) M:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{95BA97EC-4661-448D-8FDE-F28C87808F43}] => (Allow) M:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [TCP Query User{16AE10AB-38F4-486C-A014-611576649CED}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{E3E6A7A6-5CEA-406B-949D-09673533E769}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{CE4FA322-8732-4E69-A9FF-C35A1E697952}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C7266C32-357F-4EF1-A933-EE8B0E33FA21}] => (Allow) M:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A3A7A281-EA5E-4FF3-AC60-4833EC72D1C3}] => (Allow) M:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================

Systemfehler:
=============
Error: (09/10/2016 02:10:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_4bd80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/10/2016 02:10:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _4bd80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/10/2016 02:10:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_4bd80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/10/2016 02:10:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_4bd80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/04/2016 08:21:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten GerÃ¤ten verbunden.

Error: (09/04/2016 08:20:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_23df7a" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/04/2016 08:20:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_23df7a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/04/2016 08:12:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten GerÃ¤ten verbunden.

Error: (09/04/2016 08:11:10 PM) (Source: DCOM) (EventID: 10010) (User: NABIL-PC)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/04/2016 08:11:08 PM) (Source: DCOM) (EventID: 10010) (User: NABIL-PC)
Description: Der Server "Windows.Media.Capture.Internal.AppCaptureShell" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2016-09-05 13:28:14.266
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-05 13:28:14.231
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:49.628
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:49.567
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:48.833
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:47.220
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:37:16.112
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-01 22:18:12.390
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-01 03:01:06.472
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-01 01:48:21.019
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8111.46 MB
Verfügbarer physikalischer RAM: 4105.16 MB
Summe virtueller Speicher: 16303.46 MB
Verfügbarer virtueller Speicher: 10863.2 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:12.06 GB) NTFS
Drive e: (Emily Wants To Play) (CDROM) (Total:2.26 GB) (Free:0 GB) UDF
Drive f: (Adobe Acrobat XI) (CDROM) (Total:0.74 GB) (Free:0 GB) CDFS
Drive g: (OMNIPAGE ULTIMAT) (CDROM) (Total:3.05 GB) (Free:0 GB) CDFS
Drive h: (LifeIsStrange) (CDROM) (Total:8.72 GB) (Free:0 GB) UDF
Drive m: (Volume) (Fixed) (Total:1863.01 GB) (Free:1014.64 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4A40E047)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5AC0E83E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

M-K-D-B · 11.09.2016, 18:52

Du hast da mindestens eine illegale/gecrackte Software auf deinem Rechner:
Microsoft Office Professional Plus 2013

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter, wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

nabil21 · 11.09.2016, 19:08

Code:

ATTFilter

19:40:39.0721 0x4ae4  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
19:40:46.0003 0x4ae4  ============================================================
19:40:46.0003 0x4ae4  Current date / time: 2016/09/11 19:40:46.0003
19:40:46.0003 0x4ae4  SystemInfo:
19:40:46.0004 0x4ae4  
19:40:46.0004 0x4ae4  OS Version: 10.0.10586 ServicePack: 0.0
19:40:46.0004 0x4ae4  Product type: Workstation
19:40:46.0004 0x4ae4  ComputerName: NABIL-PC
19:40:46.0004 0x4ae4  UserName: NABIL
19:40:46.0004 0x4ae4  Windows directory: C:\WINDOWS
19:40:46.0004 0x4ae4  System windows directory: C:\WINDOWS
19:40:46.0004 0x4ae4  Running under WOW64
19:40:46.0004 0x4ae4  Processor architecture: Intel x64
19:40:46.0004 0x4ae4  Number of processors: 4
19:40:46.0004 0x4ae4  Page size: 0x1000
19:40:46.0004 0x4ae4  Boot type: Normal boot
19:40:46.0004 0x4ae4  CodeIntegrityOptions = 0x00000001
19:40:46.0004 0x4ae4  ============================================================
19:40:46.0083 0x4ae4  KLMD registered as C:\WINDOWS\system32\drivers\34425297.sys
19:40:46.0083 0x4ae4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 10586.545, osProperties = 0x19
19:40:46.0519 0x4ae4  System UUID: {C06ACB29-C246-51EA-CAC1-0DCCD3A4C04E}
19:40:46.0864 0x4ae4  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:40:46.0865 0x4ae4  Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:40:46.0867 0x4ae4  ============================================================
19:40:46.0867 0x4ae4  \Device\Harddisk0\DR0:
19:40:46.0867 0x4ae4  MBR partitions:
19:40:46.0867 0x4ae4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
19:40:46.0867 0x4ae4  \Device\Harddisk1\DR1:
19:40:46.0867 0x4ae4  MBR partitions:
19:40:46.0867 0x4ae4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:40:46.0867 0x4ae4  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDE80800
19:40:46.0867 0x4ae4  ============================================================
19:40:46.0868 0x4ae4  C: <-> \Device\Harddisk1\DR1\Partition2
19:40:46.0889 0x4ae4  M: <-> \Device\Harddisk0\DR0\Partition1
19:40:46.0890 0x4ae4  ============================================================
19:40:46.0890 0x4ae4  Initialize success
19:40:46.0890 0x4ae4  ============================================================
19:48:33.0185 0x0820  ============================================================
19:48:33.0185 0x0820  Scan started
19:48:33.0185 0x0820  Mode: Manual; SigCheck; TDLFS; 
19:48:33.0185 0x0820  ============================================================
19:48:33.0185 0x0820  KSN ping started
19:48:33.0239 0x0820  KSN ping finished: true
19:48:33.0971 0x0820  ================ Scan system memory ========================
19:48:33.0971 0x0820  System memory - ok
19:48:33.0972 0x0820  ================ Scan services =============================
19:48:33.0996 0x0820  1394ohci - ok
19:48:33.0999 0x0820  3ware - ok
19:48:34.0003 0x0820  [ 73C035299E3044636104CA7A7634A6AC, ED1D4904E2D1D1C72ED9697297AE1B64860098BA2F6F63F7A1426413007DF138 ] a2acc           C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
19:48:34.0106 0x0820  a2acc - ok
19:48:34.0208 0x0820  [ 1DF600AAA554D358108FF241A667112B, 9CD99BB0A22570B4AE62A0F66122457E57E10965552A8C6FD9C6E4090DAF150E ] a2AntiMalware   C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
19:48:34.0285 0x0820  a2AntiMalware - ok
19:48:34.0291 0x0820  [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA           C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
19:48:34.0300 0x0820  A2DDA - ok
19:48:34.0304 0x0820  [ 05936579605018BD2BC528FF2C1AD95F, 763C2E76F9078F6A74D5BCCB4DD8A10C82AEB9C9F5A45C3706A587FA2D03E7D3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
19:48:34.0312 0x0820  a2injectiondriver - ok
19:48:34.0314 0x0820  [ B1AB7116D14667A2238DAEFE20B7F4D0, DC8A9093A6F759657C3354931A462FCCAF3533A907FB7152380EB2E9B4AD3BF8 ] a2util          C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
19:48:34.0323 0x0820  a2util - ok
19:48:34.0347 0x0820  [ 7494475F1BE72A371685F96A6B6044D9, 7F0A8BC9D2565F153D9BA2E55691CD742C8EA90FD61084A13CA8AD0581625EB7 ] ABBYY.Licensing.FineReader.Professional.12.0 C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
19:48:34.0375 0x0820  ABBYY.Licensing.FineReader.Professional.12.0 - ok
19:48:34.0379 0x0820  ACPI - ok
19:48:34.0381 0x0820  acpiex - ok
19:48:34.0383 0x0820  acpipagr - ok
19:48:34.0385 0x0820  AcpiPmi - ok
19:48:34.0388 0x0820  acpitime - ok
19:48:34.0393 0x0820  [ 059E8944776CD96C4D48ADECE806D140, E9621B6FDA9A942A443A88C41D6199AB55D1AE4C1FD240437F9547B044D1B2D7 ] AdaptiveSleepService C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
19:48:34.0404 0x0820  AdaptiveSleepService - detected UnsignedFile.Multi.Generic ( 1 )
19:48:34.0442 0x0820  Detect skipped due to KSN trusted
19:48:34.0442 0x0820  AdaptiveSleepService - ok
19:48:34.0446 0x0820  [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:48:34.0456 0x0820  AdobeARMservice - ok
19:48:34.0474 0x0820  [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:48:34.0486 0x0820  AdobeFlashPlayerUpdateSvc - ok
19:48:34.0490 0x0820  ADP80XX - ok
19:48:34.0493 0x0820  AFD - ok
19:48:34.0495 0x0820  agp440 - ok
19:48:34.0529 0x0820  [ E20C1118524DF19945BCD83A3843E8CF, 90C87096E9E2595DAA503CFD9C24D7D8F9CB2D567ACAB06FBF5527C8A6059409 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
19:48:34.0567 0x0820  AGSService - ok
19:48:34.0575 0x0820  ahcache - ok
19:48:34.0578 0x0820  AJRouter - ok
19:48:34.0580 0x0820  ALG - ok
19:48:34.0585 0x0820  [ DBEB48BCEE52B1281D096A7A83C2FB6C, 0CAF22983DA2ACC59363DF862AFC68832B55FFA6217134BC38E6E5570AAE7EB3 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
19:48:34.0603 0x0820  AMD External Events Utility - ok
19:48:34.0605 0x0820  AmdK8 - ok
19:48:34.0608 0x0820  amdkmdag - ok
19:48:34.0618 0x0820  [ 29ECFFBCED648EDFD1872AFEB4402E2B, 159C4DB6A578C5CBF092DEB1EC26545818B95E89C302553B7B421C5A754AEB04 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
19:48:34.0637 0x0820  amdkmdap - ok
19:48:34.0642 0x0820  [ 3F11DB5FF2B4E52CA4B5979A37B97A6F, 59350E37AB2FE8D7290B0B9A4C84ADBC69A4EBCEA5AD208E2E5D047C8EE5B65A ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
19:48:34.0651 0x0820  amdkmpfd - ok
19:48:34.0653 0x0820  AmdPPM - ok
19:48:34.0655 0x0820  amdsata - ok
19:48:34.0658 0x0820  amdsbs - ok
19:48:34.0660 0x0820  amdxata - ok
19:48:34.0662 0x0820  AppHostSvc - ok
19:48:34.0664 0x0820  AppID - ok
19:48:34.0666 0x0820  AppIDSvc - ok
19:48:34.0669 0x0820  Appinfo - ok
19:48:34.0673 0x0820  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:48:34.0682 0x0820  Apple Mobile Device Service - ok
19:48:34.0685 0x0820  AppMgmt - ok
19:48:34.0688 0x0820  AppReadiness - ok
19:48:34.0691 0x0820  AppXSvc - ok
19:48:34.0693 0x0820  arcsas - ok
19:48:34.0697 0x0820  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
19:48:34.0702 0x0820  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
19:48:34.0741 0x0820  Detect skipped due to KSN trusted
19:48:34.0741 0x0820  ASGT - ok
19:48:34.0750 0x0820  aspnet_state - ok
19:48:34.0753 0x0820  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger   C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys
19:48:34.0762 0x0820  AsrAppCharger - ok
19:48:34.0766 0x0820  [ 2C74F5379459FFA27B3C139E9EF8A62D, DFEE555A39CC4A66FC937E75389119FAF2721079FC4A537B5A8B46D852EA08B7 ] Asus Product Register Service C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
19:48:34.0773 0x0820  Asus Product Register Service - detected UnsignedFile.Multi.Generic ( 1 )
19:48:34.0811 0x0820  Detect skipped due to KSN trusted
19:48:34.0811 0x0820  Asus Product Register Service - ok
19:48:34.0814 0x0820  AsyncMac - ok
19:48:34.0816 0x0820  atapi - ok
19:48:34.0823 0x0820  [ F06A4C6E131FD7D6E253FC0B6844298C, 431FEFB929D984C2573E186C65CE35385808FDB9795C776870AF39305E9465FA ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
19:48:34.0839 0x0820  AtiHDAudioService - ok
19:48:34.0842 0x0820  AudioEndpointBuilder - ok
19:48:34.0844 0x0820  Audiosrv - ok
19:48:34.0847 0x0820  AxInstSV - ok
19:48:34.0849 0x0820  b06bdrv - ok
19:48:34.0851 0x0820  BasicDisplay - ok
19:48:34.0854 0x0820  BasicRender - ok
19:48:34.0858 0x0820  bcmfn - ok
19:48:34.0860 0x0820  bcmfn2 - ok
19:48:34.0862 0x0820  BDESVC - ok
19:48:34.0865 0x0820  Beep - ok
19:48:34.0888 0x0820  [ 96E6FDA70874EBB1E616BCF216EE118A, E1DBD5E610457CC2FF5E3DA6426F292C3514C15986E632A4F515E8206E77F7B5 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
19:48:34.0912 0x0820  BEService - ok
19:48:34.0916 0x0820  BFE - ok
19:48:34.0918 0x0820  BITS - ok
19:48:34.0931 0x0820  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:48:34.0945 0x0820  Bonjour Service - ok
19:48:34.0948 0x0820  bowser - ok
19:48:34.0950 0x0820  BrokerInfrastructure - ok
19:48:34.0953 0x0820  Browser - ok
19:48:34.0956 0x0820  BthAvrcpTg - ok
19:48:34.0959 0x0820  BthHFEnum - ok
19:48:34.0961 0x0820  bthhfhid - ok
19:48:34.0964 0x0820  BthHFSrv - ok
19:48:34.0966 0x0820  BTHMODEM - ok
19:48:34.0970 0x0820  bthserv - ok
19:48:34.0973 0x0820  buttonconverter - ok
19:48:34.0975 0x0820  CapImg - ok
19:48:34.0977 0x0820  cdfs - ok
19:48:34.0980 0x0820  CDPSvc - ok
19:48:34.0983 0x0820  cdrom - ok
19:48:34.0985 0x0820  CertPropSvc - ok
19:48:34.0988 0x0820  circlass - ok
19:48:34.0992 0x0820  [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp        C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys
19:48:35.0001 0x0820  cleanhlp - ok
19:48:35.0004 0x0820  CLFS - ok
19:48:35.0007 0x0820  ClipSVC - ok
19:48:35.0014 0x0820  CmBatt - ok
19:48:35.0017 0x0820  CNG - ok
19:48:35.0019 0x0820  cnghwassist - ok
19:48:35.0032 0x0820  CompositeBus - ok
19:48:35.0035 0x0820  COMSysApp - ok
19:48:35.0038 0x0820  condrv - ok
19:48:35.0041 0x0820  CoreMessagingRegistrar - ok
19:48:35.0046 0x0820  CryptSvc - ok
19:48:35.0048 0x0820  CSC - ok
19:48:35.0051 0x0820  CscService - ok
19:48:35.0054 0x0820  dam - ok
19:48:35.0058 0x0820  DcomLaunch - ok
19:48:35.0061 0x0820  DcpSvc - ok
19:48:35.0064 0x0820  defragsvc - ok
19:48:35.0067 0x0820  DeviceAssociationService - ok
19:48:35.0070 0x0820  DeviceInstall - ok
19:48:35.0073 0x0820  DevQueryBroker - ok
19:48:35.0076 0x0820  Dfsc - ok
19:48:35.0079 0x0820  Dhcp - ok
19:48:35.0083 0x0820  diagnosticshub.standardcollector.service - ok
19:48:35.0086 0x0820  DiagTrack - ok
19:48:35.0097 0x0820  [ EA3F6BAE990D67FCA171871359BE8749, 754361DC3181D259638BCD5B2B24B228375084F54E26977BC04BC183AB7542C0 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
19:48:35.0110 0x0820  DigitalWave.Update.Service - ok
19:48:35.0139 0x0820  [ 91DF13EC831BDCFA36A7A12CD13D66B9, 5054281FE91D4BE0DB446F6F30E3D59E669185555F6C20B988DEC250713FFCED ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
19:48:35.0167 0x0820  Disc Soft Lite Bus Service - ok
19:48:35.0172 0x0820  disk - ok
19:48:35.0175 0x0820  DmEnrollmentSvc - ok
19:48:35.0178 0x0820  dmvsc - ok
19:48:35.0181 0x0820  dmwappushservice - ok
19:48:35.0183 0x0820  Dnscache - ok
19:48:35.0188 0x0820  dot3svc - ok
19:48:35.0192 0x0820  DPS - ok
19:48:35.0195 0x0820  drmkaud - ok
19:48:35.0198 0x0820  DsmSvc - ok
19:48:35.0201 0x0820  DsSvc - ok
19:48:35.0204 0x0820  [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus   C:\WINDOWS\System32\drivers\dtlitescsibus.sys
19:48:35.0213 0x0820  dtlitescsibus - ok
19:48:35.0216 0x0820  DXGKrnl - ok
19:48:35.0229 0x0820  [ 2AAC97A2DDFE3149851A9F8E002F2721, 7CDCB2BA56A6417C49A94D45BC674678073EB6B999FB0665EC329A26C5E9BCA7 ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
19:48:35.0247 0x0820  e1dexpress - ok
19:48:35.0251 0x0820  Eaphost - ok
19:48:35.0254 0x0820  ebdrv - ok
19:48:35.0257 0x0820  EFS - ok
19:48:35.0260 0x0820  EhStorClass - ok
19:48:35.0263 0x0820  EhStorTcgDrv - ok
19:48:35.0265 0x0820  embeddedmode - ok
19:48:35.0270 0x0820  EntAppSvc - ok
19:48:35.0276 0x0820  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
19:48:35.0287 0x0820  EpsonScanSvc - ok
19:48:35.0290 0x0820  ErrDev - ok
19:48:35.0296 0x0820  [ 32710ECBE3C17C6F769BAC88CD1756FF, BB9B269F0322FFBFAC459EC15BA9410A5FF5CDCBD38F67F8482720ACB1799C2B ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
19:48:35.0305 0x0820  ESProtectionDriver - ok
19:48:35.0311 0x0820  EventSystem - ok
19:48:35.0314 0x0820  exfat - ok
19:48:35.0317 0x0820  fastfat - ok
19:48:35.0320 0x0820  Fax - ok
19:48:35.0323 0x0820  fdc - ok
19:48:35.0325 0x0820  fdPHost - ok
19:48:35.0329 0x0820  FDResPub - ok
19:48:35.0332 0x0820  fhsvc - ok
19:48:35.0335 0x0820  FileCrypt - ok
19:48:35.0339 0x0820  FileInfo - ok
19:48:35.0342 0x0820  Filetrace - ok
19:48:35.0345 0x0820  flpydisk - ok
19:48:35.0348 0x0820  FltMgr - ok
19:48:35.0351 0x0820  FontCache - ok
19:48:35.0355 0x0820  FontCache3.0.0.0 - ok
19:48:35.0358 0x0820  FsDepends - ok
19:48:35.0361 0x0820  Fs_Rec - ok
19:48:35.0364 0x0820  fvevol - ok
19:48:35.0367 0x0820  gagp30kx - ok
19:48:35.0371 0x0820  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:48:35.0379 0x0820  GEARAspiWDM - ok
19:48:35.0382 0x0820  gencounter - ok
19:48:35.0385 0x0820  genericusbfn - ok
19:48:35.0392 0x0820  [ 4AB1EEFAA88D73AA1580C20461235616, D5530E57589EE42A658741358BFE543ACD38031A6AAC3AB88421233233CBD31C ] GladFileMonSvc  C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
19:48:35.0402 0x0820  GladFileMonSvc - ok
19:48:35.0405 0x0820  GPIOClx0101 - ok
19:48:35.0409 0x0820  gpsvc - ok
19:48:35.0412 0x0820  GpuEnergyDrv - ok
19:48:35.0419 0x0820  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:48:35.0428 0x0820  gupdate - ok
19:48:35.0434 0x0820  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:48:35.0443 0x0820  gupdatem - ok
19:48:35.0447 0x0820  HdAudAddService - ok
19:48:35.0450 0x0820  HDAudBus - ok
19:48:35.0453 0x0820  HidBatt - ok
19:48:35.0456 0x0820  HidBth - ok
19:48:35.0460 0x0820  hidi2c - ok
19:48:35.0463 0x0820  hidinterrupt - ok
19:48:35.0466 0x0820  HidIr - ok
19:48:35.0470 0x0820  hidserv - ok
19:48:35.0474 0x0820  HidUsb - ok
19:48:35.0477 0x0820  HomeGroupListener - ok
19:48:35.0481 0x0820  HomeGroupProvider - ok
19:48:35.0484 0x0820  HpSAMD - ok
19:48:35.0487 0x0820  HTTP - ok
19:48:35.0501 0x0820  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
19:48:35.0510 0x0820  HWiNFO32 - ok
19:48:35.0513 0x0820  hwpolicy - ok
19:48:35.0517 0x0820  hyperkbd - ok
19:48:35.0520 0x0820  HyperVideo - ok
19:48:35.0523 0x0820  i8042prt - ok
19:48:35.0527 0x0820  iai2c - ok
19:48:35.0530 0x0820  iaLPSS2i_I2C - ok
19:48:35.0534 0x0820  iaLPSSi_GPIO - ok
19:48:35.0538 0x0820  iaLPSSi_I2C - ok
19:48:35.0569 0x0820  [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
19:48:35.0599 0x0820  iaStorA - ok
19:48:35.0603 0x0820  iaStorAV - ok
19:48:35.0608 0x0820  [ 7281AED93FB30FDD1CBAF07591FA453A, BD912798D8E28AF27C5FE01455D97224013D30066E35230888E64D0AC346893F ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:48:35.0616 0x0820  IAStorDataMgrSvc - ok
19:48:35.0619 0x0820  iaStorV - ok
19:48:35.0623 0x0820  ibbus - ok
19:48:35.0627 0x0820  icssvc - ok
19:48:35.0632 0x0820  IEEtwCollectorService - ok
19:48:35.0639 0x0820  [ EDCCC8C13B1EB882F77BA0ABB84566E7, DB299C1D2CFC197CF2FE69358F5EEDE94DCC4C919AF5D2CDFFF0DE476612C988 ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
19:48:35.0649 0x0820  IJPLMSVC - ok
19:48:35.0653 0x0820  [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent        C:\WINDOWS\system32\DRIVERS\ikbevent.sys
19:48:35.0662 0x0820  ikbevent - ok
19:48:35.0665 0x0820  IKEEXT - ok
19:48:35.0670 0x0820  [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent        C:\WINDOWS\system32\DRIVERS\imsevent.sys
19:48:35.0678 0x0820  imsevent - ok
19:48:35.0755 0x0820  [ C1B6594EDD7FE73FFB03D48A9CAE25DE, B9995F65B06F28E146A7B50E4D77C2E50D68CB65D5F69798E6644AA23B7AEB5F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:48:35.0837 0x0820  IntcAzAudAddService - ok
19:48:35.0860 0x0820  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:48:35.0879 0x0820  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
19:48:35.0917 0x0820  Detect skipped due to KSN trusted
19:48:35.0917 0x0820  Intel(R) Capability Licensing Service Interface - ok
19:48:35.0936 0x0820  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:48:35.0955 0x0820  Intel(R) Capability Licensing Service TCP IP Interface - ok
19:48:35.0964 0x0820  [ EE65488B7294FBCB113EAC9FD492345C, D1D6B22CD94324387171B188D295AA716900654DA1DC9F3DC18D0CD528F2BBEA ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:48:35.0973 0x0820  Intel(R) ME Service - ok
19:48:35.0980 0x0820  [ 26FBC0AEDE7C6A67781202E0E2ECB6A6, BEF9E7CB2B2DD7A8091483EC53B812CA3F079CEC949DE545ABED6BE617A9ED55 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:48:35.0993 0x0820  Intel(R) PROSet Monitoring Service - ok
19:48:35.0997 0x0820  intelide - ok
19:48:36.0000 0x0820  intelpep - ok
19:48:36.0004 0x0820  intelppm - ok
19:48:36.0009 0x0820  [ A01C412699B6F21645B2885C2BAE4454, EA85BBE63D6F66F7EFEE7007E770AF820D57F914C7F179C5FEE3EF2845F19C41 ] IOMap           C:\WINDOWS\system32\drivers\IOMap64.sys
19:48:36.0017 0x0820  IOMap - ok
19:48:36.0020 0x0820  IoQos - ok
19:48:36.0024 0x0820  IpFilterDriver - ok
19:48:36.0028 0x0820  iphlpsvc - ok
19:48:36.0031 0x0820  IPMIDRV - ok
19:48:36.0035 0x0820  IPNAT - ok
19:48:36.0051 0x0820  [ 2BFF13AC46A5850161317D0F924B5B42, B8A09F66435EC6582F8772515988503CC13DC200A370EBB8C3FE661F2EA688DA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:48:36.0068 0x0820  iPod Service - ok
19:48:36.0072 0x0820  IRENUM - ok
19:48:36.0076 0x0820  isapnp - ok
19:48:36.0079 0x0820  iScsiPrt - ok
19:48:36.0083 0x0820  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\WINDOWS\System32\drivers\ISCTD64.sys
19:48:36.0092 0x0820  ISCT - ok
19:48:36.0099 0x0820  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
19:48:36.0110 0x0820  iumsvc - ok
19:48:36.0117 0x0820  [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:48:36.0127 0x0820  jhi_service - ok
19:48:36.0131 0x0820  kbdclass - ok
19:48:36.0134 0x0820  kbdhid - ok
19:48:36.0138 0x0820  kdnic - ok
19:48:36.0142 0x0820  KeyIso - ok
19:48:36.0146 0x0820  [ 0F9FD9565E6EB157FA9BE11ED9C1DC9F, 7565255F0A28D065F8F30F876E7DF3E46EF2E6FEDF420ECA7D454CF49887B2DE ] KMS-R@1n        C:\Windows\KMS-R@1n.exe
19:48:36.0150 0x0820  KMS-R@1n - detected UnsignedFile.Multi.Generic ( 1 )
19:48:36.0188 0x0820  Detect skipped due to KSN trusted
19:48:36.0188 0x0820  KMS-R@1n - ok
19:48:36.0192 0x0820  KSecDD - ok
19:48:36.0195 0x0820  KSecPkg - ok
19:48:36.0200 0x0820  ksthunk - ok
19:48:36.0204 0x0820  KtmRm - ok
19:48:36.0208 0x0820  LanmanServer - ok
19:48:36.0212 0x0820  LanmanWorkstation - ok
19:48:36.0219 0x0820  lfsvc - ok
19:48:36.0223 0x0820  LicenseManager - ok
19:48:36.0282 0x0820  [ C2BDC7EA68CAE9E9A088F77BAC88FB92, EBD7B98C00DD320DAAD39C15A8D9D49CB9F3691BF41F1553039F4060BAB29A24 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
19:48:36.0329 0x0820  LiveUpdateSvc - ok
19:48:36.0335 0x0820  lltdio - ok
19:48:36.0339 0x0820  lltdsvc - ok
19:48:36.0343 0x0820  lmhosts - ok
19:48:36.0356 0x0820  [ 02A9CBACE666877BBBA4FD66B22F6D4A, 0E783BA7A8F00CEC8F03CFEE03999CA5DB9E4DB7CCE62D9171CFCF36AFBE4BB1 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:48:36.0369 0x0820  LMS - ok
19:48:36.0376 0x0820  LSI_SAS - ok
19:48:36.0380 0x0820  LSI_SAS2i - ok
19:48:36.0384 0x0820  LSI_SAS3i - ok
19:48:36.0388 0x0820  LSI_SSS - ok
19:48:36.0393 0x0820  LSM - ok
19:48:36.0396 0x0820  luafv - ok
19:48:36.0401 0x0820  MapsBroker - ok
19:48:36.0414 0x0820  [ DE111E937CB01E149FD749F67CDA7DD9, 1434FD87072FE4032D40E2B59DA301B0B35A301DAD4A6E7FE53BE8044BD2B465 ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
19:48:36.0433 0x0820  MbaeSvc - ok
19:48:36.0438 0x0820  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
19:48:36.0446 0x0820  MBAMProtector - ok
19:48:36.0485 0x0820  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:48:36.0508 0x0820  MBAMService - ok
19:48:36.0524 0x0820  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
19:48:36.0533 0x0820  MBAMWebAccessControl - ok
19:48:36.0569 0x0820  [ 6EF327DBB5DC9D6310ADE48CAB14959D, AFDC81E83E9EC9424C14431E531E976C419715754952D92BE2691186C55F0E9B ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe
19:48:36.0581 0x0820  McComponentHostService - ok
19:48:36.0585 0x0820  megasas - ok
19:48:36.0590 0x0820  megasr - ok
19:48:36.0605 0x0820  [ 6ECDA51525C123C55ABC470F2144F925, 7B2E8976F126219AF0953FD641E613A9336CCC80843AF4A37AA71067D55CCBBB ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
19:48:36.0617 0x0820  MEIx64 - ok
19:48:36.0622 0x0820  MessagingService - ok
19:48:36.0661 0x0820  mlx4_bus - ok
19:48:36.0666 0x0820  MMCSS - ok
19:48:36.0670 0x0820  Modem - ok
19:48:36.0674 0x0820  monitor - ok
19:48:36.0681 0x0820  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\WINDOWS\system32\DRIVERS\MijXfilt.sys
19:48:36.0689 0x0820  MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
19:48:36.0726 0x0820  Detect skipped due to KSN trusted
19:48:36.0726 0x0820  MotioninJoyXFilter - ok
19:48:36.0731 0x0820  mouclass - ok
19:48:36.0735 0x0820  mouhid - ok
19:48:36.0740 0x0820  mountmgr - ok
19:48:36.0744 0x0820  mpsdrv - ok
19:48:36.0748 0x0820  MpsSvc - ok
19:48:36.0753 0x0820  MQAC - ok
19:48:36.0757 0x0820  MRxDAV - ok
19:48:36.0762 0x0820  mrxsmb - ok
19:48:36.0767 0x0820  mrxsmb10 - ok
19:48:36.0771 0x0820  mrxsmb20 - ok
19:48:36.0775 0x0820  MsBridge - ok
19:48:36.0780 0x0820  MSDTC - ok
19:48:36.0790 0x0820  Msfs - ok
19:48:36.0795 0x0820  msgpiowin32 - ok
19:48:36.0799 0x0820  mshidkmdf - ok
19:48:36.0803 0x0820  mshidumdf - ok
19:48:36.0808 0x0820  msisadrv - ok
19:48:36.0813 0x0820  MSiSCSI - ok
19:48:36.0817 0x0820  msiserver - ok
19:48:36.0821 0x0820  MSKSSRV - ok
19:48:36.0826 0x0820  MsLldp - ok
19:48:36.0830 0x0820  MSMQ - ok
19:48:36.0834 0x0820  MSPCLOCK - ok
19:48:36.0838 0x0820  MSPQM - ok
19:48:36.0843 0x0820  MsRPC - ok
19:48:36.0850 0x0820  mssmbios - ok
19:48:36.0854 0x0820  MSTEE - ok
19:48:36.0859 0x0820  MTConfig - ok
19:48:36.0863 0x0820  Mup - ok
19:48:36.0868 0x0820  mvumis - ok
19:48:36.0886 0x0820  [ E605F35F03C881DC46902E0E2F5985B3, C97F0C733377E35B463EF7F6A5B879DA21AB512719899160C09278615FE39A21 ] MyEpson Portal Service C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
19:48:36.0904 0x0820  MyEpson Portal Service - ok
19:48:36.0912 0x0820  NativeWifiP - ok
19:48:36.0933 0x0820  [ DF1A606A45C5280BD2DEFEFC17311489, 690656E73211BF34A1A839EAAA6B090D66040773228506C571E40699CB4927F4 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
19:48:36.0951 0x0820  NAUpdate - ok
19:48:36.0957 0x0820  NcaSvc - ok
19:48:36.0962 0x0820  NcbService - ok
19:48:36.0965 0x0820  NcdAutoSetup - ok
19:48:36.0971 0x0820  ndfltr - ok
19:48:36.0975 0x0820  NDIS - ok
19:48:36.0980 0x0820  NdisCap - ok
19:48:36.0985 0x0820  NdisImPlatform - ok
19:48:36.0989 0x0820  NdisTapi - ok
19:48:36.0993 0x0820  Ndisuio - ok
19:48:36.0998 0x0820  NdisVirtualBus - ok
19:48:37.0003 0x0820  NdisWan - ok
19:48:37.0007 0x0820  ndiswanlegacy - ok
19:48:37.0012 0x0820  ndproxy - ok
19:48:37.0017 0x0820  Ndu - ok
19:48:37.0022 0x0820  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\System32\drivers\netaapl64.sys
19:48:37.0035 0x0820  Netaapl - ok
19:48:37.0040 0x0820  NetBIOS - ok
19:48:37.0048 0x0820  NetBT - ok
19:48:37.0052 0x0820  Netlogon - ok
19:48:37.0058 0x0820  Netman - ok
19:48:37.0065 0x0820  NetMsmqActivator - ok
19:48:37.0069 0x0820  NetPipeActivator - ok
19:48:37.0074 0x0820  netprofm - ok
19:48:37.0079 0x0820  NetSetupSvc - ok
19:48:37.0084 0x0820  NetTcpActivator - ok
19:48:37.0088 0x0820  NetTcpPortSharing - ok
19:48:37.0093 0x0820  netvsc - ok
19:48:37.0102 0x0820  NgcCtnrSvc - ok
19:48:37.0106 0x0820  NgcSvc - ok
19:48:37.0111 0x0820  NlaSvc - ok
19:48:37.0116 0x0820  Npfs - ok
19:48:37.0121 0x0820  npsvctrig - ok
19:48:37.0126 0x0820  nsi - ok
19:48:37.0130 0x0820  nsiproxy - ok
19:48:37.0139 0x0820  NTFS - ok
19:48:37.0143 0x0820  Null - ok
19:48:37.0148 0x0820  nvraid - ok
19:48:37.0153 0x0820  nvstor - ok
19:48:37.0157 0x0820  nv_agp - ok
19:48:37.0162 0x0820  OneSyncSvc - ok
19:48:37.0213 0x0820  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:48:37.0225 0x0820  ose64 - ok
19:48:37.0332 0x0820  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:48:37.0413 0x0820  osppsvc - ok
19:48:37.0425 0x0820  p2pimsvc - ok
19:48:37.0430 0x0820  p2psvc - ok
19:48:37.0435 0x0820  Parport - ok
19:48:37.0441 0x0820  partmgr - ok
19:48:37.0445 0x0820  PcaSvc - ok
19:48:37.0450 0x0820  pci - ok
19:48:37.0455 0x0820  pciide - ok
19:48:37.0460 0x0820  pcmcia - ok
19:48:37.0465 0x0820  pcw - ok
19:48:37.0470 0x0820  pdc - ok
19:48:37.0475 0x0820  PEAUTH - ok
19:48:37.0480 0x0820  PeerDistSvc - ok
19:48:37.0485 0x0820  percsas2i - ok
19:48:37.0490 0x0820  percsas3i - ok
19:48:37.0508 0x0820  PerfHost - ok
19:48:37.0524 0x0820  PhoneSvc - ok
19:48:37.0530 0x0820  PimIndexMaintenanceSvc - ok
19:48:37.0575 0x0820  pla - ok
19:48:37.0581 0x0820  PlugPlay - ok
19:48:37.0585 0x0820  PNRPAutoReg - ok
19:48:37.0591 0x0820  PNRPsvc - ok
19:48:37.0596 0x0820  PolicyAgent - ok
19:48:37.0605 0x0820  Power - ok
19:48:37.0610 0x0820  PptpMiniport - ok
19:48:37.0681 0x0820  [ C9908063F90F5541098BF19EA63E1327, AA6B5E4D01CD8061D5953FDE3025FE4AF01B265C182B8818107A035E4FFAD0DF ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:48:37.0775 0x0820  PrintNotify - ok
19:48:37.0782 0x0820  Processor - ok
19:48:37.0788 0x0820  ProfSvc - ok
19:48:37.0793 0x0820  Psched - ok
19:48:37.0798 0x0820  QWAVE - ok
19:48:37.0804 0x0820  QWAVEdrv - ok
19:48:37.0810 0x0820  RasAcd - ok
19:48:37.0815 0x0820  RasAgileVpn - ok
19:48:37.0820 0x0820  RasAuto - ok
19:48:37.0825 0x0820  Rasl2tp - ok
19:48:37.0831 0x0820  RasMan - ok
19:48:37.0836 0x0820  RasPppoe - ok
19:48:37.0841 0x0820  RasSstp - ok
19:48:37.0847 0x0820  rdbss - ok
19:48:37.0856 0x0820  rdpbus - ok
19:48:37.0861 0x0820  RDPDR - ok
19:48:37.0875 0x0820  RdpVideoMiniport - ok
19:48:37.0880 0x0820  rdyboost - ok
19:48:37.0885 0x0820  ReFSv1 - ok
19:48:37.0895 0x0820  RemoteAccess - ok
19:48:37.0900 0x0820  RemoteRegistry - ok
19:48:37.0906 0x0820  RetailDemo - ok
19:48:37.0912 0x0820  RpcEptMapper - ok
19:48:37.0917 0x0820  RpcLocator - ok
19:48:37.0923 0x0820  RpcSs - ok
19:48:37.0928 0x0820  rspndr - ok
19:48:37.0934 0x0820  s3cap - ok
19:48:37.0939 0x0820  SamSs - ok
19:48:37.0947 0x0820  [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\Sandra.sys
19:48:37.0955 0x0820  SANDRA - ok
19:48:37.0961 0x0820  [ DB066DBB99FB20AA7B3CE28C4E592180, 19590B7B718AE7706E4145B1998C77420CC64FF8E345DDE4716192B999612E4C ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe
19:48:37.0968 0x0820  SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
19:48:38.0005 0x0820  Detect skipped due to KSN trusted
19:48:38.0005 0x0820  SandraAgentSrv - ok
19:48:38.0011 0x0820  sbp2port - ok
19:48:38.0016 0x0820  SCardSvr - ok
19:48:38.0023 0x0820  ScDeviceEnum - ok
19:48:38.0028 0x0820  scfilter - ok
19:48:38.0034 0x0820  Schedule - ok
19:48:38.0040 0x0820  SCPolicySvc - ok
19:48:38.0046 0x0820  sdbus - ok
19:48:38.0052 0x0820  SDRSVC - ok
19:48:38.0057 0x0820  sdstor - ok
19:48:38.0063 0x0820  seclogon - ok
19:48:38.0068 0x0820  SENS - ok
19:48:38.0074 0x0820  SensorDataService - ok
19:48:38.0079 0x0820  SensorService - ok
19:48:38.0085 0x0820  SensrSvc - ok
19:48:38.0090 0x0820  SerCx - ok
19:48:38.0096 0x0820  SerCx2 - ok
19:48:38.0102 0x0820  Serenum - ok
19:48:38.0107 0x0820  Serial - ok
19:48:38.0113 0x0820  sermouse - ok
19:48:38.0131 0x0820  SessionEnv - ok
19:48:38.0145 0x0820  sfloppy - ok
19:48:38.0151 0x0820  SharedAccess - ok
19:48:38.0158 0x0820  ShellHWDetection - ok
19:48:38.0164 0x0820  SiSRaid2 - ok
19:48:38.0169 0x0820  SiSRaid4 - ok
19:48:38.0183 0x0820  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:48:38.0198 0x0820  SkypeUpdate - ok
19:48:38.0204 0x0820  [ E4F6FAAA2B531594A523AD4544F4A013, BE561215835BBB934780BDFF35F756BC975056B98F0453F40B92AFA363B63DDA ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
19:48:38.0213 0x0820  SmbDrvI - ok
19:48:38.0219 0x0820  smphost - ok
19:48:38.0225 0x0820  SmsRouter - ok
19:48:38.0244 0x0820  SNMPTRAP - ok
19:48:38.0249 0x0820  spaceport - ok
19:48:38.0255 0x0820  SpbCx - ok
19:48:38.0261 0x0820  Spooler - ok
19:48:38.0267 0x0820  sppsvc - ok
19:48:38.0272 0x0820  srv - ok
19:48:38.0278 0x0820  srv2 - ok
19:48:38.0284 0x0820  srvnet - ok
19:48:38.0290 0x0820  SSDPSRV - ok
19:48:38.0296 0x0820  SstpSvc - ok
19:48:38.0319 0x0820  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
19:48:38.0336 0x0820  ss_conn_service - ok
19:48:38.0347 0x0820  [ 31A20120B76C8F6D350D4EF6668B0381, 86971AC0963470039D44E8BFA72FEB188E8ED579FCB96AD4492CEBFEF887823E ] Start10         C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe
19:48:38.0359 0x0820  Start10 - ok
19:48:38.0366 0x0820  StateRepository - ok
19:48:38.0390 0x0820  [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:48:38.0418 0x0820  Steam Client Service - ok
19:48:38.0426 0x0820  stexstor - ok
19:48:38.0431 0x0820  stisvc - ok
19:48:38.0437 0x0820  storahci - ok
19:48:38.0444 0x0820  storflt - ok
19:48:38.0450 0x0820  stornvme - ok
19:48:38.0456 0x0820  storqosflt - ok
19:48:38.0462 0x0820  StorSvc - ok
19:48:38.0467 0x0820  storufs - ok
19:48:38.0473 0x0820  storvsc - ok
19:48:38.0479 0x0820  svsvc - ok
19:48:38.0485 0x0820  swenum - ok
19:48:38.0491 0x0820  swprv - ok
19:48:38.0497 0x0820  Synth3dVsc - ok
19:48:38.0503 0x0820  SysMain - ok
19:48:38.0509 0x0820  SystemEventsBroker - ok
19:48:38.0516 0x0820  TabletInputService - ok
19:48:38.0522 0x0820  TapiSrv - ok
19:48:38.0528 0x0820  Tcpip - ok
19:48:38.0534 0x0820  Tcpip6 - ok
19:48:38.0545 0x0820  tcpipreg - ok
19:48:38.0555 0x0820  tdx - ok
19:48:38.0561 0x0820  terminpt - ok
19:48:38.0567 0x0820  TermService - ok
19:48:38.0573 0x0820  Themes - ok
19:48:38.0579 0x0820  TieringEngineService - ok
19:48:38.0585 0x0820  tiledatamodelsvc - ok
19:48:38.0592 0x0820  TimeBroker - ok
19:48:38.0598 0x0820  TPM - ok
19:48:38.0604 0x0820  TrkWks - ok
19:48:38.0610 0x0820  TrustedInstaller - ok
19:48:38.0621 0x0820  tsusbflt - ok
19:48:38.0627 0x0820  TsUsbGD - ok
19:48:38.0633 0x0820  tzautoupdate - ok
19:48:38.0640 0x0820  uagp35 - ok
19:48:38.0646 0x0820  UASPStor - ok
19:48:38.0652 0x0820  UcmCx0101 - ok
19:48:38.0658 0x0820  UcmUcsi - ok
19:48:38.0664 0x0820  Ucx01000 - ok
19:48:38.0670 0x0820  UdeCx - ok
19:48:38.0677 0x0820  udfs - ok
19:48:38.0683 0x0820  UEFI - ok
19:48:38.0689 0x0820  Ufx01000 - ok
19:48:38.0695 0x0820  UfxChipidea - ok
19:48:38.0701 0x0820  ufxsynopsys - ok
19:48:38.0717 0x0820  UI0Detect - ok
19:48:38.0723 0x0820  uliagpkx - ok
19:48:38.0729 0x0820  umbus - ok
19:48:38.0735 0x0820  UmPass - ok
19:48:38.0742 0x0820  UmRdpService - ok
19:48:38.0749 0x0820  UnistoreSvc - ok
19:48:38.0811 0x0820  upnphost - ok
19:48:38.0817 0x0820  UrsChipidea - ok
19:48:38.0823 0x0820  UrsCx01000 - ok
19:48:38.0830 0x0820  UrsSynopsys - ok
19:48:38.0838 0x0820  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:48:38.0851 0x0820  USBAAPL64 - ok
19:48:38.0858 0x0820  usbccgp - ok
19:48:38.0865 0x0820  usbcir - ok
19:48:38.0871 0x0820  usbehci - ok
19:48:38.0878 0x0820  usbhub - ok
19:48:38.0884 0x0820  USBHUB3 - ok
19:48:38.0891 0x0820  usbohci - ok
19:48:38.0897 0x0820  usbprint - ok
19:48:38.0903 0x0820  usbser - ok
19:48:38.0910 0x0820  USBSTOR - ok
19:48:38.0916 0x0820  usbuhci - ok
19:48:38.0923 0x0820  USBXHCI - ok
19:48:38.0930 0x0820  UserDataSvc - ok
19:48:38.0995 0x0820  UserManager - ok
19:48:39.0002 0x0820  UsoSvc - ok
19:48:39.0009 0x0820  VaultSvc - ok
19:48:39.0016 0x0820  vdrvroot - ok
19:48:39.0022 0x0820  vds - ok
19:48:39.0029 0x0820  VerifierExt - ok
19:48:39.0035 0x0820  vhdmp - ok
19:48:39.0042 0x0820  vhf - ok
19:48:39.0049 0x0820  vmbus - ok
19:48:39.0055 0x0820  VMBusHID - ok
19:48:39.0062 0x0820  vmicguestinterface - ok
19:48:39.0069 0x0820  vmicheartbeat - ok
19:48:39.0075 0x0820  vmickvpexchange - ok
19:48:39.0082 0x0820  vmicrdv - ok
19:48:39.0088 0x0820  vmicshutdown - ok
19:48:39.0096 0x0820  vmictimesync - ok
19:48:39.0102 0x0820  vmicvmsession - ok
19:48:39.0108 0x0820  vmicvss - ok
19:48:39.0115 0x0820  volmgr - ok
19:48:39.0122 0x0820  volmgrx - ok
19:48:39.0128 0x0820  volsnap - ok
19:48:39.0135 0x0820  vpci - ok
19:48:39.0142 0x0820  vsmraid - ok
19:48:39.0148 0x0820  VSS - ok
19:48:39.0155 0x0820  VSTXRAID - ok
19:48:39.0162 0x0820  vwifibus - ok
19:48:39.0168 0x0820  vwififlt - ok
19:48:39.0175 0x0820  W32Time - ok
19:48:39.0182 0x0820  w3logsvc - ok
19:48:39.0190 0x0820  W3SVC - ok
19:48:39.0197 0x0820  WacomPen - ok
19:48:39.0204 0x0820  WalletService - ok
19:48:39.0211 0x0820  wanarp - ok
19:48:39.0218 0x0820  wanarpv6 - ok
19:48:39.0225 0x0820  WAS - ok
19:48:39.0231 0x0820  wbengine - ok
19:48:39.0239 0x0820  WbioSrvc - ok
19:48:39.0246 0x0820  Wcmsvc - ok
19:48:39.0252 0x0820  wcncsvc - ok
19:48:39.0259 0x0820  WcsPlugInService - ok
19:48:39.0267 0x0820  WdBoot - ok
19:48:39.0274 0x0820  Wdf01000 - ok
19:48:39.0280 0x0820  WdFilter - ok
19:48:39.0287 0x0820  WdiServiceHost - ok
19:48:39.0294 0x0820  WdiSystemHost - ok
19:48:39.0301 0x0820  wdiwifi - ok
19:48:39.0308 0x0820  WdNisDrv - ok
19:48:39.0314 0x0820  WdNisSvc - ok
19:48:39.0322 0x0820  WebClient - ok
19:48:39.0329 0x0820  Wecsvc - ok
19:48:39.0336 0x0820  WEPHOSTSVC - ok
19:48:39.0343 0x0820  wercplsupport - ok
19:48:39.0350 0x0820  WerSvc - ok
19:48:39.0357 0x0820  WFPLWFS - ok
19:48:39.0364 0x0820  WiaRpc - ok
19:48:39.0371 0x0820  WIMMount - ok
19:48:39.0378 0x0820  WinDefend - ok
19:48:39.0397 0x0820  WindowsTrustedRT - ok
19:48:39.0404 0x0820  WindowsTrustedRTProxy - ok
19:48:39.0412 0x0820  WinHttpAutoProxySvc - ok
19:48:39.0419 0x0820  WinMad - ok
19:48:39.0429 0x0820  Winmgmt - ok
19:48:39.0436 0x0820  WinRM - ok
19:48:39.0455 0x0820  WINUSB - ok
19:48:39.0462 0x0820  WinVerbs - ok
19:48:39.0470 0x0820  WlanSvc - ok
19:48:39.0477 0x0820  wlidsvc - ok
19:48:39.0484 0x0820  WmiAcpi - ok
19:48:39.0497 0x0820  wmiApSrv - ok
19:48:39.0504 0x0820  WMPNetworkSvc - ok
19:48:39.0516 0x0820  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
19:48:39.0531 0x0820  Wof - ok
19:48:39.0545 0x0820  workfolderssvc - ok
19:48:39.0552 0x0820  wpcfltr - ok
19:48:39.0559 0x0820  WPDBusEnum - ok
19:48:39.0566 0x0820  WpdUpFltr - ok
19:48:39.0574 0x0820  WpnService - ok
19:48:39.0582 0x0820  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\WINDOWS\system32\drivers\WPRO_41_2001.sys
19:48:39.0591 0x0820  WPRO_41_2001 - ok
19:48:39.0598 0x0820  ws2ifsl - ok
19:48:39.0613 0x0820  [ 69671F82C17650612B68519ADA192F65, 282A0B8E5455DEEAE8AFED270A438F67463324C1B2A11369A7D3B0D47987EE53 ] WsAppService    C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
19:48:39.0625 0x0820  WsAppService - detected UnsignedFile.Multi.Generic ( 1 )
19:48:39.0662 0x0820  Detect skipped due to KSN trusted
19:48:39.0662 0x0820  WsAppService - ok
19:48:39.0670 0x0820  wscsvc - ok
19:48:39.0677 0x0820  WSDPrintDevice - ok
19:48:39.0688 0x0820  [ 41B8BD5F7E665710E4E3FA4C5CE0FDC8, 653F215F741B33F1E43FAA520F3F20DDD9A65721EADE68B196E382F877EB5359 ] WsDrvInst       C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe
19:48:39.0698 0x0820  WsDrvInst - ok
19:48:39.0706 0x0820  WSDScan - ok
19:48:39.0713 0x0820  WSearch - ok
19:48:39.0727 0x0820  WSService - ok
19:48:39.0734 0x0820  wuauserv - ok
19:48:39.0742 0x0820  WudfPf - ok
19:48:39.0749 0x0820  WUDFRd - ok
19:48:39.0757 0x0820  wudfsvc - ok
19:48:39.0764 0x0820  WUDFWpdFs - ok
19:48:39.0771 0x0820  WUDFWpdMtp - ok
19:48:39.0779 0x0820  WwanSvc - ok
19:48:39.0787 0x0820  XblAuthManager - ok
19:48:39.0794 0x0820  XblGameSave - ok
19:48:39.0802 0x0820  xboxgip - ok
19:48:39.0809 0x0820  XboxNetApiSvc - ok
19:48:39.0817 0x0820  xinputhid - ok
19:48:39.0831 0x0820  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\WINDOWS\system32\DRIVERS\xusb21.sys
19:48:39.0841 0x0820  xusb21 - ok
19:48:39.0842 0x0820  ================ Scan global ===============================
19:48:39.0849 0x0820  [ Global ] - ok
19:48:39.0850 0x0820  ================ Scan MBR ==================================
19:48:39.0872 0x0820  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:48:39.0943 0x0820  \Device\Harddisk0\DR0 - ok
19:48:39.0944 0x0820  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:48:39.0983 0x0820  \Device\Harddisk1\DR1 - ok
19:48:39.0984 0x0820  ================ Scan VBR ==================================
19:48:39.0985 0x0820  [ 52229DCFF00A9CB9FADFFE2BBC89B527 ] \Device\Harddisk0\DR0\Partition1
19:48:39.0986 0x0820  \Device\Harddisk0\DR0\Partition1 - ok
19:48:39.0987 0x0820  [ C0D3076AF00DB06B3724EC0B6D7444A2 ] \Device\Harddisk1\DR1\Partition1
19:48:39.0988 0x0820  \Device\Harddisk1\DR1\Partition1 - ok
19:48:39.0990 0x0820  [ 979C122A32EC148AB1FDA57C7C389A01 ] \Device\Harddisk1\DR1\Partition2
19:48:39.0991 0x0820  \Device\Harddisk1\DR1\Partition2 - ok
19:48:39.0991 0x0820  ================ Scan generic autorun ======================
19:48:40.0208 0x0820  [ C584AF9EB11C90469DE2747BE583EB01, B7F149F48CAEB3230469CF078841C6B31BD4EDEF9CDB295AF53B8B69ED50824F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:48:40.0476 0x0820  RTHDVCPL - ok
19:48:40.0507 0x0820  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
19:48:40.0531 0x0820  XboxStat - ok
19:48:40.0542 0x0820  [ 20C08CA080F650B730B1E3FDEA9AD532, 1D2B0914412378E0B5834A95BDD86F8927B6A8D37F4E044C904CE381F1C19A75 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
19:48:40.0558 0x0820  AdobeAAMUpdater-1.0 - ok
19:48:40.0564 0x0820  [ 747CEF68DA0B3BABD64B74C0E06C050E, C640AF94F66025E8B9937A37A361547580DB3F0B5F62F21E8B30A087BE018015 ] C:\Program Files\iTunes\iTunesHelper.exe
19:48:40.0576 0x0820  iTunesHelper - ok
19:48:40.0578 0x0820  Logitech Download Assistant - ok
19:48:40.0665 0x0820  [ 6B34B34C61D69D9B7B7A46B364C9FC47, 43E9BC13021399EA859A04DC9824C195C984D8037842747834858194B84D14F6 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
19:48:40.0779 0x0820  StartCN - ok
19:48:40.0799 0x0820  [ 50B4BD30A102B5E7BFAEB87629C94466, A6AA1097A77F5AA84111F98C84E51B7219B893308E16D909D8915AB46C6E71EE ] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
19:48:40.0817 0x0820  LexwareInfoService - ok
19:48:40.0912 0x0820  [ A8D9ADD3A366F7E475304EDC9FB382A8, 6589C37AA6A5159BC4EF8988719E124A179991E7D2DADD755713E86DB04686B9 ] C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe
19:48:40.0999 0x0820  Bonus.SSR.FR12 - detected UnsignedFile.Multi.Generic ( 1 )
19:48:41.0037 0x0820  Detect skipped due to KSN trusted
19:48:41.0037 0x0820  Bonus.SSR.FR12 - ok
19:48:41.0104 0x0820  [ 1A774CBE54318A3411539BA10D47BEF5, 99CDBD90429FCAFA1C814E49EFF1160E8DC7D43B8F82E8AC33116BE7D42DBA9B ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
19:48:41.0160 0x0820  Malwarebytes Anti-Exploit - ok
19:48:41.0252 0x0820  [ 6F5C9785C05D23DABE407653C12B8A05, 3EC2AACE39D47BC3C34CC8F53DA652A5FFE3A09304AB77AFCF17D4E5CC10F82E ] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe
19:48:41.0317 0x0820  ISUSPM - ok
19:48:41.0404 0x0820  [ C43B7F065407BB18FC359AA4FB436DB5, B4B0C83810A2A4472F89D0135CDFE85BC15AAB0216414502B7EFC7E1313B648D ] C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
19:48:41.0494 0x0820  OmniPage Preload - ok
19:48:41.0521 0x0820  [ 130924FEDB988C2E01A33E8B2C9CD588, BA0634A5A590A027D1562F5EA6B0B977C9E39CDA601B50790A8EE6098D5E82E6 ] C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
19:48:41.0535 0x0820  Nuance OmniPage Ultimate-reminder - ok
19:48:41.0561 0x0820  [ F44FD5B2D864BB57061B7F667980D17A, 2E3081AC8B9EC1435EB7A0B4A830C1EB25F5212C9776C10DC7284C1ED94199ED ] C:\Program Files (x86)\Nuance\PDFCreate8\pdfcreate8hook.exe
19:48:41.0594 0x0820  PDFCreHook - ok
19:48:41.0601 0x0820  [ 28B8ECAE3A212BC442C89ED32F28740C, 3A6CD16F56702FE8407C2E124FD4668A488D89C894E4B9E34E03AF036DEAAD60 ] C:\Program Files (x86)\Nuance\PDFCreate8\RegistryController.exe
19:48:41.0612 0x0820  PDF8 Registry Controller - ok
19:48:41.0642 0x0820  [ 53C3DFF8527E91787533D3FAF38D0A93, 9AD1FCB61F6DB4FE7F33799414465E65E07A40410C24992F7C9B779557468C25 ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
19:48:41.0679 0x0820  Acrobat Assistant 8.0 - ok
19:48:41.0796 0x0820  OneDriveSetup - ok
19:48:41.0797 0x0820  OneDriveSetup - ok
19:48:41.0828 0x0820  [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\NABIL\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:48:41.0853 0x0820  OneDrive - ok
19:48:42.0046 0x0820  [ 3D5D4137594D2EBA8868EAD504B89366, D5FEB5B8303B083A79A4617E59B2FB34FAD71BE72F3F8DD6E4B69B3D03FE658A ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
19:48:42.0196 0x0820  DAEMON Tools Lite Automount - ok
19:48:42.0205 0x0820  Skype - ok
19:48:42.0207 0x0820  Speech Recognition - ok
19:48:42.0249 0x0820  [ 5EC5BE9EE2702B3B574BE7AD975590BC, 21DB2BCFEA9DC10CF0AD80CC737C438ABC79BA671A79F3C152BC679EB63E6BCD ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
19:48:42.0287 0x0820  Adobe Acrobat Synchronizer - ok
19:48:42.0315 0x0820  [ F7BF95877017F53DDAEBC4E87A309168, F7849DBC61E5E7C42B97D011364ADC7C20257994FECBFA988C8CB2E779392F80 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
19:48:42.0330 0x0820  iCloudServices - ok
19:48:42.0384 0x0820  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\asd\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:48:42.0412 0x0820  OneDrive - ok
19:48:42.0547 0x0820  [ 3D5D4137594D2EBA8868EAD504B89366, D5FEB5B8303B083A79A4617E59B2FB34FAD71BE72F3F8DD6E4B69B3D03FE658A ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
19:48:42.0615 0x0820  DAEMON Tools Lite Automount - ok
19:48:42.0665 0x0820  [ ADF6C78FC95716CA45A68FD3DA1C1A78, 8250D47AC8C25A3A2DB8AB2148350F7086141F91DB317D0431DA545430B843F5 ] C:\Program Files (x86)\Steam\steam.exe
19:48:42.0718 0x0820  Steam - ok
19:48:42.0764 0x0820  [ 5EC5BE9EE2702B3B574BE7AD975590BC, 21DB2BCFEA9DC10CF0AD80CC737C438ABC79BA671A79F3C152BC679EB63E6BCD ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
19:48:42.0783 0x0820  Adobe Acrobat Synchronizer - ok
19:48:42.0857 0x0820  Uninstall C:\Users\asd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64 - ok
19:48:42.0861 0x0820  Uninstall C:\Users\asd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1 - ok
19:48:42.0941 0x0820  OneDriveSetup - ok
19:48:42.0953 0x0820  [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\bazet\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:48:42.0974 0x0820  OneDrive - ok
19:48:42.0975 0x0820  WAB Migrate - ok
19:48:42.0976 0x0820  OneDriveSetup - ok
19:48:42.0994 0x0820  [ EFC73875D6A2DECAD030633A9A75F00A, AA7B65649B37FFC68A6FFB23CBBE73E1BB873C840B9EA0049421D2B4C0EC364F ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE
19:48:43.0008 0x0820  EPLTarget\P0000000000000000 - ok
19:48:43.0009 0x0820  WAB Migrate - ok
19:48:43.0011 0x0820  OneDriveSetup - ok
19:48:43.0011 0x0820  WAB Migrate - ok
19:48:43.0012 0x0820  Waiting for KSN requests completion. In queue: 91
19:48:44.0030 0x0820  AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe ( 9.0.0.4668 ), 0x40010 ( disabled : outofdate )
19:48:44.0033 0x0820  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.494 ), 0x61100 ( enabled : updated )
19:48:44.0036 0x0820  Win FW state via NFP2: enabled ( trusted )
19:48:44.0127 0x0820  ============================================================
19:48:44.0127 0x0820  Scan finished
19:48:44.0127 0x0820  ============================================================
19:48:44.0131 0x323c  Detected object count: 0
19:48:44.0131 0x323c  Actual detected object count: 0

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von NABIL (Administrator) auf NABIL-PC (11-09-2016 20:02:25)
Gestartet von C:\Users\NABIL\Downloads
Geladene Profile: NABIL (Verfügbare Profile: NABIL & asd & bazet & Gast & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Windows\KMS-R@1n.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10_64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDFCreate8\PdfCreate8Hook.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Valve Corporation) M:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(AO Kaspersky Lab) C:\Users\NABIL\Downloads\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\NABIL\AppData\Local\Temp\{D0F90BAE-133B-4DA8-A184-20208F6568FD}\{061B3142-B031-4678-A94D-628B6536EFD0}.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\KMS-R@1nhook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1517088 2014-09-22] (ABBYY Production LLC.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe [3021528 2014-11-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance OmniPage Ultimate-reminder] => "C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage Ultimate\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDFCreate8\pdfcreate8hook.exe [1109016 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDFCreate8\RegistryController.exe [189976 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-07-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2013-08-08] (Gladinet, INC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2016-04-06]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2016-02-23]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{281f7690-3078-4910-b67d-7743d4eb2a9a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: ZeonIEEventHelper Class -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-225648569-1694930765-1264359465-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-30] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> m:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-30] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-03-18] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-225648569-1694930765-1264359465-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [nicht gefunden]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-22] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-01]

Chrome: 
=======
CHR Profile: C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-01]
CHR Extension: (Google-Suche) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\fancjlijdfajbmighlldmgmeobfmempn [2015-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Google Mail) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert]
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1145216 2015-05-19] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-27] (Digital Wave Ltd.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [30032 2013-08-08] (Gladinet, INC)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-02-11] () [Datei ist nicht signiert]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe [73200 2015-02-15] (SiSoftware) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 Start10; C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Datei ist nicht signiert]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [124168 2016-01-19] (Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-12-22] (Advanced Micro Devices)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-10] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [531424 2015-12-22] (Intel Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [74984 2016-07-28] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-08] (REALiX(tm))
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-14] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-22] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-04-30] ()
U4 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-11 19:40 - 2016-09-11 19:49 - 00099796 _____ C:\TDSSKiller.3.1.0.11_11.09.2016_19.40.39_log.txt
2016-09-11 19:40 - 2016-09-11 19:40 - 04747704 _____ (AO Kaspersky Lab) C:\Users\NABIL\Downloads\tdsskiller.exe
2016-09-11 19:40 - 2016-09-11 19:40 - 00250064 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\34425297.sys
2016-09-11 19:37 - 2016-09-11 20:02 - 00032855 _____ C:\Users\NABIL\Downloads\FRST.txt
2016-09-11 19:37 - 2016-09-11 20:02 - 00000000 ____D C:\FRST
2016-09-11 19:37 - 2016-09-11 19:39 - 00074242 _____ C:\Users\NABIL\Downloads\Addition.txt
2016-09-11 19:36 - 2016-09-11 19:36 - 02397696 _____ (Farbar) C:\Users\NABIL\Downloads\FRST64.exe
2016-09-04 20:53 - 2016-09-04 20:53 - 00005208 _____ C:\Users\NABIL\Downloads\relink.to__Rampage_2009_German_DTS_DL_1080p_BluRay_x264_-_SoW_158023ecdb764581577579d64a4c06.dlc
2016-09-04 20:19 - 2016-09-04 20:19 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-09-04 20:19 - 2016-08-26 09:18 - 72520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 24414760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 24323312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 17377488 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 15202040 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 13122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 12988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 10534696 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06947183 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-09-04 20:19 - 2016-08-26 09:18 - 06374320 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05793528 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05593616 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05341352 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05293064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-09-04 20:19 - 2016-08-26 09:18 - 03299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03291320 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03134720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-09-04 20:19 - 2016-08-26 09:18 - 02825104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02776224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02706864 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02439048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02203752 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02073096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01920820 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01607136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01529144 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01422928 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01337648 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01186840 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01166160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01115144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01041744 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01001800 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00999856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00962136 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00864344 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00858200 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00854032 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00725944 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00571376 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00498648 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447184 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00438696 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00372744 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00179600 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00112496 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00005604 _____ C:\WINDOWS\system32\cxapo.lncs
2016-09-04 20:19 - 2016-08-26 09:18 - 00000736 _____ C:\WINDOWS\system32\cxapo.prop
2016-09-04 20:13 - 2016-04-11 13:38 - 02838232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-09-04 20:04 - 2016-09-04 20:08 - 348623152 _____ C:\Users\NABIL\Downloads\7917_PG448_Win10_TH_RS_Win8.1_Win8_Win7_WHQL.zip
2016-09-04 20:03 - 2016-09-04 20:03 - 01474568 _____ C:\Users\NABIL\Downloads\Realtek HD Audio Treiber inoffizielle WHQL Treiber - CHIP-Installer.exe
2016-09-04 20:02 - 2016-09-04 20:09 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\NABIL\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe
2016-08-21 20:23 - 2016-08-21 20:23 - 00000219 _____ C:\Users\NABIL\Desktop\Counter-Strike Global Offensive.url
2016-08-15 21:49 - 2016-08-15 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-14 20:54 - 2016-08-14 20:54 - 00110244 _____ C:\WINDOWS\Minidump\081416-17609-01.dmp
2016-08-14 17:29 - 2016-08-14 17:29 - 00000000 ____D C:\Program Files\ATI Technologies
2016-08-14 17:28 - 2016-09-04 20:20 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-12 01:07 - 2016-08-12 01:07 - 08892696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 08738920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 07115928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00479368 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00164280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00159088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00154920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 48819200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 38266368 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 32555512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 27489280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 26639360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 21641216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 15729152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 14320128 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08830456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08627704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 07076352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02376704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02286584 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02147328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 01837568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00883192 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00751616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00627192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00459776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00402944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00350208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00292352 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00287744 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00275968 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00270336 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00268792 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00249336 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00241152 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00234496 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00231424 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00222208 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00209408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00202744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00201728 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00181760 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00159736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00137208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00135168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00130560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00123896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00118784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00111616 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00083960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00079864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00069632 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00068608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00068096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00066560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00060920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00055800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-11 19:42 - 2015-08-27 14:42 - 00000911 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-11 19:42 - 2015-08-27 14:42 - 00000725 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-11 19:36 - 2015-07-26 23:01 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\TS3Client
2016-09-11 19:32 - 2013-10-25 18:03 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-11 19:16 - 2013-10-19 03:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-11 18:40 - 2013-10-08 21:23 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\vlc
2016-09-11 12:32 - 2013-10-25 18:03 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-11 10:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-10 14:30 - 2016-02-23 01:50 - 00000000 ____D C:\Users\NABIL\AppData\Local\gladinet
2016-09-10 14:28 - 2014-04-17 17:43 - 00000000 ____D C:\ProgramData\TEMP
2016-09-10 14:27 - 2016-01-03 17:42 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\Skype
2016-09-10 14:10 - 2016-02-21 13:31 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-10 14:10 - 2014-03-19 17:30 - 00000000 ____D C:\Users\NABIL\AppData\Local\JDownloader 2.0
2016-09-09 14:58 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-08 20:38 - 2015-11-08 01:18 - 00003978 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1446938337
2016-09-08 20:38 - 2015-11-08 01:18 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-08 20:38 - 2015-11-08 01:18 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-08 02:29 - 2016-01-27 18:45 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-09-04 20:27 - 2016-04-30 07:23 - 02089750 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-04 20:27 - 2016-02-13 18:59 - 00889234 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-04 20:27 - 2016-02-13 18:59 - 00197816 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-04 20:27 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-04 20:23 - 2013-11-12 22:14 - 00000000 ____D C:\ProgramData\AMD
2016-09-04 20:22 - 2014-11-08 04:57 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2016-09-04 20:21 - 2016-02-13 19:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-04 20:20 - 2016-04-30 07:22 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-04 20:20 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-09-04 20:20 - 2013-10-05 03:00 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-09-04 20:19 - 2016-04-30 07:22 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-09-04 19:59 - 2015-07-26 23:01 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-09-01 09:14 - 2016-06-17 22:09 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-01 03:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 03:00 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-31 16:00 - 2016-04-30 07:23 - 00000000 ____D C:\Users\NABIL
2016-08-24 14:11 - 2016-06-05 19:08 - 00000000 ____D C:\Users\NABIL\Desktop\absagen vom 05.06.16
2016-08-24 13:47 - 2013-11-06 21:41 - 00000000 ____D C:\Users\NABIL\AppData\Local\Packages
2016-08-24 00:26 - 2013-10-25 16:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-15 21:49 - 2015-11-10 09:46 - 00002009 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-08-15 21:49 - 2015-11-10 09:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-08-15 10:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-14 22:47 - 2013-10-07 15:17 - 00000000 ____D C:\Users\NABIL\AppData\Local\ElevatedDiagnostics
2016-08-14 20:54 - 2016-07-27 17:51 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-14 17:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-14 17:28 - 2016-04-30 07:22 - 00000000 ____D C:\Program Files\AMD
2016-08-14 17:28 - 2014-05-28 01:55 - 00000000 ____D C:\AMD
2016-08-12 01:07 - 2016-04-23 00:56 - 10995344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 10317568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 09340136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 09131736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 07258160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 01547544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 01273928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00183952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00152800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-12 01:07 - 2016-04-23 00:56 - 00137224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 26706432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-08-12 01:06 - 2016-04-23 00:56 - 01323008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-12 01:06 - 2016-04-23 00:56 - 00521728 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-12 01:06 - 2016-04-23 00:56 - 00518656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-08-12 01:06 - 2016-04-23 00:56 - 00287232 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-15 18:56 - 2015-09-15 18:56 - 0000000 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-15 18:56 - 2015-09-15 18:56 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2015-03-01 04:43 - 2015-03-01 05:31 - 14848000 _____ () C:\Users\NABIL\AppData\Roaming\Sandra.mdb
2016-04-30 07:22 - 2016-04-30 07:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\asd\AppData\Local\Temp\proxy_vole2008580591415989544.dll
C:\Users\asd\AppData\Local\Temp\proxy_vole5313419656434273934.dll
C:\Users\asd\AppData\Local\Temp\proxy_vole6505369171543915562.dll
C:\Users\NABIL\AppData\Local\Temp\i4jdel0.exe
C:\Users\NABIL\AppData\Local\Temp\MSETUP4.EXE
C:\Users\NABIL\AppData\Local\Temp\proxy_vole5631846365696866387.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole571332217995924973.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole576922321117719755.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-09 20:18

==================== Ende von FRST.txt ============================

Ich hab das Programm deinstalliert was muss ich jetzt tun?

M-K-D-B · 12.09.2016, 15:41

Servus,

bitte beachten:

Zitat:

Gestartet von C:\Users\NABIL\Downloads

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

nabil21 · 12.09.2016, 21:03

Code:

ATTFilter

# AdwCleaner v6.010 - Bericht erstellt am 12/09/2016 um 22:04:20
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-12.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : NABIL - NABIL-PC
# Gestartet von : C:\Users\NABIL\Desktop\AdwCleaner_6.010.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_advancedpccare.com_0.localstorage
[#] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[#] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage
[-] Datei gelöscht: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Schlüssel gelöscht: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Software\OCS
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-225648569-1694930765-1264359465-1000\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\f


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2517 Bytes] - [12/09/2016 22:04:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [2739 Bytes] - [12/09/2016 22:03:37]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2663 Bytes] ##########

VON MBAM

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 12.09.2016
Suchlaufzeit: 22:12
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.12.09
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: NABIL

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 518198
Abgelaufene Zeit: 8 Min., 37 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 5
PUP.Optional.DownloadGuide, C:\ProgramData\Package Cache\{AC60B176-6C90-41D1-977C-EE75BFDB6CFC}v1.0.0.0\free-driver-scout_Setup_product-website_de-DE_x64.msi, In Quarantäne, [72d782ef0a9039fdd5c954759b69768a], 
CrackTool.Agent.X, C:\Users\asd\AppData\Local\Temp\Rar$EXa0.704\AcrobatDC1501620041\ADOBE_ACROBAT_PRO_DC_V2015_MULTI-XFORCE.rar, In Quarantäne, [cd7c066bc4d666d0ffe355e712efed13], 
HackTool.Agent.KMS, C:\Windows\KMS-QADhook.dll, Löschen bei Neustart, [ba8fd69b009a47ef542975d908fae818], 
PUP.Optional.DownloadGuide, C:\Windows\Installer\4587d55.msi, In Quarantäne, [fb4ebeb3aaf069cda1fd37929c6821df], 
PUP.Optional.DownloadGuide, C:\Windows\Installer\{AC60B176-6C90-41D1-977C-EE75BFDB6CFC}\ProductIcon.exe, In Quarantäne, [a4a5244d4852d95dafef56733cc8a35d], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B · 13.09.2016, 15:18

Servus,

gut gemacht.

Es fehlt noch die Logdatei von JRT und die zwei von FRST.

nabil21 · 13.09.2016, 16:12

DANKE

HIER VON JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Pro x64 
Ran by NABIL (Administrator) on 12.09.2016 at 22:28:52,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3 

Successfully deleted: C:\Users\NABIL\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\WINDOWS\prefetch\FREESTUDIOMANAGER.EXE-5AFE3FEC.pf (File) 
Successfully deleted: C:\WINDOWS\prefetch\FREEYOUTUBETOMP3CONVERTER.EXE-44400E43.pf (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.09.2016 at 22:31:48,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

von FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von NABIL (Administrator) auf NABIL-PC (13-09-2016 17:14:50)
Gestartet von C:\Users\NABIL\Desktop
Geladene Profile: NABIL (Verfügbare Profile: NABIL & asd & bazet & Gast & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\KMS-R@1n.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Windows\KMS-R@1nhook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1517088 2014-09-22] (ABBYY Production LLC.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe [3021528 2014-11-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance OmniPage Ultimate-reminder] => "C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage Ultimate\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDFCreate8\pdfcreate8hook.exe [1109016 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDFCreate8\RegistryController.exe [189976 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-07-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2013-08-08] (Gladinet, INC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2016-04-06]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2016-02-23]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{281f7690-3078-4910-b67d-7743d4eb2a9a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: ZeonIEEventHelper Class -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-225648569-1694930765-1264359465-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-30] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> m:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-30] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-03-18] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-225648569-1694930765-1264359465-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [nicht gefunden]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-22] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-01]

Chrome: 
=======
CHR Profile: C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-01]
CHR Extension: (Google-Suche) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\fancjlijdfajbmighlldmgmeobfmempn [2015-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Google Mail) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert]
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1145216 2015-05-19] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-27] (Digital Wave Ltd.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [30032 2013-08-08] (Gladinet, INC)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-02-11] () [Datei ist nicht signiert]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe [73200 2015-02-15] (SiSoftware) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 Start10; C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Datei ist nicht signiert]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [124168 2016-01-19] (Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-12-22] (Advanced Micro Devices)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-10] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [531424 2015-12-22] (Intel Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [74984 2016-07-28] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-08] (REALiX(tm))
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-14] ()
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-22] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-04-30] ()
U4 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-13 17:14 - 2016-09-13 17:15 - 00028548 _____ C:\Users\NABIL\Desktop\FRST.txt
2016-09-13 10:27 - 2016-09-13 10:27 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\ProductData
2016-09-12 22:31 - 2016-09-12 22:31 - 00000800 _____ C:\Users\NABIL\Desktop\JRT.txt
2016-09-12 22:28 - 2016-09-12 22:28 - 01610560 _____ (Malwarebytes) C:\Users\NABIL\Desktop\JRT.exe
2016-09-12 22:08 - 2016-09-12 22:08 - 22851472 _____ (Malwarebytes ) C:\Users\NABIL\Desktop\mbam-setup-2.2.1.1043.exe
2016-09-12 22:00 - 2016-09-12 22:04 - 00000000 ____D C:\AdwCleaner
2016-09-12 22:00 - 2016-09-12 22:00 - 03826240 _____ C:\Users\NABIL\Desktop\AdwCleaner_6.010.exe
2016-09-11 19:40 - 2016-09-11 19:40 - 04747704 _____ (AO Kaspersky Lab) C:\Users\NABIL\Downloads\tdsskiller.exe
2016-09-11 19:37 - 2016-09-13 17:14 - 00000000 ____D C:\FRST
2016-09-11 19:37 - 2016-09-11 20:03 - 00074243 _____ C:\Users\NABIL\Downloads\Addition.txt
2016-09-11 19:37 - 2016-09-11 20:03 - 00066824 _____ C:\Users\NABIL\Downloads\FRST.txt
2016-09-11 19:36 - 2016-09-11 19:36 - 02397696 _____ (Farbar) C:\Users\NABIL\Desktop\FRST64.exe
2016-09-04 20:53 - 2016-09-04 20:53 - 00005208 _____ C:\Users\NABIL\Downloads\relink.to__Rampage_2009_German_DTS_DL_1080p_BluRay_x264_-_SoW_158023ecdb764581577579d64a4c06.dlc
2016-09-04 20:19 - 2016-09-04 20:19 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-09-04 20:19 - 2016-08-26 09:18 - 72520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 24414760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 24323312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 17377488 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 15202040 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 13122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 12988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 10534696 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06947183 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-09-04 20:19 - 2016-08-26 09:18 - 06374320 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05793528 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05593616 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05341352 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05293064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-09-04 20:19 - 2016-08-26 09:18 - 03299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03291320 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03134720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-09-04 20:19 - 2016-08-26 09:18 - 02825104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02776224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02706864 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02439048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02203752 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02073096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01920820 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01607136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01529144 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01422928 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01337648 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01186840 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01166160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01115144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01041744 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01001800 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00999856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00962136 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00864344 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00858200 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00854032 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00725944 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00571376 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00498648 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447184 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00438696 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00372744 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00179600 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00112496 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00005604 _____ C:\WINDOWS\system32\cxapo.lncs
2016-09-04 20:19 - 2016-08-26 09:18 - 00000736 _____ C:\WINDOWS\system32\cxapo.prop
2016-09-04 20:13 - 2016-04-11 13:38 - 02838232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-09-04 20:04 - 2016-09-04 20:08 - 348623152 _____ C:\Users\NABIL\Downloads\7917_PG448_Win10_TH_RS_Win8.1_Win8_Win7_WHQL.zip
2016-09-04 20:03 - 2016-09-04 20:03 - 01474568 _____ C:\Users\NABIL\Downloads\Realtek HD Audio Treiber inoffizielle WHQL Treiber - CHIP-Installer.exe
2016-09-04 20:02 - 2016-09-04 20:09 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\NABIL\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe
2016-08-21 20:23 - 2016-08-21 20:23 - 00000219 _____ C:\Users\NABIL\Desktop\Counter-Strike Global Offensive.url
2016-08-15 21:49 - 2016-08-15 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-14 20:54 - 2016-08-14 20:54 - 00110244 _____ C:\WINDOWS\Minidump\081416-17609-01.dmp
2016-08-14 17:29 - 2016-08-14 17:29 - 00000000 ____D C:\Program Files\ATI Technologies
2016-08-14 17:28 - 2016-09-12 22:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-13 16:42 - 2015-08-27 14:42 - 00000911 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-13 16:42 - 2015-08-27 14:42 - 00000725 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-13 16:32 - 2013-10-25 18:03 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-13 16:16 - 2013-10-19 03:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-13 16:08 - 2015-09-26 14:06 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-09-13 12:32 - 2013-10-25 18:03 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-13 09:06 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-13 09:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-12 22:32 - 2016-01-27 18:45 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-09-12 22:31 - 2016-04-30 07:23 - 02089750 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-12 22:31 - 2016-02-13 18:59 - 00889234 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-12 22:31 - 2016-02-13 18:59 - 00197816 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-12 22:31 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-12 22:28 - 2016-02-23 01:50 - 00000000 ____D C:\Users\NABIL\AppData\Local\gladinet
2016-09-12 22:26 - 2014-04-17 17:43 - 00000000 ____D C:\ProgramData\TEMP
2016-09-12 22:25 - 2016-02-13 19:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-12 22:25 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-12 22:25 - 2014-11-08 04:57 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2016-09-12 22:24 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-09-12 22:23 - 2016-01-26 16:00 - 00001936 _____ C:\Users\NABIL\Desktop\mbamlog.txt
2016-09-12 22:12 - 2014-11-11 02:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-12 22:11 - 2015-12-22 17:47 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-12 22:11 - 2014-11-11 02:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-09-12 22:11 - 2014-11-11 02:37 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-09-12 22:06 - 2016-01-03 17:42 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\Skype
2016-09-12 22:05 - 2016-02-13 10:22 - 00351000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-12 21:59 - 2015-07-26 23:01 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\TS3Client
2016-09-11 20:10 - 2016-02-13 19:13 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-11 20:10 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-11 20:10 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-11 20:10 - 2013-10-25 16:49 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-11 20:10 - 2013-10-16 21:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-11 20:08 - 2009-07-14 04:34 - 00000387 _____ C:\WINDOWS\win.ini
2016-09-11 18:40 - 2013-10-08 21:23 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\vlc
2016-09-10 14:10 - 2016-02-21 13:31 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-10 14:10 - 2014-03-19 17:30 - 00000000 ____D C:\Users\NABIL\AppData\Local\JDownloader 2.0
2016-09-08 20:38 - 2015-11-08 01:18 - 00003978 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1446938337
2016-09-08 20:38 - 2015-11-08 01:18 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-08 20:38 - 2015-11-08 01:18 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-04 20:23 - 2013-11-12 22:14 - 00000000 ____D C:\ProgramData\AMD
2016-09-04 20:20 - 2016-04-30 07:22 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-04 20:20 - 2013-10-05 03:00 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-09-04 20:19 - 2016-04-30 07:22 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-09-04 19:59 - 2015-07-26 23:01 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-09-01 09:14 - 2016-06-17 22:09 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-01 03:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 03:00 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-31 16:00 - 2016-04-30 07:23 - 00000000 ____D C:\Users\NABIL
2016-08-24 14:11 - 2016-06-05 19:08 - 00000000 ____D C:\Users\NABIL\Desktop\absagen vom 05.06.16
2016-08-24 13:47 - 2013-11-06 21:41 - 00000000 ____D C:\Users\NABIL\AppData\Local\Packages
2016-08-15 21:49 - 2015-11-10 09:46 - 00002009 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-08-15 21:49 - 2015-11-10 09:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-08-15 10:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-14 22:47 - 2013-10-07 15:17 - 00000000 ____D C:\Users\NABIL\AppData\Local\ElevatedDiagnostics
2016-08-14 20:54 - 2016-07-27 17:51 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-14 17:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-08-14 17:29 - 2016-04-30 07:23 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-14 17:28 - 2016-04-30 07:22 - 00000000 ____D C:\Program Files\AMD
2016-08-14 17:28 - 2014-05-28 01:55 - 00000000 ____D C:\AMD

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-15 18:56 - 2015-09-15 18:56 - 0000000 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-15 18:56 - 2015-09-15 18:56 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2015-03-01 04:43 - 2015-03-01 05:31 - 14848000 _____ () C:\Users\NABIL\AppData\Roaming\Sandra.mdb
2016-04-30 07:22 - 2016-04-30 07:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\asd\AppData\Local\Temp\proxy_vole2008580591415989544.dll
C:\Users\asd\AppData\Local\Temp\proxy_vole5313419656434273934.dll
C:\Users\asd\AppData\Local\Temp\proxy_vole6505369171543915562.dll
C:\Users\NABIL\AppData\Local\Temp\i4jdel0.exe
C:\Users\NABIL\AppData\Local\Temp\libeay32.dll
C:\Users\NABIL\AppData\Local\Temp\MSETUP4.EXE
C:\Users\NABIL\AppData\Local\Temp\msvcr120.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole5631846365696866387.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole571332217995924973.dll
C:\Users\NABIL\AppData\Local\Temp\proxy_vole576922321117719755.dll
C:\Users\NABIL\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-09 20:18

==================== Ende von FRST.txt ============================

nabil21 · 13.09.2016, 16:14

und von addition

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgefÃ¼hrt von NABIL (13-09-2016 17:15:22)
Gestartet von C:\Users\NABIL\Desktop
Windows 10 Pro Version 1511 (X64) (2016-04-30 05:33:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-225648569-1694930765-1264359465-500 - Administrator - Disabled)
asd (S-1-5-21-225648569-1694930765-1264359465-1004 - Administrator - Enabled) => C:\Users\asd
bazet (S-1-5-21-225648569-1694930765-1264359465-1008 - Administrator - Enabled) => C:\Users\bazet
DefaultAccount (S-1-5-21-225648569-1694930765-1264359465-503 - Limited - Disabled)
Gast (S-1-5-21-225648569-1694930765-1264359465-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-225648569-1694930765-1264359465-1002 - Limited - Enabled)
NABIL (S-1-5-21-225648569-1694930765-1264359465-1000 - Administrator - Enabled) => C:\Users\NABIL

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Disabled - Out of date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.426 - ABBYY Production LLC)
Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation)
AMD Catalyst Install Manager (HKLM\...\{14D58A97-B60E-A858-34D8-95469C02F7EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06 (HKLM-x32\...\Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06) (Version:  - )
Assassin's Creed Unity Gold Edition MULTi2 1.0 (HKLM-x32\...\Assassin's Creed Unity Gold Edition MULTi2 1.0) (Version:  - )
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
Batman: Arkham Cityâ„¢ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\GOGPACKBROKENSWORD5EP1EP2_is1) (Version: 2.0.0.2 - GOG.com)
Bully - Scholarship Edition (HKLM-x32\...\Bully - Scholarship Edition_is1) (Version:  - )
Call of Duty Black Ops III Version 1.0 (HKLM-x32\...\{322C0A98-947C-4EB4-A48B-C8C818B137C8}_is1) (Version: 1.0 - Activision Blizzard)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - â€*Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.1.8 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.8 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dead or Alive 5 Last Round Version 1.02A u1 (HKLM-x32\...\{344CBB83-6CB8-4B68-ACC0-56C41F292D5B}_is1) (Version: 1.02A u1 - Koei Tecmo)
Deponia The Complete Journey MULTi2 3.3.0155 (HKLM-x32\...\Deponia The Complete Journey MULTi2 3.3.0155) (Version:  - )
Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 13 MULTi2 v1.13.104.1220 (HKLM-x32\...\Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 13 MULTi2 v1.13.104.1220) (Version:  - )
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Emily Wants To Play (HKLM-x32\...\Emily Wants To Play_is1) (Version:  - )
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Epson Benutzerhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Useg) (Version:  - )
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-HandbÃ¼cher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Dailymotion Download (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.55.1127 - DVDVideoSoft Ltd.)
Free Driver Scout (HKLM-x32\...\{50a7e828-15d3-40e6-a37d-22d5c5357878}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
HarryPotter und der Stein der Weisen (HKLM-x32\...\HarryPotter und der Stein der Weisen1.1) (Version: 1.1 - TheRaven1)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)
Life is Strange Complete First Season Version 1.0.0.371598 (HKLM-x32\...\{D5DF0D21-62C1-46E0-BD21-4E3DAE94DA32}_is1) (Version: 1.0.0.371598 - Square Enix)
Malwarebytes Anti-Exploit version 1.8.1.2572 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2572 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
Metal Gear Solid 5 The Phantom Pain MULTI8 1.005 (HKLM-x32\...\Metal Gear Solid 5 The Phantom Pain MULTI8 1.005) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools fÃ¼r Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mortal Kombat X Premium Edition MULTi2 1.0 (HKLM-x32\...\Mortal Kombat X Premium Edition MULTi2 1.0) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst (HKLM-x32\...\Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst_is1) (Version:  - )
Nero 2014 (HKLM-x32\...\{A618CE26-1E36-4FA4-A1F4-D079DC6022B8}) (Version: 15.0.08500 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero Burning ROM 2014 (HKLM-x32\...\{A4DC74AA-F4DF-48B9-AA4B-C30CA0DBCA33}) (Version: 15.0.04600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nuance Cloud Connector (HKLM-x32\...\{128FBB62-9750-4C08-ABF9-47D73D9A3918}) (Version: 3.2.1084 - Nuance Communications, Inc.)
Nuance OmniPage Ultimate (HKLM-x32\...\{17223DA4-6B76-439E-BD49-5940FAD8AE19}) (Version: 19.16.0000 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM\...\{CB5B66BC-406C-4C1F-913D-A06E83C7CD81}) (Version: 8.20.6418 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM-x32\...\{CB5B66BC-406C-4C1F-913D-A06E83C7CD81}) (Version: 8.20.6418 - Nuance Communications, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 39.0.2256.71 (HKLM-x32\...\Opera 39.0.2256.71) (Version: 39.0.2256.71 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.0 - Tracker Software Products Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Runaway - A Road Adventure (HKLM-x32\...\GOGPACKRUNAWAY_is1) (Version: 2.0.0.3 - GOG.com)
Saints Row IV Game of the Century Edition 1.0 (HKLM-x32\...\Saints Row IV Game of the Century Edition 1.0) (Version:  - )
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Create (x32 Version:  - ) Hidden
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
Sherlock Holmes Crimes and Punishments German Subbed Edition 1.0 (HKLM-x32\...\Sherlock Holmes Crimes and Punishments German Subbed Edition 1.0) (Version:  - )
Sherlock Holmes: The Devil's Daughter (HKLM\...\Steam App 350640) (Version:  - Frogwares)
SiSoftware Sandra Lite 2015.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.27.2015.2 - SiSoftware)
Skypeâ„¢ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Hidden
South Park - The Stick of Truth Version 1.0.1353 (HKLM-x32\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
SSD Tweaker version 3.0.5 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.0.5 - Elpamsoft.com)
Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.0 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
Street Fighter V Deluxe Edition MULTi13 1.0 (HKLM-x32\...\Street Fighter V Deluxe Edition MULTi13 1.0) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Book of Unwritten Tales Collection Version 1.0 (HKLM-x32\...\{552EE0FA-C570-4283-9E79-358A95068DCA}_is1) (Version: 1.0 - Nordic Games)
The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02 (HKLM-x32\...\The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02) (Version:  - )
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version:  - )
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Valiant Hearts: The Great War (HKLM-x32\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Vocalizer (HKLM-x32\...\{7F267540-71F7-4FC0-A39D-DD0206142814}) (Version: 19.16.0000 - Nuance Communications, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare MobileGo(Version 8.2.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.0 - Wondershare)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01955A10-3280-46FE-B295-16984CFF4AB3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0CE42A92-4C76-4FD1-83EE-B48021CBA13F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {163A17B5-F3DE-486E-9FD8-AE460A042434} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\XmasPromote.exe
Task: {1BDC3015-055B-4643-A612-B548F44B3168} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {1D6EAC2C-CCCC-48D3-A9B2-0BF073A859DD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1F55AC57-5BA5-4A77-8512-E48E7F663F7A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {1FA75676-E7D0-44FA-A6E4-D1CC7124E499} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2219BAF3-970C-442B-AA03-6D10302BA04F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {25E967C3-EA75-4CB8-9FCC-0AE64DE1D754} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {2776DC5D-B0AC-4588-AB90-45257F175B71} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {2F910DE1-C01D-4F91-9672-CA57A347D8A0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {30EE4FCD-E88C-4FFB-B957-A3D82F648A03} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {348F3260-4BAE-4743-A9D1-B023A55EE5E3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {37EEDB11-5C90-47E8-B40F-144D8F9FEA33} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {40FCA32E-2588-4671-A0E1-8E12C100365B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5113B6CC-4DE8-44AF-9599-C0219896EAB8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5B6CC23A-D5C6-4522-B4DF-D1F35D4DFA74} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {5EF0F301-E74A-461C-813D-D5298404EB44} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {6B05F11A-0FAA-459F-8398-5A68E112F578} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7499461B-5DC4-4C2A-8990-F17947981EE7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {781B7E50-8B6D-4764-8AFA-46E8C7417708} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {78C2FD3D-5725-47D8-9751-10D343A2894F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7AF61DD3-4CD4-4508-97E1-778984972570} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {7ED06AB3-3419-4D6E-9C9D-0856A9156FF4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7F34203D-7E5A-4698-9622-D093B9BBFA68} - System32\Tasks\{77584C26-73F5-4330-9F49-0396C6D171AE} => pcalua.exe -a C:\Users\NABIL\AppData\Roaming\key-find\UninstallManager.exe -c  -ptid=cvs
Task: {876EA98A-187D-4A26-8183-339326B7D990} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8775F958-4DC9-4F38-82B3-381C6FF519B6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-30] (Adobe Systems Incorporated)
Task: {96771FD7-B11F-43D3-B439-011C2B276961} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {97432494-44EB-4E0E-BAB5-1A73A165C1FE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {9CD4DDF6-33D0-4174-A137-9A84D7B4B263} - System32\Tasks\Opera scheduled Autoupdate 1446938337 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-05] (Opera Software)
Task: {A49341F1-6E31-4579-A298-5EEC4CBCDC01} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {A7F242A1-2D4C-49E1-A99B-BA4F6A5EE323} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {AB2CC5D3-ADF9-4165-A0D9-A63DBD3260B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {B27D50C5-906A-4AD6-BE29-AAD1BD3EB5D7} - System32\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {CF27364E-6CD6-49E3-BE7A-BDBBAE6AAF2D} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {D27BE5C6-A5F6-4031-ABA9-429A3E82A67F} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {D57EF4A8-1624-4244-814F-A2B2F632642C} - System32\Tasks\R@1n-KMS\Office15ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="b322da9c-a2e2-4058-9e4e-f59a6970bd69") call Activate]
Task: {F9DB0870-59E2-4373-90D5-AE97BB6D64C7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {FCB0CF30-3917-45CE-AA1D-466F4D9E1D17} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{00138945-9C65-4A60-B651-17E309D19196} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{92EF7091-E3AF-4879-84FE-EE26D1C3216F} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== VerknÃ¼pfungen =============================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)

Shortcut: C:\Users\NABIL\Desktop\Metal Gear Solid 5 The Phantom Pain TimeZone geÃ¤ndert.lnk -> M:\Program Files (x86)\Metal Gear Solid 5 The Phantom Pain\MGS TimeZone geÃ¤ndert.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2012-09-11 17:27 - 2012-09-11 17:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-17 22:09 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-02-11 19:58 - 2016-02-11 19:58 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2013-08-08 05:03 - 2013-08-08 05:03 - 00222544 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
2016-07-12 23:54 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-12 23:54 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-24 12:51 - 2016-06-24 12:51 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 23:55 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 23:54 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 23:54 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 23:54 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 23:54 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-30 10:34 - 2016-04-30 10:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-08-25 17:48 - 2016-08-25 17:48 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-02-11 19:58 - 2016-02-11 19:58 - 00004608 _____ () C:\WINDOWS\KMS-R@1nhook.exe
2015-05-14 19:07 - 2015-11-27 13:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00293200 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\sqlite3.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00080208 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\zlib125.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00016720 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui.dll
2015-11-08 01:54 - 2014-10-16 04:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-08 23:33 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-08 23:33 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-04-30 10:34 - 2016-04-30 10:34 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-30 10:34 - 2016-04-30 10:34 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:A303874F [173]
AlternateDataStreams: C:\Users\NABIL\Downloads\amddriverdownloader.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\CrystalDiskInfo6_1_8-en.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\everesthome220.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\UseNeXTSetup_5.62.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\WebInstallerJD2_c.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7863 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2009-07-14 04:34 - 2016-08-15 21:49 - 00000064 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NABIL\Desktop\burj_khalifa_tower_dubai-wide.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{278F36E3-E5E5-496D-9967-86C892CB0535}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{61F0B3D8-6E05-4631-B607-765D7888E1B3}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{DFE35632-8DAB-41EB-AA84-01F9977553B9}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{C76F638A-9504-42D7-A763-B3F7C7C77A4D}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{3FA6F97C-FD99-443D-B260-7E179B357C71}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{94D1B07C-EDAF-4C90-8CC3-5785A62BEC09}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{33FC0D78-00E7-4EE7-826F-357D76533C66}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{3191DBD4-99B4-4FA6-94B8-51273941163D}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{188F0954-4EC3-4399-83F6-EE0BF23AE077}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{4C434557-268B-4506-8795-E89E79BDC932}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{022D5197-F34E-469E-AF46-4EBF7D76F20B}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{C19E7C2E-71DE-4E7D-9003-455B4F7AF125}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{8F0D9833-8AF0-4F46-ACA3-C18E8E68626D}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{B2DF9200-F7FB-4ACE-ADFE-93A335FFDED7}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{9132CCF3-4021-44E6-BB4F-750D84997DCE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7C628337-5393-4F4D-8B3A-0FC8A0871292}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03C5A55C-FEDA-4462-B1A6-7A5125C08CD3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E126A09-ED1B-4853-9FD3-7F730C3A7720}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{654A073E-6ED1-4003-8F42-5F7EB86A0D98}M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{C978A76E-96DC-413F-8615-462A2C9BBABF}M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{B8231BBE-8C3E-434C-85CD-600F133918B2}C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C1B67484-1EFA-4BCE-BF47-57706EF1AA68}C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7EF7F052-A6A9-443E-9F38-54442346F206}M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe] => (Allow) M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [TCP Query User{0D6A2E0E-9E9B-4A8E-822F-36F70C8168E0}M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe] => (Allow) M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [UDP Query User{EEAE159A-8B3C-4675-87AE-3BD636F1750A}C:\program files (x86)\steamless counterstrikesource pack\hl2.exe] => (Block) C:\program files (x86)\steamless counterstrikesource pack\hl2.exe
FirewallRules: [TCP Query User{021BE0C6-E61D-4499-952C-FE8DB4E21874}C:\program files (x86)\steamless counterstrikesource pack\hl2.exe] => (Block) C:\program files (x86)\steamless counterstrikesource pack\hl2.exe
FirewallRules: [{A32FAF58-1412-4155-B798-F363DD50CC08}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{E303A31E-16CA-4844-8AE1-F60109DBA675}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [UDP Query User{600F0A67-9FF7-4CB5-9863-3DF6FF0C2D6B}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe
FirewallRules: [TCP Query User{4EA24165-101E-41CF-9C45-B4F69E5A3C74}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe
FirewallRules: [{50617DBB-D641-4217-B751-BD810DB7F119}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E3DF5FD2-B668-4E3E-9D3E-8E5BB0BF87BA}] => (Allow) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{89114CC2-34F0-4122-B301-61AA4319945F}] => (Allow) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2440C70A-7A6B-4B6D-A123-712FBD70A9CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6462BAA3-0284-4552-A8DE-589A37AC6BCE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9852CEB2-2423-4233-B583-35544D84D9A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2215C6AB-62FB-4EEB-8717-07E567C59244}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{51D35BE1-7AFF-4262-BE02-61BD921DF615}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0781B69A-4B35-473F-AB47-89CE6318ED73}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{47FD8685-D285-49CB-ABD0-0977F2F84DD8}M:\games\call of duty black ops iii\blackops3.exe] => (Allow) M:\games\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{20E12BCC-D3DD-4775-BE35-10FF60E010BB}M:\games\call of duty black ops iii\blackops3.exe] => (Allow) M:\games\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{978374A8-AD20-4359-BE77-A67D94DA9896}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{1C42E517-0CBF-4D71-8D85-969177EA4138}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{9558C53E-37FF-45E7-9A8B-1EC4C71880C3}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{0578CCF7-AE1D-4C9C-943C-C69726E231B2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{80785240-54DC-4A65-81ED-4E4E4935CBE0}M:\jdownloader\jre\bin\javaw.exe] => (Allow) M:\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{42847236-F025-4A30-B7B4-2AE9BF5DCCF1}M:\jdownloader\jre\bin\javaw.exe] => (Allow) M:\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1D8D5B98-EB69-4C6A-AC19-F712EFF883CC}M:\jdownloader\jre\bin\java.exe] => (Allow) M:\jdownloader\jre\bin\java.exe
FirewallRules: [UDP Query User{994936E9-37C4-47A0-BDEB-6A846D73F363}M:\jdownloader\jre\bin\java.exe] => (Allow) M:\jdownloader\jre\bin\java.exe
FirewallRules: [{BDBA1559-0767-4003-B9C0-F7E1807BB450}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{054F7E49-BAC3-46B6-B654-491B7FC98899}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{8F4C311D-D711-48C8-8940-A2C3CC194115}M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe] => (Allow) M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe
FirewallRules: [UDP Query User{15C82FC6-62AB-4904-B306-70AD69A9F8AD}M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe] => (Allow) M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe
FirewallRules: [{21FE5001-0179-4A7F-B498-5A4FC555CC78}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{39F833ED-D645-4DF5-83B4-831D54CC965E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{68B18BCB-3874-46A4-80DD-9699222566CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A816DD60-DD86-4EA0-B739-3C9B7863C439}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F6B58786-8162-49F8-A162-73C2A3240B33}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe
FirewallRules: [{911438D9-1E32-4989-84B7-DEB3B3280F77}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\RpcSandraSrv.exe
FirewallRules: [TCP Query User{2848611B-7895-4823-B6D6-EF1CB0A006B6}M:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) M:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{1A33A746-BD72-44D4-9EDC-C53D8F2E8C08}M:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) M:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{68E4D429-DBA5-4597-951D-CAF7117A56F2}] => (Allow) M:\Program Files (x86)\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{B263A842-E664-4611-B127-0E9041E80D1E}] => (Allow) M:\Program Files (x86)\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{C5DFAF2D-B544-4910-A68A-FC0155A1ACAF}M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{D9AE8798-8B04-4742-93CA-7AB2A9C5D39A}M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [{9EA90930-8669-4BCB-AE2C-B41D164F14E5}] => (Allow) M:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4380FC8-563B-472A-81A3-22FADE6734CA}] => (Allow) M:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A2E30EF8-99FA-4ABA-B833-741974D6BC05}] => (Allow) M:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B48BF075-2C5F-47F9-ACAF-2980D48ACE01}] => (Allow) M:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BAC03561-5F5C-4155-9946-6B82F61A6381}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4C4C228A-CE78-4F94-AB6A-9A37178B6087}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{994B3FD3-15BE-418D-AFEA-A70CBBEC89AE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{20526224-9C49-480F-803C-192E53CF7DCD}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{FD77485A-0F7F-4A3B-8533-96CD5272A824}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7A16777D-B0E9-46FE-888E-9F62CD0D5ECB}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [UDP Query User{C342B424-54BE-42BC-91AD-47F83EDEA9AC}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [{661DF73C-B241-477E-AA84-B087393EEA7F}] => (Allow) M:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{95BA97EC-4661-448D-8FDE-F28C87808F43}] => (Allow) M:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [TCP Query User{16AE10AB-38F4-486C-A014-611576649CED}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{E3E6A7A6-5CEA-406B-949D-09673533E769}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{CE4FA322-8732-4E69-A9FF-C35A1E697952}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C7266C32-357F-4EF1-A933-EE8B0E33FA21}] => (Allow) M:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A3A7A281-EA5E-4FF3-AC60-4833EC72D1C3}] => (Allow) M:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/13/2016 05:12:07 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (09/13/2016 05:10:42 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (09/13/2016 04:55:42 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (09/13/2016 04:40:42 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (09/13/2016 04:25:42 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (09/13/2016 04:10:42 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (09/13/2016 03:55:42 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (09/13/2016 03:40:42 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (09/13/2016 03:25:42 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (09/13/2016 03:10:42 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error


Systemfehler:
=============
Error: (09/12/2016 10:25:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten GerÃ¤ten verbunden.

Error: (09/12/2016 10:24:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_a8994" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/12/2016 10:24:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _a8994" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/12/2016 10:24:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_a8994" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/12/2016 10:24:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_a8994" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/12/2016 10:06:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten GerÃ¤ten verbunden.

Error: (09/12/2016 10:04:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_17db7cea9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/12/2016 10:04:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _17db7cea9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/12/2016 10:04:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_17db7cea9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (09/12/2016 10:04:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_17db7cea9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-09-11 20:10:10.298
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-05 13:28:14.266
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-05 13:28:14.231
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:49.628
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:49.567
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:48.833
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:53:47.220
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-04 20:37:16.112
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-01 22:18:12.390
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-01 03:01:06.472
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8111.46 MB
Verfügbarer physikalischer RAM: 5213.94 MB
Summe virtueller Speicher: 16303.46 MB
Verfügbarer virtueller Speicher: 13109.26 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:39.69 GB) NTFS
Drive e: (Emily Wants To Play) (CDROM) (Total:2.26 GB) (Free:0 GB) UDF
Drive f: (Adobe Acrobat XI) (CDROM) (Total:0.74 GB) (Free:0 GB) CDFS
Drive g: (OMNIPAGE ULTIMAT) (CDROM) (Total:3.05 GB) (Free:0 GB) CDFS
Drive h: (LifeIsStrange) (CDROM) (Total:8.72 GB) (Free:0 GB) UDF
Drive m: (Volume) (Fixed) (Total:1863.01 GB) (Free:1022.65 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4A40E047)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5AC0E83E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

M-K-D-B · 14.09.2016, 13:57

Servus,

bisher wurden nur ein paar Adware-Reste gefunden. Du machst das sehr gut!

Wir entfernen die letzten Reste und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220
C:\Program Files (x86)\RichMediaViewV1
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-02-11] () [Datei ist nicht signiert]
C:\Windows\KMS-R@1n.exe
Task: {D27BE5C6-A5F6-4031-ABA9-429A3E82A67F} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {D57EF4A8-1624-4244-814F-A2B2F632642C} - System32\Tasks\R@1n-KMS\Office15ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="b322da9c-a2e2-4058-9e4e-f59a6970bd69") call Activate]
CMD: dir /B "%ProgramFiles%"
CMD: dir /B "%ProgramFiles(x86)%"
CMD: dir /B "%ProgramData%"
CMD: dir /B "%Appdata%"
CMD: dir /B "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

nabil21 · 14.09.2016, 16:30

Fixlog.txt

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von NABIL (14-09-2016 15:04:20) Run:1
Gestartet von C:\Users\NABIL\Desktop
Geladene Profile: NABIL (Verfügbare Profile: NABIL & asd & bazet & Gast & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220
C:\Program Files (x86)\RichMediaViewV1
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-02-11] () [Datei ist nicht signiert]
C:\Windows\KMS-R@1n.exe
Task: {D27BE5C6-A5F6-4031-ABA9-429A3E82A67F} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {D57EF4A8-1624-4244-814F-A2B2F632642C} - System32\Tasks\R@1n-KMS\Office15ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="b322da9c-a2e2-4058-9e4e-f59a6970bd69") call Activate]
CMD: dir /B "%ProgramFiles%"
CMD: dir /B "%ProgramFiles(x86)%"
CMD: dir /B "%ProgramData%"
CMD: dir /B "%Appdata%"
CMD: dir /B "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\OSppSvc.exe" => Schlüssel erfolgreich entfernt
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe" => Schlüssel erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}\\NameServer => Wert erfolgreich entfernt
"C:\Program Files (x86)\RichMediaViewV1" => nicht gefunden.
KMS-R@1n => Dienst erfolgreich gestoppt.
KMS-R@1n => Dienst erfolgreich entfernt
C:\Windows\KMS-R@1n.exe => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D27BE5C6-A5F6-4031-ABA9-429A3E82A67F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D27BE5C6-A5F6-4031-ABA9-429A3E82A67F}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\R@1n-KMS\Windows64Professional => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Windows64Professional" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D57EF4A8-1624-4244-814F-A2B2F632642C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D57EF4A8-1624-4244-814F-A2B2F632642C}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\R@1n-KMS\Office15ProPlus => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Office15ProPlus" => Schlüssel erfolgreich entfernt

========= dir /B "%ProgramFiles%" =========

AMD
ASRock Utility
ATI
ATI Technologies
Bitdefender
Bonjour
Canon
CMAK
Common Files
Covus Freemium
DAEMON Tools Lite
DVD Maker
EpsonNet
Intel
Internet Explorer
iPod
iTunes
Java
JDownloader
McAfee Security Scan
MGTEK
Microsoft Office
Microsoft Silverlight
Microsoft Xbox 360 Accessories
MotioninJoy
MSBuild
Realtek
Reference Assemblies
Rockstar Games
Samsung
SiSoftware
Synaptics
TeamSpeak 3 Client
Tracker Software
Windows Defender
Windows Journal
Windows Mail
Windows Media Player
Windows Multimedia Platform
Windows NT
Windows Photo Viewer
Windows Portable Devices

========= Ende von CMD: =========


========= dir /B "%ProgramFiles(x86)%" =========

ABBYY FineReader 12
Adobe
AMD
AMD APP
AMD AVT
Apple Software Update
ASUS
Bonjour
Canon
CDBurnerXP
CMAK
Common Files
CrystalDiskInfo
DVDVideoSoft
Emsisoft Anti-Malware
epson
EPSON Software
EpsonNet
Free Codec Pack
freshney.org
Google
GUMBE68.tmp
Intel
Internet Explorer
IObit
iTunes
Java
Lavalys
Malwarebytes Anti-Exploit
 Malwarebytes Anti-Malware 
MGTEK
Microsoft
Microsoft CAPICOM 2.1.0.2
Microsoft Games for Windows - LIVE
Microsoft Silverlight
Microsoft.NET
Mozilla Firefox
MSBuild
MSI Kombustor 2.5
MSXML 4.0
Naruto Shippuden Ultimate Ninja Storm Revolution
Nero
Nuance
OpenAL
Opera
Origin Games
Panda Security
PSupport
QuickTime
Raptr
Realtek
Reference Assemblies
Rockstar Games
Samsung
ScummVM
Skype
Spybot - Search & Destroy 2
Stardock
Steam
Steamless CounterStrikeSource Pack
Valiant Hearts The Great War
Windows Defender
Windows Mail
Windows Media Player
Windows Multimedia Platform
Windows NT
Windows Photo Viewer
Windows Portable Devices
Wondershare

========= Ende von CMD: =========


========= dir /B "%ProgramData%" =========

ABBYY
Adobe
AMD
Apple
Apple Computer
AVAST Software
AVG
Avira
BDLogging
Canneverbe Limited
Canon IJ Network Tool
CanonIJPLM
CanonIJWSpt
Comms
DAEMON Tools Lite
E1864A66-75E3-486a-BD95-D1B7D99A84A7
Elder Scrolls Online
Electronic Arts
Emsisoft
Epson
FLEXnet
FreeDriverScout
HitmanPro
Intel
Intel(R) Update Manager
IObit
Lexware
Macrovision
Malwarebytes
Malwarebytes Anti-Exploit
McAfee
McAfee Security Scan
MGTEK
Microsoft Help
Microsoft OneDrive
Nero
Nuance
Oracle
Orbit
Origin
Package Cache
Panda Security
regid.1986-12.com.adobe
regid.1991-06.com.microsoft
Riot Games
Samsung
ScanSoft
Skype
SoftwareDistribution
Sony Corporation
Stardock
Steam
TEMP
TuneUp Software
UDL
USOPrivate
USOShared
wondershare
zeon
{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}

========= Ende von CMD: =========


========= dir /B "%Appdata%" =========

.minecraft
ABBYY
Adobe
AMD
Apple Computer
ATI
AVG
Awesomium
Axolot Games
becker
Canneverbe Limited
Canon
DAEMON Tools Lite
dlg
dvdcss
DVDVideoSoft
Epson
FLEXnet
GalileoPress
HMYGSetting
Intel Corporation
IObit
Kalypso Media
Lexware
library_dir
LolClient
Macromedia
Media Center Programs
MK10
MotioninJoy
Nero
Nuance
Omerta
Opera Software
Origin
Panda Security
PDAppFlex
ProductData
QuickScan
Raptr
Riot Games
Samsung
Sandra.mdb
ScanSoft
ScummVM
Skype
Sm!thSteamEmu
SolidDocuments
Steam
Sun
TS3Client
TuneUp Software
unav
UseNeXT
vlc
Win Update
WinRAR
Wondershare
Zeon

========= Ende von CMD: =========


========= dir /B "%LocalAppdata%" =========

ABBYY
ActiveSync
Adobe
AMD
Apple
Apple Computer
Apps
ATI
Avg
avgchrome
BANDAI NAMCO Games
cache
CEF
Chromium
Comms
CrashDumps
Daedalic Entertainment GmbH
DayZ
Diagnostics
Disc_Soft_Ltd
Downloaded Installations
Electronic Arts
ElevatedDiagnostics
EmilyWantsToPlay
EMU
GDIPFONTCACHEV1.DAT
gladinet
Google
GWX
JDownloader 2.0
Lexware
Mega Limited
MGTEK
Microsoft
Microsoft Help
MicrosoftEdge
mpress
Nero
Nero_AG
Nuance
Opera Software
Origin
Package Cache
Packages
PeerDistRepub
Programs
Publishers
Rockstar Games
Samsung
ScanSoft
SKIDROW
Skyrim
SquareEnix
Stardock
Steam
Temp
Temp71f478dc03dcd9563705386394b9772c
TileDataLayer
TuneUp Software
Ubisoft Game Launcher
UnrealEngine
VirtualStore

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17324877 B
Java, Flash, Steam htmlcache => 88331695 B
Windows/system/drivers => 39803295 B
Edge => 9728 B
Chrome => 728441214 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6766 B
ProgramData => 0 B
Public => 0 B
systemprofile32 => 0 B
LocalService => 73510 B
NetworkService => 441402 B
NABIL => 2758730614 B
asd => 1056913721 B
bazet => 27966 B
Gast => 0 B
DefaultAppPool => 0 B

RecycleBin => 100014 B
EmptyTemp: => 4.4 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 15:05:11 ====

eset

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von NABIL (14-09-2016 15:04:20) Run:1
Gestartet von C:\Users\NABIL\Desktop
Geladene Profile: NABIL (Verfügbare Profile: NABIL & asd & bazet & Gast & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220
C:\Program Files (x86)\RichMediaViewV1
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-02-11] () [Datei ist nicht signiert]
C:\Windows\KMS-R@1n.exe
Task: {D27BE5C6-A5F6-4031-ABA9-429A3E82A67F} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {D57EF4A8-1624-4244-814F-A2B2F632642C} - System32\Tasks\R@1n-KMS\Office15ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="b322da9c-a2e2-4058-9e4e-f59a6970bd69") call Activate]
CMD: dir /B "%ProgramFiles%"
CMD: dir /B "%ProgramFiles(x86)%"
CMD: dir /B "%ProgramData%"
CMD: dir /B "%Appdata%"
CMD: dir /B "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\OSppSvc.exe" => Schlüssel erfolgreich entfernt
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe" => Schlüssel erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}\\NameServer => Wert erfolgreich entfernt
"C:\Program Files (x86)\RichMediaViewV1" => nicht gefunden.
KMS-R@1n => Dienst erfolgreich gestoppt.
KMS-R@1n => Dienst erfolgreich entfernt
C:\Windows\KMS-R@1n.exe => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D27BE5C6-A5F6-4031-ABA9-429A3E82A67F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D27BE5C6-A5F6-4031-ABA9-429A3E82A67F}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\R@1n-KMS\Windows64Professional => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Windows64Professional" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D57EF4A8-1624-4244-814F-A2B2F632642C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D57EF4A8-1624-4244-814F-A2B2F632642C}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\R@1n-KMS\Office15ProPlus => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Office15ProPlus" => Schlüssel erfolgreich entfernt

========= dir /B "%ProgramFiles%" =========

AMD
ASRock Utility
ATI
ATI Technologies
Bitdefender
Bonjour
Canon
CMAK
Common Files
Covus Freemium
DAEMON Tools Lite
DVD Maker
EpsonNet
Intel
Internet Explorer
iPod
iTunes
Java
JDownloader
McAfee Security Scan
MGTEK
Microsoft Office
Microsoft Silverlight
Microsoft Xbox 360 Accessories
MotioninJoy
MSBuild
Realtek
Reference Assemblies
Rockstar Games
Samsung
SiSoftware
Synaptics
TeamSpeak 3 Client
Tracker Software
Windows Defender
Windows Journal
Windows Mail
Windows Media Player
Windows Multimedia Platform
Windows NT
Windows Photo Viewer
Windows Portable Devices

========= Ende von CMD: =========


========= dir /B "%ProgramFiles(x86)%" =========

ABBYY FineReader 12
Adobe
AMD
AMD APP
AMD AVT
Apple Software Update
ASUS
Bonjour
Canon
CDBurnerXP
CMAK
Common Files
CrystalDiskInfo
DVDVideoSoft
Emsisoft Anti-Malware
epson
EPSON Software
EpsonNet
Free Codec Pack
freshney.org
Google
GUMBE68.tmp
Intel
Internet Explorer
IObit
iTunes
Java
Lavalys
Malwarebytes Anti-Exploit
 Malwarebytes Anti-Malware 
MGTEK
Microsoft
Microsoft CAPICOM 2.1.0.2
Microsoft Games for Windows - LIVE
Microsoft Silverlight
Microsoft.NET
Mozilla Firefox
MSBuild
MSI Kombustor 2.5
MSXML 4.0
Naruto Shippuden Ultimate Ninja Storm Revolution
Nero
Nuance
OpenAL
Opera
Origin Games
Panda Security
PSupport
QuickTime
Raptr
Realtek
Reference Assemblies
Rockstar Games
Samsung
ScummVM
Skype
Spybot - Search & Destroy 2
Stardock
Steam
Steamless CounterStrikeSource Pack
Valiant Hearts The Great War
Windows Defender
Windows Mail
Windows Media Player
Windows Multimedia Platform
Windows NT
Windows Photo Viewer
Windows Portable Devices
Wondershare

========= Ende von CMD: =========


========= dir /B "%ProgramData%" =========

ABBYY
Adobe
AMD
Apple
Apple Computer
AVAST Software
AVG
Avira
BDLogging
Canneverbe Limited
Canon IJ Network Tool
CanonIJPLM
CanonIJWSpt
Comms
DAEMON Tools Lite
E1864A66-75E3-486a-BD95-D1B7D99A84A7
Elder Scrolls Online
Electronic Arts
Emsisoft
Epson
FLEXnet
FreeDriverScout
HitmanPro
Intel
Intel(R) Update Manager
IObit
Lexware
Macrovision
Malwarebytes
Malwarebytes Anti-Exploit
McAfee
McAfee Security Scan
MGTEK
Microsoft Help
Microsoft OneDrive
Nero
Nuance
Oracle
Orbit
Origin
Package Cache
Panda Security
regid.1986-12.com.adobe
regid.1991-06.com.microsoft
Riot Games
Samsung
ScanSoft
Skype
SoftwareDistribution
Sony Corporation
Stardock
Steam
TEMP
TuneUp Software
UDL
USOPrivate
USOShared
wondershare
zeon
{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}

========= Ende von CMD: =========


========= dir /B "%Appdata%" =========

.minecraft
ABBYY
Adobe
AMD
Apple Computer
ATI
AVG
Awesomium
Axolot Games
becker
Canneverbe Limited
Canon
DAEMON Tools Lite
dlg
dvdcss
DVDVideoSoft
Epson
FLEXnet
GalileoPress
HMYGSetting
Intel Corporation
IObit
Kalypso Media
Lexware
library_dir
LolClient
Macromedia
Media Center Programs
MK10
MotioninJoy
Nero
Nuance
Omerta
Opera Software
Origin
Panda Security
PDAppFlex
ProductData
QuickScan
Raptr
Riot Games
Samsung
Sandra.mdb
ScanSoft
ScummVM
Skype
Sm!thSteamEmu
SolidDocuments
Steam
Sun
TS3Client
TuneUp Software
unav
UseNeXT
vlc
Win Update
WinRAR
Wondershare
Zeon

========= Ende von CMD: =========


========= dir /B "%LocalAppdata%" =========

ABBYY
ActiveSync
Adobe
AMD
Apple
Apple Computer
Apps
ATI
Avg
avgchrome
BANDAI NAMCO Games
cache
CEF
Chromium
Comms
CrashDumps
Daedalic Entertainment GmbH
DayZ
Diagnostics
Disc_Soft_Ltd
Downloaded Installations
Electronic Arts
ElevatedDiagnostics
EmilyWantsToPlay
EMU
GDIPFONTCACHEV1.DAT
gladinet
Google
GWX
JDownloader 2.0
Lexware
Mega Limited
MGTEK
Microsoft
Microsoft Help
MicrosoftEdge
mpress
Nero
Nero_AG
Nuance
Opera Software
Origin
Package Cache
Packages
PeerDistRepub
Programs
Publishers
Rockstar Games
Samsung
ScanSoft
SKIDROW
Skyrim
SquareEnix
Stardock
Steam
Temp
Temp71f478dc03dcd9563705386394b9772c
TileDataLayer
TuneUp Software
Ubisoft Game Launcher
UnrealEngine
VirtualStore

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17324877 B
Java, Flash, Steam htmlcache => 88331695 B
Windows/system/drivers => 39803295 B
Edge => 9728 B
Chrome => 728441214 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6766 B
ProgramData => 0 B
Public => 0 B
systemprofile32 => 0 B
LocalService => 73510 B
NetworkService => 441402 B
NABIL => 2758730614 B
asd => 1056913721 B
bazet => 27966 B
Gast => 0 B
DefaultAppPool => 0 B

RecycleBin => 100014 B
EmptyTemp: => 4.4 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 15:05:11 ====

hitman

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.14.276
www.hitmanpro.com

   Computer name . . . . : NABIL-PC
   Windows . . . . . . . : 10.0.0.10586.X64/4
   User name . . . . . . : NABIL-PC\NABIL
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-09-14 17:10:31
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 2m 0s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 6

   Objects scanned . . . : 2.956.099
   Files scanned . . . . : 67.569
   Remnants scanned  . . : 673.476 files / 2.215.054 keys

Malware _____________________________________________________________________

   C:\Users\NABIL\Downloads\Realtek HD Audio Treiber inoffizielle WHQL Treiber - CHIP-Installer.exe
      Size . . . . . . . : 1.474.568 bytes
      Age  . . . . . . . : 9.9 days (2016-09-04 20:03:52)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : 3DEBBCBBD0179CA8ED7E6CEED3AB5C21F30A6B0D47325A469806098C8CE0019C
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
      Fuzzy  . . . . . . : 104.0
      Forensic Cluster
          0.0s C:\Users\NABIL\Downloads\Realtek HD Audio Treiber inoffizielle WHQL Treiber - CHIP-Installer.exe
          2.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\83\DA05D50629A7B61F.dat
          2.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\64\F892734318B8A848.dat
          3.2s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\01\4CD4E612AABFF5A9.dat
          4.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{B6A4C87A-6EF3-40A0-AA37-021E0F739299}
          7.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\09\1871448D192D370D.dat
          8.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\09\1871448D192D370D.dat
         13.2s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\NHEV1FMH\progress[1].htm
         13.3s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\36WF5J7B\main[1].css
         13.3s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCookies\C6NM33SO.txt
         13.3s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\AF9LX6Q0\jquery.corner[1].js
         13.3s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\AF9LX6Q0\jquery[1].js
         13.3s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCookies\MJAHOSR4.txt
         13.4s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\RFQLVW6Y\main[1].js
         13.4s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\NHEV1FMH\bg-icon-speedometer[1].png
         13.4s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\36WF5J7B\kasper-progresspg-ongrey[1].gif
         13.6s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\RFQLVW6Y\background%20progressad[1].gif
         13.7s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\NHEV1FMH\speedometer_sprites[1].gif
         13.7s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\NHEV1FMH\progresspagead[1].htm
         13.8s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\36WF5J7B\bg-top[1].gif
         13.8s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\AF9LX6Q0\bg-bottom[1].gif
         13.8s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\RFQLVW6Y\bg-progressbar[1].gif
         14.0s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\36WF5J7B\view[1].htm
         14.0s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\AF9LX6Q0\impression[1].htm
         14.0s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\RFQLVW6Y\au4480[1].htm
         14.1s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\NHEV1FMH\adnl.min[1].js
         14.1s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\36WF5J7B\pic[1].gif
         14.3s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\AF9LX6Q0\1[1].js
         14.3s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\RFQLVW6Y\native_622x148_2slots[1].js
         14.4s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\NHEV1FMH\1095e9e9-3fcb-4bdc-833c-2ab68d76d4ba[1].png
         14.5s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\36WF5J7B\4896790f-ecac-4af5-ac84-e969d4c1da48[1].png
         14.5s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\36WF5J7B\1[1].gif
         14.5s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCookies\XHBZF30J.txt
         14.5s C:\Users\NABIL\AppData\Local\Microsoft\Windows\INetCache\IE\AF9LX6Q0\1[1].gif
         16.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\40\1052B45325E91418.dat
         16.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\91\57263B8E60ACE157.dat
         16.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\47\7EFF0CEFC30180FB.dat
         16.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\35\2892426B4616A80B.dat
         17.7s C:\Windows\Prefetch\DMR_72.EXE-79E70586.pf
         23.4s C:\Users\NABIL\Downloads\7917_PG448_Win10_TH_RS_Win8.1_Win8_Win7_WHQL.zip
         25.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\10\856F1F10A28C4E72.dat
         25.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\38\AAD32EC8EF6C8402.dat
         25.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\57\1D09AE7C5A6A96E1.dat


Suspicious files ____________________________________________________________

   C:\Users\NABIL\Desktop\FRST64.exe
      Size . . . . . . . : 2.397.696 bytes
      Age  . . . . . . . : 2.9 days (2016-09-11 19:36:44)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : EFF67DD0CB40498753A49A710C08A3A6376C7DE296D23B8AEF5D4221A6017692
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\NABIL\Desktop\FRST64.exe
          3.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\21\508DFDB9EB6B53C5.dat
          6.1s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{0D3B5DEE-18B6-4201-B3A6-691D422176DB}
         17.4s C:\FRST\Logs\
         17.4s C:\FRST\
         17.4s C:\FRST\Hives\
         17.4s C:\FRST\Quarantine\
         18.0s C:\FRST\Hives\ERDNT.INF
         18.0s C:\FRST\Hives\ERDNT.CON
         18.0s C:\FRST\Hives\SYSTEM
         18.0s C:\Windows\Prefetch\FRST64.EXE-A6A0D024.pf
         18.1s C:\FRST\Hives\SOFTWARE
         18.5s C:\FRST\Hives\DEFAULT
         18.5s C:\FRST\Hives\SECURITY
         18.6s C:\FRST\Hives\SAM
         18.6s C:\FRST\Hives\COMPONENTS
         18.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\40\9E4B90858055AAD4.dat
         18.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\26\4A6D46E8F573A0F6.dat
         20.0s C:\FRST\Hives\BCD
         20.1s C:\FRST\Hives\Users\
         20.1s C:\FRST\Hives\Users\00000001\
         20.1s C:\FRST\Hives\Users\00000001\NTUSER.DAT
         20.1s C:\FRST\Hives\Users\00000002\
         20.1s C:\FRST\Hives\Users\00000002\UsrClass.dat
         20.2s C:\FRST\Hives\ERDNT.EXE
         20.2s C:\FRST\Hives\ERDNTWIN.LOC
         20.2s C:\FRST\Hives\ERDNTDOS.LOC
         22.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\21\508DFDB9EB6B53C5.dat
         27.1s C:\Users\NABIL\Downloads\FRST.txt
         31.0s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{7A42198F-3DD6-4A48-BF3D-A3A63676381C}


Malware remnants ____________________________________________________________

   HKU\S-1-5-21-225648569-1694930765-1264359465-501\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com\ (SuperFish)

Potential Unwanted Programs _________________________________________________

   HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113} (FLV Player)
   HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\SnapDo.exe (FLV Player)
   HKU\S-1-5-21-225648569-1694930765-1264359465-501\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\SnapDo.exe (FLV Player)

frst teil 1

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von NABIL (Administrator) auf NABIL-PC (14-09-2016 17:24:39)
Gestartet von C:\Users\NABIL\Desktop
Geladene Profile: NABIL & asd & bazet & Gast & DefaultAppPool (Verfügbare Profile: NABIL & asd & bazet & Gast & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start101\Start10_64.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\Windows\SysWOW64\ASGT.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDFCreate8\PdfCreate8Hook.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1517088 2014-09-22] (ABBYY Production LLC.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe [3021528 2014-11-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance OmniPage Ultimate-reminder] => "C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage Ultimate\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDFCreate8\pdfcreate8hook.exe [1109016 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDFCreate8\RegistryController.exe [189976 2014-11-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-07-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-225648569-1694930765-1264359465-1004\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-225648569-1694930765-1264359465-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-225648569-1694930765-1264359465-1004\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-225648569-1694930765-1264359465-1004\...\RunOnce: [Uninstall C:\Users\asd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\asd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64"
HKU\S-1-5-21-225648569-1694930765-1264359465-1004\...\RunOnce: [Uninstall C:\Users\asd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\asd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1"
HKU\S-1-5-21-225648569-1694930765-1264359465-1008\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2013-08-08] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2013-08-08] (Gladinet, INC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2016-04-06]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2016-02-23]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{281f7690-3078-4910-b67d-7743d4eb2a9a}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
BHO-x32: ZeonIEEventHelper Class -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDFCreate8\Bin\GZeonIEFavClient.dll [2013-05-16] (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-225648569-1694930765-1264359465-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-16] (Adobe Systems Incorporated)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> m:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-03-18] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-225648569-1694930765-1264359465-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-05-26] (Tracker Software Products (Canada) Ltd.)
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [nicht gefunden]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-22] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-01]

Chrome: 
=======
CHR Profile: C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-01]
CHR Extension: (Google-Suche) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Adblock Plus) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\fancjlijdfajbmighlldmgmeobfmempn [2015-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Google Mail) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert]
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1145216 2015-05-19] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-27] (Digital Wave Ltd.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [30032 2013-08-08] (Gladinet, INC)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe [73200 2015-02-15] (SiSoftware) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 Start10; C:\Program Files (x86)\Stardock\Start101\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Datei ist nicht signiert]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [124168 2016-01-19] (Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111120 2016-02-11] (Advanced Micro Devices)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-10] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [531424 2015-12-22] (Intel Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [74984 2016-07-28] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-08] (REALiX(tm))
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-14] ()
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-22] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-04-30] ()
U4 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

nabil21 · 14.09.2016, 16:32

frst teil 2

Code:

ATTFilter

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-14 17:09 - 2016-09-14 17:09 - 11572656 _____ (SurfRight B.V.) C:\Users\NABIL\Desktop\HitmanPro_x64.exe
2016-09-14 15:11 - 2016-09-14 15:11 - 02870984 _____ (ESET) C:\Users\NABIL\Desktop\esetsmartinstaller_deu.exe
2016-09-14 15:04 - 2016-09-14 15:05 - 00009371 _____ C:\Users\NABIL\Desktop\Fixlog.txt
2016-09-13 22:58 - 2016-09-07 07:39 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-13 22:58 - 2016-09-07 07:39 - 01098640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-09-13 22:58 - 2016-09-07 07:37 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-09-13 22:58 - 2016-09-07 07:26 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-13 22:58 - 2016-09-07 07:26 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-13 22:58 - 2016-09-07 07:26 - 01152320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-09-13 22:58 - 2016-09-07 07:26 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-13 22:58 - 2016-09-07 07:26 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-13 22:58 - 2016-09-07 07:26 - 00847648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-13 22:58 - 2016-09-07 07:26 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-13 22:58 - 2016-09-07 07:26 - 00588320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2016-09-13 22:58 - 2016-09-07 07:26 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-13 22:58 - 2016-09-07 07:25 - 02607336 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-13 22:58 - 2016-09-07 07:25 - 01270064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-13 22:58 - 2016-09-07 07:24 - 01349632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-13 22:58 - 2016-09-07 07:24 - 00511312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-13 22:58 - 2016-09-07 07:24 - 00496360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmdev.dll
2016-09-13 22:58 - 2016-09-07 07:23 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-09-13 22:58 - 2016-09-07 07:23 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-09-13 22:58 - 2016-09-07 07:23 - 01040792 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-13 22:58 - 2016-09-07 07:23 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-09-13 22:58 - 2016-09-07 07:22 - 01128096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-13 22:58 - 2016-09-07 07:20 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-09-13 22:58 - 2016-09-07 07:19 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-13 22:58 - 2016-09-07 07:15 - 00911640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-09-13 22:58 - 2016-09-07 07:12 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-13 22:58 - 2016-09-07 06:48 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-13 22:58 - 2016-09-07 06:48 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-09-13 22:58 - 2016-09-07 06:47 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-09-13 22:58 - 2016-09-07 06:46 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-13 22:58 - 2016-09-07 06:46 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-13 22:58 - 2016-09-07 06:44 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2016-09-13 22:58 - 2016-09-07 06:43 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-13 22:58 - 2016-09-07 06:42 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-09-13 22:58 - 2016-09-07 06:41 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2016-09-13 22:58 - 2016-09-07 06:41 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2016-09-13 22:58 - 2016-09-07 06:41 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-13 22:58 - 2016-09-07 06:41 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwcfg.dll
2016-09-13 22:58 - 2016-09-07 06:40 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CheckNetIsolation.exe
2016-09-13 22:58 - 2016-09-07 06:39 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-13 22:58 - 2016-09-07 06:39 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2016-09-13 22:58 - 2016-09-07 06:39 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2016-09-13 22:58 - 2016-09-07 06:38 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2016-09-13 22:58 - 2016-09-07 06:38 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2016-09-13 22:58 - 2016-09-07 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-13 22:58 - 2016-09-07 06:37 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-09-13 22:58 - 2016-09-07 06:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-13 22:58 - 2016-09-07 06:36 - 01568768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2016-09-13 22:58 - 2016-09-07 06:36 - 01051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll
2016-09-13 22:58 - 2016-09-07 06:36 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-13 22:58 - 2016-09-07 06:36 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\authfwcfg.dll
2016-09-13 22:58 - 2016-09-07 06:36 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2016-09-13 22:58 - 2016-09-07 06:36 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-09-13 22:58 - 2016-09-07 06:36 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-13 22:58 - 2016-09-07 06:35 - 24611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-13 22:58 - 2016-09-07 06:35 - 00814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2016-09-13 22:58 - 2016-09-07 06:35 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-13 22:58 - 2016-09-07 06:35 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemcomn.dll
2016-09-13 22:58 - 2016-09-07 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-13 22:58 - 2016-09-07 06:35 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-13 22:58 - 2016-09-07 06:35 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-09-13 22:58 - 2016-09-07 06:35 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2016-09-13 22:58 - 2016-09-07 06:35 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.ps.dll
2016-09-13 22:58 - 2016-09-07 06:34 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-13 22:58 - 2016-09-07 06:34 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-13 22:58 - 2016-09-07 06:34 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-13 22:58 - 2016-09-07 06:34 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-09-13 22:58 - 2016-09-07 06:33 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2016-09-13 22:58 - 2016-09-07 06:33 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-09-13 22:58 - 2016-09-07 06:32 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-09-13 22:58 - 2016-09-07 06:32 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartCardSimulator.dll
2016-09-13 22:58 - 2016-09-07 06:32 - 00643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2016-09-13 22:58 - 2016-09-07 06:32 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2016-09-13 22:58 - 2016-09-07 06:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-09-13 22:58 - 2016-09-07 06:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-13 22:58 - 2016-09-07 06:32 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-13 22:58 - 2016-09-07 06:31 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-13 22:58 - 2016-09-07 06:31 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2016-09-13 22:58 - 2016-09-07 06:31 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-09-13 22:58 - 2016-09-07 06:31 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2016-09-13 22:58 - 2016-09-07 06:31 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2016-09-13 22:58 - 2016-09-07 06:31 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-13 22:58 - 2016-09-07 06:31 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-13 22:58 - 2016-09-07 06:31 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-09-13 22:58 - 2016-09-07 06:30 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-13 22:58 - 2016-09-07 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-13 22:58 - 2016-09-07 06:30 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-09-13 22:58 - 2016-09-07 06:30 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-09-13 22:58 - 2016-09-07 06:30 - 00904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-09-13 22:58 - 2016-09-07 06:30 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-13 22:58 - 2016-09-07 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-13 22:58 - 2016-09-07 06:30 - 00602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-13 22:58 - 2016-09-07 06:29 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-13 22:58 - 2016-09-07 06:29 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2016-09-13 22:58 - 2016-09-07 06:28 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-13 22:58 - 2016-09-07 06:28 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-13 22:58 - 2016-09-07 06:28 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-13 22:58 - 2016-09-07 06:28 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-13 22:58 - 2016-09-07 06:28 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-13 22:58 - 2016-09-07 06:27 - 01743872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-13 22:58 - 2016-09-07 06:27 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-13 22:58 - 2016-09-07 06:27 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-09-13 22:58 - 2016-09-07 06:27 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmsdk.dll
2016-09-13 22:58 - 2016-09-07 06:27 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2016-09-13 22:58 - 2016-09-07 06:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-09-13 22:58 - 2016-09-07 06:26 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-13 22:58 - 2016-09-07 06:26 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-13 22:58 - 2016-09-07 06:26 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-09-13 22:58 - 2016-09-07 06:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-09-13 22:58 - 2016-09-07 06:26 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-13 22:58 - 2016-09-07 06:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-13 22:58 - 2016-09-07 06:26 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-13 22:58 - 2016-09-07 06:25 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-13 22:58 - 2016-09-07 06:25 - 01166848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2016-09-13 22:58 - 2016-09-07 06:25 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-09-13 22:58 - 2016-09-07 06:24 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-09-13 22:58 - 2016-09-07 06:24 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-13 22:58 - 2016-09-07 06:24 - 00785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-13 22:58 - 2016-09-07 06:23 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-09-13 22:58 - 2016-09-07 06:23 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-09-13 22:58 - 2016-09-07 06:23 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-09-13 22:58 - 2016-09-07 06:22 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-13 22:58 - 2016-09-07 06:22 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-13 22:58 - 2016-09-07 06:21 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-09-13 22:58 - 2016-09-07 06:21 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-13 22:58 - 2016-09-07 06:20 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-13 22:58 - 2016-09-07 06:19 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-13 22:58 - 2016-09-07 06:19 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-09-13 22:58 - 2016-09-07 06:19 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-13 22:58 - 2016-09-07 06:18 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-13 22:58 - 2016-09-07 06:18 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-09-13 22:58 - 2016-09-07 06:18 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-09-13 22:58 - 2016-09-07 06:18 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2016-09-13 22:58 - 2016-09-07 06:17 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-09-13 22:58 - 2016-09-07 06:17 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 02911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 01676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 01194496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 01123328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2016-09-13 22:58 - 2016-09-07 06:16 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2016-09-13 22:58 - 2016-09-07 06:15 - 07831552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-13 22:58 - 2016-09-07 06:15 - 05659136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-13 22:58 - 2016-09-07 06:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-09-13 22:58 - 2016-09-07 06:15 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2016-09-13 22:58 - 2016-09-07 06:15 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-13 22:58 - 2016-09-07 06:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-09-13 22:58 - 2016-09-07 06:15 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2016-09-13 22:58 - 2016-09-07 06:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-13 22:58 - 2016-09-07 06:14 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-09-13 22:58 - 2016-09-07 06:14 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-13 22:58 - 2016-09-07 06:13 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-13 22:58 - 2016-09-07 06:13 - 02874880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2016-09-13 22:57 - 2016-09-07 07:39 - 00845568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-09-13 22:57 - 2016-09-07 07:39 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-13 22:57 - 2016-09-07 07:39 - 00620176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2016-09-13 22:57 - 2016-09-07 07:39 - 00277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-13 22:57 - 2016-09-07 07:39 - 00175120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-13 22:57 - 2016-09-07 07:37 - 00129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-13 22:57 - 2016-09-07 07:36 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-13 22:57 - 2016-09-07 07:34 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-13 22:57 - 2016-09-07 07:33 - 01297760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-13 22:57 - 2016-09-07 07:33 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-13 22:57 - 2016-09-07 07:33 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-13 22:57 - 2016-09-07 07:27 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-13 22:57 - 2016-09-07 07:27 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-13 22:57 - 2016-09-07 07:26 - 00586200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-13 22:57 - 2016-09-07 07:24 - 03693064 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-13 22:57 - 2016-09-07 07:24 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-09-13 22:57 - 2016-09-07 07:24 - 00355672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2016-09-13 22:57 - 2016-09-07 07:23 - 06536248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-13 22:57 - 2016-09-07 07:22 - 02937384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-13 22:57 - 2016-09-07 07:22 - 01085728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2016-09-13 22:57 - 2016-09-07 07:22 - 00604920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-13 22:57 - 2016-09-07 07:21 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-13 22:57 - 2016-09-07 07:20 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-09-13 22:57 - 2016-09-07 07:13 - 01865584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-09-13 22:57 - 2016-09-07 07:12 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-09-13 22:57 - 2016-09-07 07:12 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-13 22:57 - 2016-09-07 07:11 - 00057912 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-13 22:57 - 2016-09-07 07:08 - 00116216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-13 22:57 - 2016-09-07 07:07 - 01951848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-13 22:57 - 2016-09-07 06:52 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-09-13 22:57 - 2016-09-07 06:52 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-13 22:57 - 2016-09-07 06:49 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-09-13 22:57 - 2016-09-07 06:46 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-13 22:57 - 2016-09-07 06:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2016-09-13 22:57 - 2016-09-07 06:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-13 22:57 - 2016-09-07 06:44 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-13 22:57 - 2016-09-07 06:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-09-13 22:57 - 2016-09-07 06:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-09-13 22:57 - 2016-09-07 06:43 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2016-09-13 22:57 - 2016-09-07 06:42 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-09-13 22:57 - 2016-09-07 06:42 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2016-09-13 22:57 - 2016-09-07 06:42 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2016-09-13 22:57 - 2016-09-07 06:42 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2016-09-13 22:57 - 2016-09-07 06:42 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-13 22:57 - 2016-09-07 06:42 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-09-13 22:57 - 2016-09-07 06:41 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-13 22:57 - 2016-09-07 06:41 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-09-13 22:57 - 2016-09-07 06:41 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-13 22:57 - 2016-09-07 06:41 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-13 22:57 - 2016-09-07 06:40 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2016-09-13 22:57 - 2016-09-07 06:40 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-13 22:57 - 2016-09-07 06:39 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-13 22:57 - 2016-09-07 06:39 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2016-09-13 22:57 - 2016-09-07 06:39 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Cortana.ProxyStub.dll
2016-09-13 22:57 - 2016-09-07 06:38 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-09-13 22:57 - 2016-09-07 06:38 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-09-13 22:57 - 2016-09-07 06:38 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-09-13 22:57 - 2016-09-07 06:38 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2016-09-13 22:57 - 2016-09-07 06:38 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-13 22:57 - 2016-09-07 06:38 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2016-09-13 22:57 - 2016-09-07 06:37 - 00435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-09-13 22:57 - 2016-09-07 06:37 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2016-09-13 22:57 - 2016-09-07 06:37 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-09-13 22:57 - 2016-09-07 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-13 22:57 - 2016-09-07 06:37 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-09-13 22:57 - 2016-09-07 06:37 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-09-13 22:57 - 2016-09-07 06:37 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2016-09-13 22:57 - 2016-09-07 06:37 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2016-09-13 22:57 - 2016-09-07 06:37 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-13 22:57 - 2016-09-07 06:37 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-13 22:57 - 2016-09-07 06:37 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-09-13 22:57 - 2016-09-07 06:36 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-13 22:57 - 2016-09-07 06:36 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-13 22:57 - 2016-09-07 06:36 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-09-13 22:57 - 2016-09-07 06:36 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-09-13 22:57 - 2016-09-07 06:36 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2016-09-13 22:57 - 2016-09-07 06:36 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwcfg.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-13 22:57 - 2016-09-07 06:35 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-13 22:57 - 2016-09-07 06:35 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2016-09-13 22:57 - 2016-09-07 06:35 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CheckNetIsolation.exe
2016-09-13 22:57 - 2016-09-07 06:34 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-09-13 22:57 - 2016-09-07 06:34 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-09-13 22:57 - 2016-09-07 06:34 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-13 22:57 - 2016-09-07 06:34 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-13 22:57 - 2016-09-07 06:34 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2016-09-13 22:57 - 2016-09-07 06:33 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-09-13 22:57 - 2016-09-07 06:33 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-09-13 22:57 - 2016-09-07 06:33 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-13 22:57 - 2016-09-07 06:33 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-09-13 22:57 - 2016-09-07 06:33 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc_ssp.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-09-13 22:57 - 2016-09-07 06:32 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-13 22:57 - 2016-09-07 06:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2016-09-13 22:57 - 2016-09-07 06:32 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl
2016-09-13 22:57 - 2016-09-07 06:31 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-13 22:57 - 2016-09-07 06:31 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authfwcfg.dll
2016-09-13 22:57 - 2016-09-07 06:31 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-13 22:57 - 2016-09-07 06:31 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-13 22:57 - 2016-09-07 06:30 - 02476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-13 22:57 - 2016-09-07 06:30 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-13 22:57 - 2016-09-07 06:30 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-09-13 22:57 - 2016-09-07 06:30 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-13 22:57 - 2016-09-07 06:30 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\filemgmt.dll
2016-09-13 22:57 - 2016-09-07 06:30 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-13 22:57 - 2016-09-07 06:30 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-13 22:57 - 2016-09-07 06:30 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-13 22:57 - 2016-09-07 06:29 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-13 22:57 - 2016-09-07 06:29 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-13 22:57 - 2016-09-07 06:28 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc_ssp.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-09-13 22:57 - 2016-09-07 06:28 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-13 22:57 - 2016-09-07 06:28 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2016-09-13 22:57 - 2016-09-07 06:28 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-13 22:57 - 2016-09-07 06:27 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-13 22:57 - 2016-09-07 06:26 - 01915392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-13 22:57 - 2016-09-07 06:26 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-09-13 22:57 - 2016-09-07 06:26 - 01537536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2016-09-13 22:57 - 2016-09-07 06:26 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-13 22:57 - 2016-09-07 06:26 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-09-13 22:57 - 2016-09-07 06:26 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-13 22:57 - 2016-09-07 06:26 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-13 22:57 - 2016-09-07 06:26 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-09-13 22:57 - 2016-09-07 06:26 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-13 22:57 - 2016-09-07 06:26 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-09-13 22:57 - 2016-09-07 06:26 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2016-09-13 22:57 - 2016-09-07 06:25 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-13 22:57 - 2016-09-07 06:25 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-13 22:57 - 2016-09-07 06:25 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-13 22:57 - 2016-09-07 06:25 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-13 22:57 - 2016-09-07 06:25 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2016-09-13 22:57 - 2016-09-07 06:25 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-09-13 22:57 - 2016-09-07 06:25 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-09-13 22:57 - 2016-09-07 06:24 - 01276928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-13 22:57 - 2016-09-07 06:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-09-13 22:57 - 2016-09-07 06:24 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-09-13 22:57 - 2016-09-07 06:23 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2016-09-13 22:57 - 2016-09-07 06:23 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2016-09-13 22:57 - 2016-09-07 06:23 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-09-13 22:57 - 2016-09-07 06:23 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2016-09-13 22:57 - 2016-09-07 06:22 - 02106368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-13 22:57 - 2016-09-07 06:22 - 01297408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-13 22:57 - 2016-09-07 06:22 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-09-13 22:57 - 2016-09-07 06:21 - 02527232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-13 22:57 - 2016-09-07 06:21 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-13 22:57 - 2016-09-07 06:21 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2016-09-13 22:57 - 2016-09-07 06:21 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-13 22:57 - 2016-09-07 06:20 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-13 22:57 - 2016-09-07 06:20 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-09-13 22:57 - 2016-09-07 06:20 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-09-13 22:57 - 2016-09-07 06:19 - 05325824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-13 22:57 - 2016-09-07 06:19 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-09-13 22:57 - 2016-09-07 06:19 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-13 22:57 - 2016-09-07 06:19 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-13 22:57 - 2016-09-07 06:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-13 22:57 - 2016-09-07 06:18 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-13 22:57 - 2016-09-07 06:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-13 22:57 - 2016-09-07 06:18 - 04826624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-09-13 22:57 - 2016-09-07 06:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-09-13 22:57 - 2016-09-07 06:17 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-09-13 22:57 - 2016-09-07 06:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-13 22:57 - 2016-09-07 06:17 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-09-13 22:57 - 2016-09-07 06:17 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-13 22:57 - 2016-09-07 06:16 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-13 22:57 - 2016-09-07 06:16 - 02361856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2016-09-13 22:57 - 2016-09-07 06:16 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-13 22:57 - 2016-09-07 06:16 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2016-09-13 22:57 - 2016-09-07 06:16 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-13 22:57 - 2016-09-07 06:15 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-09-13 22:57 - 2016-09-07 06:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-13 22:57 - 2016-09-07 06:15 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-09-13 22:57 - 2016-09-07 06:15 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-13 22:57 - 2016-09-07 06:15 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-13 22:57 - 2016-09-07 06:14 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-13 22:57 - 2016-09-07 06:14 - 03078656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-13 22:57 - 2016-09-07 06:14 - 02553856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-13 22:57 - 2016-09-07 06:14 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-09-13 22:57 - 2016-09-07 06:14 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-13 22:57 - 2016-09-07 06:14 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-09-13 22:57 - 2016-09-07 06:14 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-13 22:57 - 2016-09-07 06:12 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-09-13 22:57 - 2016-09-07 06:12 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-13 22:57 - 2016-09-07 06:11 - 03294208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-13 22:57 - 2016-09-07 06:11 - 03065344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-13 22:57 - 2016-09-07 06:11 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-09-13 22:57 - 2016-09-07 06:10 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-09-13 22:57 - 2016-09-07 06:10 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-09-13 22:57 - 2016-09-07 06:10 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-09-13 22:57 - 2016-09-07 06:09 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-09-13 22:57 - 2016-09-05 02:37 - 00445765 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-09-13 22:56 - 2016-09-07 07:39 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-09-13 22:56 - 2016-09-07 07:39 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-13 22:56 - 2016-09-07 07:39 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-09-13 22:56 - 2016-09-07 07:39 - 01142560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-13 22:56 - 2016-09-07 07:39 - 01030408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-13 22:56 - 2016-09-07 07:39 - 00875480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-13 22:56 - 2016-09-07 07:39 - 00799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-13 22:56 - 2016-09-07 07:39 - 00705576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2016-09-13 22:56 - 2016-09-07 07:39 - 00601744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-13 22:56 - 2016-09-07 07:39 - 00414232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2016-09-13 22:56 - 2016-09-07 07:39 - 00337328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-13 22:56 - 2016-09-07 07:39 - 00328520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2016-09-13 22:56 - 2016-09-07 07:36 - 00528736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-09-13 22:56 - 2016-09-07 07:35 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-09-13 22:56 - 2016-09-07 07:35 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-13 22:56 - 2016-09-07 07:35 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-09-13 22:56 - 2016-09-07 07:33 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-13 22:56 - 2016-09-07 07:26 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-13 22:56 - 2016-09-07 07:26 - 00693592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-09-13 22:56 - 2016-09-07 07:26 - 00439136 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2016-09-13 22:56 - 2016-09-07 07:26 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-09-13 22:56 - 2016-09-07 07:25 - 01447776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2016-09-13 22:56 - 2016-09-07 07:25 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-13 22:56 - 2016-09-07 07:24 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-13 22:56 - 2016-09-07 07:24 - 01118200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-13 22:56 - 2016-09-07 07:24 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-09-13 22:56 - 2016-09-07 07:24 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-13 22:56 - 2016-09-07 07:24 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-13 22:56 - 2016-09-07 07:24 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-13 22:56 - 2016-09-07 07:24 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-13 22:56 - 2016-09-07 07:24 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-09-13 22:56 - 2016-09-07 07:23 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-13 22:56 - 2016-09-07 07:23 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-13 22:56 - 2016-09-07 07:22 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-13 22:56 - 2016-09-07 07:22 - 00359256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-13 22:56 - 2016-09-07 07:21 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-09-13 22:56 - 2016-09-07 07:16 - 02773088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-09-13 22:56 - 2016-09-07 07:16 - 02548936 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-09-13 22:56 - 2016-09-07 07:16 - 02144512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-09-13 22:56 - 2016-09-07 07:16 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-13 22:56 - 2016-09-07 07:15 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-13 22:56 - 2016-09-07 07:15 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-09-13 22:56 - 2016-09-07 07:12 - 00871776 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-09-13 22:56 - 2016-09-07 07:11 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-13 22:56 - 2016-09-07 06:53 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2016-09-13 22:56 - 2016-09-07 06:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-13 22:56 - 2016-09-07 06:47 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-13 22:56 - 2016-09-07 06:46 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2016-09-13 22:56 - 2016-09-07 06:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2016-09-13 22:56 - 2016-09-07 06:44 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2016-09-13 22:56 - 2016-09-07 06:44 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2016-09-13 22:56 - 2016-09-07 06:44 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2016-09-13 22:56 - 2016-09-07 06:44 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-13 22:56 - 2016-09-07 06:43 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-13 22:56 - 2016-09-07 06:43 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2016-09-13 22:56 - 2016-09-07 06:43 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MTConfig.sys
2016-09-13 22:56 - 2016-09-07 06:42 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-09-13 22:56 - 2016-09-07 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-13 22:56 - 2016-09-07 06:41 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2016-09-13 22:56 - 2016-09-07 06:41 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-13 22:56 - 2016-09-07 06:41 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-13 22:56 - 2016-09-07 06:41 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-09-13 22:56 - 2016-09-07 06:40 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbemcomn.dll
2016-09-13 22:56 - 2016-09-07 06:40 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2016-09-13 22:56 - 2016-09-07 06:40 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2016-09-13 22:56 - 2016-09-07 06:40 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2016-09-13 22:56 - 2016-09-07 06:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2016-09-13 22:56 - 2016-09-07 06:39 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-13 22:56 - 2016-09-07 06:38 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-09-13 22:56 - 2016-09-07 06:38 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-13 22:56 - 2016-09-07 06:37 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll
2016-09-13 22:56 - 2016-09-07 06:37 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-13 22:56 - 2016-09-07 06:37 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-13 22:56 - 2016-09-07 06:37 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2016-09-13 22:56 - 2016-09-07 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-13 22:56 - 2016-09-07 06:37 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvc.dll
2016-09-13 22:56 - 2016-09-07 06:37 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-09-13 22:56 - 2016-09-07 06:36 - 00752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2016-09-13 22:56 - 2016-09-07 06:36 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2016-09-13 22:56 - 2016-09-07 06:35 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2016-09-13 22:56 - 2016-09-07 06:35 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-09-13 22:56 - 2016-09-07 06:35 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-13 22:56 - 2016-09-07 06:35 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-09-13 22:56 - 2016-09-07 06:35 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2016-09-13 22:56 - 2016-09-07 06:35 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-09-13 22:56 - 2016-09-07 06:35 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usbceip.dll
2016-09-13 22:56 - 2016-09-07 06:34 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2016-09-13 22:56 - 2016-09-07 06:34 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-09-13 22:56 - 2016-09-07 06:34 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-09-13 22:56 - 2016-09-07 06:34 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2016-09-13 22:56 - 2016-09-07 06:34 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-13 22:56 - 2016-09-07 06:34 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-09-13 22:56 - 2016-09-07 06:34 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-13 22:56 - 2016-09-07 06:34 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2016-09-13 22:56 - 2016-09-07 06:34 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-09-13 22:56 - 2016-09-07 06:34 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2016-09-13 22:56 - 2016-09-07 06:33 - 01813504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-13 22:56 - 2016-09-07 06:33 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-13 22:56 - 2016-09-07 06:33 - 00904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2016-09-13 22:56 - 2016-09-07 06:33 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-09-13 22:56 - 2016-09-07 06:33 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-13 22:56 - 2016-09-07 06:33 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-09-13 22:56 - 2016-09-07 06:33 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-09-13 22:56 - 2016-09-07 06:32 - 04213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2016-09-13 22:56 - 2016-09-07 06:32 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-13 22:56 - 2016-09-07 06:32 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-13 22:56 - 2016-09-07 06:32 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-09-13 22:56 - 2016-09-07 06:32 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-13 22:56 - 2016-09-07 06:32 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-09-13 22:56 - 2016-09-07 06:32 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-13 22:56 - 2016-09-07 06:32 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 09920512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00852992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-13 22:56 - 2016-09-07 06:31 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 01558528 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-09-13 22:56 - 2016-09-07 06:30 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-13 22:56 - 2016-09-07 06:30 - 01318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-09-13 22:56 - 2016-09-07 06:30 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-09-13 22:56 - 2016-09-07 06:29 - 07977984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-13 22:56 - 2016-09-07 06:29 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-13 22:56 - 2016-09-07 06:29 - 01487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2016-09-13 22:56 - 2016-09-07 06:29 - 01465344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-09-13 22:56 - 2016-09-07 06:29 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-09-13 22:56 - 2016-09-07 06:29 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-13 22:56 - 2016-09-07 06:29 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2016-09-13 22:56 - 2016-09-07 06:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2016-09-13 22:56 - 2016-09-07 06:29 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-13 22:56 - 2016-09-07 06:28 - 04143104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2016-09-13 22:56 - 2016-09-07 06:28 - 01783808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-13 22:56 - 2016-09-07 06:28 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-13 22:56 - 2016-09-07 06:28 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-09-13 22:56 - 2016-09-07 06:28 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-13 22:56 - 2016-09-07 06:28 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-13 22:56 - 2016-09-07 06:28 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-09-13 22:56 - 2016-09-07 06:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-13 22:56 - 2016-09-07 06:27 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 01424384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-09-13 22:56 - 2016-09-07 06:27 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-09-13 22:56 - 2016-09-07 06:26 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-13 22:56 - 2016-09-07 06:26 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-09-13 22:56 - 2016-09-07 06:26 - 01570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-09-13 22:56 - 2016-09-07 06:26 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-13 22:56 - 2016-09-07 06:26 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-13 22:56 - 2016-09-07 06:26 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-09-13 22:56 - 2016-09-07 06:26 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-13 22:56 - 2016-09-07 06:26 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-13 22:56 - 2016-09-07 06:25 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-09-13 22:56 - 2016-09-07 06:25 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-13 22:56 - 2016-09-07 06:25 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-13 22:56 - 2016-09-07 06:25 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-09-13 22:56 - 2016-09-07 06:25 - 00759808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-13 22:56 - 2016-09-07 06:24 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-13 22:56 - 2016-09-07 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-13 22:56 - 2016-09-07 06:24 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-13 22:56 - 2016-09-07 06:23 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-13 22:56 - 2016-09-07 06:23 - 00918016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2016-09-13 22:56 - 2016-09-07 06:22 - 03093504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-13 22:56 - 2016-09-07 06:22 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-09-13 22:56 - 2016-09-07 06:22 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-09-13 22:56 - 2016-09-07 06:21 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2016-09-13 22:56 - 2016-09-07 06:20 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-09-13 22:56 - 2016-09-07 06:20 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-13 22:56 - 2016-09-07 06:20 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-13 22:56 - 2016-09-07 06:20 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-09-13 22:56 - 2016-09-07 06:20 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2016-09-13 22:56 - 2016-09-07 06:20 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-13 22:56 - 2016-09-07 06:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-13 22:56 - 2016-09-07 06:19 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-13 22:56 - 2016-09-07 06:19 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-13 22:56 - 2016-09-07 06:19 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-09-13 22:56 - 2016-09-07 06:19 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-13 22:56 - 2016-09-07 06:19 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-09-13 22:56 - 2016-09-07 06:19 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-09-13 22:56 - 2016-09-07 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-09-13 22:56 - 2016-09-07 06:18 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-13 22:56 - 2016-09-07 06:17 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-13 22:56 - 2016-09-07 06:17 - 01526784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-13 22:56 - 2016-09-07 06:16 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-13 22:56 - 2016-09-07 06:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-13 22:56 - 2016-09-07 06:16 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-13 22:56 - 2016-09-07 06:16 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-09-13 22:56 - 2016-09-07 06:15 - 02772480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-13 22:56 - 2016-09-07 06:15 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-09-13 22:56 - 2016-09-07 06:15 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2016-09-13 22:56 - 2016-09-07 06:14 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-13 22:56 - 2016-09-07 06:14 - 02573824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-13 22:56 - 2016-09-07 06:14 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-09-13 22:56 - 2016-09-07 06:14 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-13 22:56 - 2016-09-07 06:12 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-13 22:56 - 2016-09-07 06:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-09-13 22:56 - 2016-09-07 06:10 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-13 22:56 - 2016-09-07 06:10 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2016-09-13 22:56 - 2016-09-07 06:09 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2016-09-13 22:56 - 2016-09-07 06:09 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2016-09-13 22:56 - 2016-09-07 06:09 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2016-09-13 22:56 - 2016-09-07 06:09 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2016-09-13 22:56 - 2016-09-07 06:09 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-13 22:56 - 2016-09-07 05:57 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-13 22:55 - 2016-09-07 07:39 - 07468896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-13 22:55 - 2016-09-07 07:39 - 01997832 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-13 22:55 - 2016-09-07 07:39 - 01862000 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-13 22:55 - 2016-09-07 07:39 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-13 22:55 - 2016-09-07 07:39 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-13 22:55 - 2016-09-07 07:34 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-09-13 22:55 - 2016-09-07 07:26 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-13 22:55 - 2016-09-07 07:26 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-09-13 22:55 - 2016-09-07 07:23 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-13 22:55 - 2016-09-07 07:23 - 01540216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-13 22:55 - 2016-09-07 07:23 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-09-13 22:55 - 2016-09-07 07:23 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-13 22:55 - 2016-09-07 07:23 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-13 22:55 - 2016-09-07 07:23 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-13 22:55 - 2016-09-07 07:23 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-13 22:55 - 2016-09-07 07:22 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-13 22:55 - 2016-09-07 07:22 - 00742192 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-09-13 22:55 - 2016-09-07 07:22 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-13 22:55 - 2016-09-07 07:22 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-13 22:55 - 2016-09-07 07:22 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-09-13 22:55 - 2016-09-07 07:22 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-09-13 22:55 - 2016-09-07 07:21 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-13 22:55 - 2016-09-07 07:21 - 05240952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-13 22:55 - 2016-09-07 07:20 - 00836752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-13 22:55 - 2016-09-07 07:19 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-09-13 22:55 - 2016-09-07 07:15 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-13 22:55 - 2016-09-07 07:14 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-13 22:55 - 2016-09-07 07:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-13 22:55 - 2016-09-07 07:13 - 02186856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-09-13 22:55 - 2016-09-07 07:12 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-09-13 22:55 - 2016-09-07 07:11 - 02187408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-13 22:55 - 2016-09-07 07:11 - 00388888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-09-13 22:55 - 2016-09-07 07:11 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-09-13 22:55 - 2016-09-07 07:08 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-09-13 22:55 - 2016-09-07 07:07 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-09-13 22:55 - 2016-09-07 06:46 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-13 22:55 - 2016-09-07 06:44 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2016-09-13 22:55 - 2016-09-07 06:40 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-13 22:55 - 2016-09-07 06:40 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-13 22:55 - 2016-09-07 06:40 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-09-13 22:55 - 2016-09-07 06:40 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2016-09-13 22:55 - 2016-09-07 06:39 - 09324032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-13 22:55 - 2016-09-07 06:39 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2016-09-13 22:55 - 2016-09-07 06:39 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2016-09-13 22:55 - 2016-09-07 06:39 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-09-13 22:55 - 2016-09-07 06:38 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-13 22:55 - 2016-09-07 06:38 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2016-09-13 22:55 - 2016-09-07 06:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2016-09-13 22:55 - 2016-09-07 06:38 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2016-09-13 22:55 - 2016-09-07 06:38 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-13 22:55 - 2016-09-07 06:36 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-13 22:55 - 2016-09-07 06:36 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-09-13 22:55 - 2016-09-07 06:36 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2016-09-13 22:55 - 2016-09-07 06:35 - 09324032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-13 22:55 - 2016-09-07 06:35 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-09-13 22:55 - 2016-09-07 06:35 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-09-13 22:55 - 2016-09-07 06:35 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-13 22:55 - 2016-09-07 06:35 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-13 22:55 - 2016-09-07 06:35 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-13 22:55 - 2016-09-07 06:35 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-09-13 22:55 - 2016-09-07 06:35 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-09-13 22:55 - 2016-09-07 06:34 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-13 22:55 - 2016-09-07 06:34 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-09-13 22:55 - 2016-09-07 06:34 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\filemgmt.dll
2016-09-13 22:55 - 2016-09-07 06:34 - 00507904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-13 22:55 - 2016-09-07 06:34 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-09-13 22:55 - 2016-09-07 06:34 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-13 22:55 - 2016-09-07 06:34 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-09-13 22:55 - 2016-09-07 06:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-13 22:55 - 2016-09-07 06:34 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2016-09-13 22:55 - 2016-09-07 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-09-13 22:55 - 2016-09-07 06:33 - 00602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2016-09-13 22:55 - 2016-09-07 06:33 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-09-13 22:55 - 2016-09-07 06:33 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-13 22:55 - 2016-09-07 06:33 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2016-09-13 22:55 - 2016-09-07 06:33 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-13 22:55 - 2016-09-07 06:32 - 00689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-13 22:55 - 2016-09-07 06:32 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-13 22:55 - 2016-09-07 06:32 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-13 22:55 - 2016-09-07 06:32 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-13 22:55 - 2016-09-07 06:32 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-13 22:55 - 2016-09-07 06:31 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-13 22:55 - 2016-09-07 06:31 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-09-13 22:55 - 2016-09-07 06:31 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-09-13 22:55 - 2016-09-07 06:31 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppinst.dll
2016-09-13 22:55 - 2016-09-07 06:31 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-09-13 22:55 - 2016-09-07 06:31 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-09-13 22:55 - 2016-09-07 06:31 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-13 22:55 - 2016-09-07 06:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-09-13 22:55 - 2016-09-07 06:31 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-13 22:55 - 2016-09-07 06:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-13 22:55 - 2016-09-07 06:31 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 14251520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-09-13 22:55 - 2016-09-07 06:30 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
2016-09-13 22:55 - 2016-09-07 06:30 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-13 22:55 - 2016-09-07 06:29 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-13 22:55 - 2016-09-07 06:29 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-13 22:55 - 2016-09-07 06:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-13 22:55 - 2016-09-07 06:29 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-09-13 22:55 - 2016-09-07 06:29 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-09-13 22:55 - 2016-09-07 06:28 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-09-13 22:55 - 2016-09-07 06:28 - 01466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2016-09-13 22:55 - 2016-09-07 06:28 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-13 22:55 - 2016-09-07 06:28 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-09-13 22:55 - 2016-09-07 06:28 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-09-13 22:55 - 2016-09-07 06:28 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-09-13 22:55 - 2016-09-07 06:27 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-09-13 22:55 - 2016-09-07 06:27 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-13 22:55 - 2016-09-07 06:27 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-09-13 22:55 - 2016-09-07 06:27 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-09-13 22:55 - 2016-09-07 06:27 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-09-13 22:55 - 2016-09-07 06:25 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-09-13 22:55 - 2016-09-07 06:25 - 01965568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2016-09-13 22:55 - 2016-09-07 06:25 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-13 22:55 - 2016-09-07 06:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-13 22:55 - 2016-09-07 06:25 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-13 22:55 - 2016-09-07 06:25 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-13 22:55 - 2016-09-07 06:25 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-13 22:55 - 2016-09-07 06:24 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-13 22:55 - 2016-09-07 06:24 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-09-13 22:55 - 2016-09-07 06:23 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-09-13 22:55 - 2016-09-07 06:22 - 12585472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-13 22:55 - 2016-09-07 06:22 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2016-09-13 22:55 - 2016-09-07 06:21 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-09-13 22:55 - 2016-09-07 06:21 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-13 22:55 - 2016-09-07 06:20 - 06976000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-13 22:55 - 2016-09-07 06:20 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-13 22:55 - 2016-09-07 06:20 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-13 22:55 - 2016-09-07 06:20 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-09-13 22:55 - 2016-09-07 06:19 - 04078592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-13 22:55 - 2016-09-07 06:19 - 02610176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-13 22:55 - 2016-09-07 06:19 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-09-13 22:55 - 2016-09-07 06:19 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-09-13 22:55 - 2016-09-07 06:19 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-13 22:55 - 2016-09-07 06:19 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2016-09-13 22:55 - 2016-09-07 06:19 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2016-09-13 22:55 - 2016-09-07 06:17 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-09-13 22:55 - 2016-09-07 06:17 - 00833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2016-09-13 22:55 - 2016-09-07 06:16 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-13 22:55 - 2016-09-07 06:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-13 22:55 - 2016-09-07 06:15 - 01978880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2016-09-13 22:55 - 2016-09-07 06:15 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-09-13 22:55 - 2016-09-07 06:14 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-13 22:55 - 2016-09-07 06:14 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-13 22:55 - 2016-09-07 06:13 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-13 22:55 - 2016-09-07 06:13 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-13 22:55 - 2016-09-07 06:13 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-13 22:55 - 2016-09-07 06:12 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-09-13 22:55 - 2016-09-07 06:12 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-13 22:55 - 2016-09-07 06:11 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-09-13 22:55 - 2016-09-07 06:11 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2016-09-13 22:55 - 2016-09-07 06:11 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-09-13 22:55 - 2016-09-07 06:10 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2016-09-13 22:55 - 2016-09-07 06:10 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-13 17:16 - 2016-09-13 17:16 - 00010648 _____ C:\Users\NABIL\Downloads\345b357ba062935edbdada3e65a13efe0a59306c.dlc
2016-09-13 17:15 - 2016-09-13 17:15 - 00070459 _____ C:\Users\NABIL\Desktop\Addition.txt
2016-09-13 17:14 - 2016-09-14 17:24 - 00031435 _____ C:\Users\NABIL\Desktop\FRST.txt
2016-09-13 10:27 - 2016-09-13 10:27 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\ProductData
2016-09-12 22:31 - 2016-09-12 22:31 - 00000800 _____ C:\Users\NABIL\Desktop\JRT.txt
2016-09-12 22:28 - 2016-09-12 22:28 - 01610560 _____ (Malwarebytes) C:\Users\NABIL\Desktop\JRT.exe
2016-09-12 22:08 - 2016-09-12 22:08 - 22851472 _____ (Malwarebytes ) C:\Users\NABIL\Desktop\mbam-setup-2.2.1.1043.exe
2016-09-12 22:00 - 2016-09-12 22:04 - 00000000 ____D C:\AdwCleaner
2016-09-12 22:00 - 2016-09-12 22:00 - 03826240 _____ C:\Users\NABIL\Desktop\AdwCleaner_6.010.exe
2016-09-11 19:40 - 2016-09-11 19:40 - 04747704 _____ (AO Kaspersky Lab) C:\Users\NABIL\Downloads\tdsskiller.exe
2016-09-11 19:37 - 2016-09-14 17:24 - 00000000 ____D C:\FRST
2016-09-11 19:37 - 2016-09-11 20:03 - 00074243 _____ C:\Users\NABIL\Downloads\Addition.txt
2016-09-11 19:37 - 2016-09-11 20:03 - 00066824 _____ C:\Users\NABIL\Downloads\FRST.txt
2016-09-11 19:36 - 2016-09-11 19:36 - 02397696 _____ (Farbar) C:\Users\NABIL\Desktop\FRST64.exe
2016-09-04 20:53 - 2016-09-04 20:53 - 00005208 _____ C:\Users\NABIL\Downloads\relink.to__Rampage_2009_German_DTS_DL_1080p_BluRay_x264_-_SoW_158023ecdb764581577579d64a4c06.dlc
2016-09-04 20:19 - 2016-08-26 09:18 - 72520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 24414760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 24323312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 17377488 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 15202040 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 13122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 12988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 10534696 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06947183 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-09-04 20:19 - 2016-08-26 09:18 - 06374320 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05793528 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05593616 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05341352 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 05293064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-09-04 20:19 - 2016-08-26 09:18 - 03299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03291320 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 03134720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-09-04 20:19 - 2016-08-26 09:18 - 02825104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02776224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02706864 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02439048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02203752 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02073096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01920820 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-09-04 20:19 - 2016-08-26 09:18 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01607136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01529144 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01422928 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01337648 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01186840 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01166160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01115144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01041744 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 01001800 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00999856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00962136 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00864344 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00858200 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00854032 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00725944 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00571376 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00498648 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00447184 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00438696 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00372744 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00179600 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00112496 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-09-04 20:19 - 2016-08-26 09:18 - 00005604 _____ C:\WINDOWS\system32\cxapo.lncs
2016-09-04 20:19 - 2016-08-26 09:18 - 00000736 _____ C:\WINDOWS\system32\cxapo.prop
2016-09-04 20:13 - 2016-04-11 13:38 - 02838232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-09-04 20:04 - 2016-09-04 20:08 - 348623152 _____ C:\Users\NABIL\Downloads\7917_PG448_Win10_TH_RS_Win8.1_Win8_Win7_WHQL.zip
2016-09-04 20:03 - 2016-09-04 20:03 - 01474568 _____ C:\Users\NABIL\Downloads\Realtek HD Audio Treiber inoffizielle WHQL Treiber - CHIP-Installer.exe
2016-09-04 20:02 - 2016-09-04 20:09 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\NABIL\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe
2016-08-21 20:23 - 2016-08-21 20:23 - 00000219 _____ C:\Users\NABIL\Desktop\Counter-Strike Global Offensive.url
2016-08-15 21:49 - 2016-08-15 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-14 17:16 - 2013-10-19 03:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-14 16:42 - 2015-08-27 14:42 - 00000911 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-14 16:42 - 2015-08-27 14:42 - 00000725 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job
2016-09-14 16:32 - 2013-10-25 18:03 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-14 15:31 - 2016-06-05 19:08 - 00000000 ____D C:\Users\NABIL\Desktop\absagen vom 05.06.16
2016-09-14 15:27 - 2014-03-05 16:27 - 00000000 ____D C:\Users\NABIL\AppData\LocalLow\Temp
2016-09-14 15:12 - 2016-04-30 07:23 - 02089750 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-14 15:12 - 2016-02-23 01:50 - 00000000 ____D C:\Users\NABIL\AppData\Local\gladinet
2016-09-14 15:12 - 2016-02-13 18:59 - 00889234 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-14 15:12 - 2016-02-13 18:59 - 00197816 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-14 15:12 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-14 15:10 - 2014-04-17 17:43 - 00000000 ____D C:\ProgramData\TEMP
2016-09-14 15:09 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-14 15:09 - 2013-10-25 18:03 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-14 15:08 - 2016-02-13 19:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-14 15:08 - 2014-11-08 04:57 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2016-09-14 15:08 - 2013-10-08 21:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-14 15:08 - 2013-10-08 21:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-14 15:06 - 2016-08-14 17:28 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-14 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-14 15:06 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-09-14 15:06 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-09-14 15:06 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-09-14 15:06 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-14 15:06 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-14 15:05 - 2015-11-10 16:43 - 00000000 ____D C:\Users\asd\AppData\LocalLow\Temp
2016-09-14 15:05 - 2015-08-20 23:36 - 00000000 ____D C:\Users\Gast\AppData\LocalLow\Temp
2016-09-14 15:04 - 2016-02-11 19:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\R@1n-KMS
2016-09-14 10:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-14 09:16 - 2016-07-30 13:11 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-09-14 09:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-14 09:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-14 06:26 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-14 06:23 - 2013-10-08 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-14 06:22 - 2013-10-05 03:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 06:18 - 2014-03-05 22:02 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-14 06:01 - 2013-10-08 21:23 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\vlc
2016-09-14 03:01 - 2016-01-03 17:42 - 00000000 ____D C:\Users\NABIL\AppData\Roaming\Skype
2016-09-14 02:59 - 2014-03-19 17:30 - 00000000 ____D C:\Users\NABIL\AppData\Local\JDownloader 2.0
2016-09-13 16:08 - 2015-09-26 14:06 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-09-13 09:06 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-12 22:32 - 2016-01-27 18:45 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-09-12 22:25 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-12 22:23 - 2016-01-26 16:00 - 00001936 _____ C:\Users\NABIL\Desktop\mbamlog.txt
2016-09-12 22:12 - 2014-11-11 02:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-12 22:11 - 2015-12-22 17:47 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-12 22:11 - 2014-11-11 02:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-09-12 22:11 - 2014-11-11 02:37 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-09-12 22:05 - 2016-02-13 10:22 - 00351000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-12 21:59 - 2015-07-26 23:01 - 00000000 ____D 
2015-03-01 04:43 - 2015-03-01 05:31 - 14848000 _____ () C:\Users\NABIL\AppData\Roaming\Sandra.mdb
2016-04-30 07:22 - 2016-04-30 07:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-09 20:18

==================== Ende von FRST.txt ============================

nabil21 · 14.09.2016, 16:33

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgefÃ¼hrt von NABIL (14-09-2016 17:25:15)
Gestartet von C:\Users\NABIL\Desktop
Windows 10 Pro Version 1511 (X64) (2016-04-30 05:33:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-225648569-1694930765-1264359465-500 - Administrator - Disabled)
asd (S-1-5-21-225648569-1694930765-1264359465-1004 - Administrator - Enabled) => C:\Users\asd
bazet (S-1-5-21-225648569-1694930765-1264359465-1008 - Administrator - Enabled) => C:\Users\bazet
DefaultAccount (S-1-5-21-225648569-1694930765-1264359465-503 - Limited - Disabled)
Gast (S-1-5-21-225648569-1694930765-1264359465-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-225648569-1694930765-1264359465-1002 - Limited - Enabled)
NABIL (S-1-5-21-225648569-1694930765-1264359465-1000 - Administrator - Enabled) => C:\Users\NABIL

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Disabled - Out of date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.426 - ABBYY Production LLC)
Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation)
AMD Catalyst Install Manager (HKLM\...\{14D58A97-B60E-A858-34D8-95469C02F7EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06 (HKLM-x32\...\Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06) (Version:  - )
Assassin's Creed Unity Gold Edition MULTi2 1.0 (HKLM-x32\...\Assassin's Creed Unity Gold Edition MULTi2 1.0) (Version:  - )
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
Batman: Arkham Cityâ„¢ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\GOGPACKBROKENSWORD5EP1EP2_is1) (Version: 2.0.0.2 - GOG.com)
Bully - Scholarship Edition (HKLM-x32\...\Bully - Scholarship Edition_is1) (Version:  - )
Call of Duty Black Ops III Version 1.0 (HKLM-x32\...\{322C0A98-947C-4EB4-A48B-C8C818B137C8}_is1) (Version: 1.0 - Activision Blizzard)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - â€*Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.1.8 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.8 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dead or Alive 5 Last Round Version 1.02A u1 (HKLM-x32\...\{344CBB83-6CB8-4B68-ACC0-56C41F292D5B}_is1) (Version: 1.02A u1 - Koei Tecmo)
Deponia The Complete Journey MULTi2 3.3.0155 (HKLM-x32\...\Deponia The Complete Journey MULTi2 3.3.0155) (Version:  - )
Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 13 MULTi2 v1.13.104.1220 (HKLM-x32\...\Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 13 MULTi2 v1.13.104.1220) (Version:  - )
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Emily Wants To Play (HKLM-x32\...\Emily Wants To Play_is1) (Version:  - )
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Epson Benutzerhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Useg) (Version:  - )
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-HandbÃ¼cher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FLV Player (HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\FLV Player) (Version: 1.0 - Somoto Ltd.) <==== ACHTUNG
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Dailymotion Download (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.55.1127 - DVDVideoSoft Ltd.)
Free Driver Scout (HKLM-x32\...\{50a7e828-15d3-40e6-a37d-22d5c5357878}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
HarryPotter und der Stein der Weisen (HKLM-x32\...\HarryPotter und der Stein der Weisen1.1) (Version: 1.1 - TheRaven1)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)
Life is Strange Complete First Season Version 1.0.0.371598 (HKLM-x32\...\{D5DF0D21-62C1-46E0-BD21-4E3DAE94DA32}_is1) (Version: 1.0.0.371598 - Square Enix)
Malwarebytes Anti-Exploit version 1.8.1.2572 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2572 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
Metal Gear Solid 5 The Phantom Pain MULTI8 1.005 (HKLM-x32\...\Metal Gear Solid 5 The Phantom Pain MULTI8 1.005) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools fÃ¼r Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mortal Kombat X Premium Edition MULTi2 1.0 (HKLM-x32\...\Mortal Kombat X Premium Edition MULTi2 1.0) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst (HKLM-x32\...\Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst_is1) (Version:  - )
Nero 2014 (HKLM-x32\...\{A618CE26-1E36-4FA4-A1F4-D079DC6022B8}) (Version: 15.0.08500 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero Burning ROM 2014 (HKLM-x32\...\{A4DC74AA-F4DF-48B9-AA4B-C30CA0DBCA33}) (Version: 15.0.04600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nuance Cloud Connector (HKLM-x32\...\{128FBB62-9750-4C08-ABF9-47D73D9A3918}) (Version: 3.2.1084 - Nuance Communications, Inc.)
Nuance OmniPage Ultimate (HKLM-x32\...\{17223DA4-6B76-439E-BD49-5940FAD8AE19}) (Version: 19.16.0000 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM\...\{CB5B66BC-406C-4C1F-913D-A06E83C7CD81}) (Version: 8.20.6418 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM-x32\...\{CB5B66BC-406C-4C1F-913D-A06E83C7CD81}) (Version: 8.20.6418 - Nuance Communications, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 39.0.2256.71 (HKLM-x32\...\Opera 39.0.2256.71) (Version: 39.0.2256.71 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.0 - Tracker Software Products Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Runaway - A Road Adventure (HKLM-x32\...\GOGPACKRUNAWAY_is1) (Version: 2.0.0.3 - GOG.com)
Saints Row IV Game of the Century Edition 1.0 (HKLM-x32\...\Saints Row IV Game of the Century Edition 1.0) (Version:  - )
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Create (x32 Version:  - ) Hidden
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
Sherlock Holmes Crimes and Punishments German Subbed Edition 1.0 (HKLM-x32\...\Sherlock Holmes Crimes and Punishments German Subbed Edition 1.0) (Version:  - )
Sherlock Holmes: The Devil's Daughter (HKLM\...\Steam App 350640) (Version:  - Frogwares)
SiSoftware Sandra Lite 2015.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.27.2015.2 - SiSoftware)
Skypeâ„¢ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Hidden
South Park - The Stick of Truth Version 1.0.1353 (HKLM-x32\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
SSD Tweaker version 3.0.5 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.0.5 - Elpamsoft.com)
Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.0 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
Street Fighter V Deluxe Edition MULTi13 1.0 (HKLM-x32\...\Street Fighter V Deluxe Edition MULTi13 1.0) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Book of Unwritten Tales Collection Version 1.0 (HKLM-x32\...\{552EE0FA-C570-4283-9E79-358A95068DCA}_is1) (Version: 1.0 - Nordic Games)
The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02 (HKLM-x32\...\The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02) (Version:  - )
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version:  - )
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Valiant Hearts: The Great War (HKLM-x32\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Vocalizer (HKLM-x32\...\{7F267540-71F7-4FC0-A39D-DD0206142814}) (Version: 19.16.0000 - Nuance Communications, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare MobileGo(Version 8.2.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.0 - Wondershare)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01955A10-3280-46FE-B295-16984CFF4AB3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0CE42A92-4C76-4FD1-83EE-B48021CBA13F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {163A17B5-F3DE-486E-9FD8-AE460A042434} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\XmasPromote.exe
Task: {1BDC3015-055B-4643-A612-B548F44B3168} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {1D6EAC2C-CCCC-48D3-A9B2-0BF073A859DD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1F55AC57-5BA5-4A77-8512-E48E7F663F7A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {1FA75676-E7D0-44FA-A6E4-D1CC7124E499} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2219BAF3-970C-442B-AA03-6D10302BA04F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {25E967C3-EA75-4CB8-9FCC-0AE64DE1D754} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {2776DC5D-B0AC-4588-AB90-45257F175B71} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {2F910DE1-C01D-4F91-9672-CA57A347D8A0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {30EE4FCD-E88C-4FFB-B957-A3D82F648A03} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {348F3260-4BAE-4743-A9D1-B023A55EE5E3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {37EEDB11-5C90-47E8-B40F-144D8F9FEA33} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {40FCA32E-2588-4671-A0E1-8E12C100365B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5113B6CC-4DE8-44AF-9599-C0219896EAB8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5B6CC23A-D5C6-4522-B4DF-D1F35D4DFA74} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {5EF0F301-E74A-461C-813D-D5298404EB44} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {6B05F11A-0FAA-459F-8398-5A68E112F578} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7499461B-5DC4-4C2A-8990-F17947981EE7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {781B7E50-8B6D-4764-8AFA-46E8C7417708} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {78C2FD3D-5725-47D8-9751-10D343A2894F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7AF61DD3-4CD4-4508-97E1-778984972570} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {7ED06AB3-3419-4D6E-9C9D-0856A9156FF4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7F34203D-7E5A-4698-9622-D093B9BBFA68} - System32\Tasks\{77584C26-73F5-4330-9F49-0396C6D171AE} => pcalua.exe -a C:\Users\NABIL\AppData\Roaming\key-find\UninstallManager.exe -c  -ptid=cvs
Task: {876EA98A-187D-4A26-8183-339326B7D990} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8775F958-4DC9-4F38-82B3-381C6FF519B6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)
Task: {96771FD7-B11F-43D3-B439-011C2B276961} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {97432494-44EB-4E0E-BAB5-1A73A165C1FE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {9CD4DDF6-33D0-4174-A137-9A84D7B4B263} - System32\Tasks\Opera scheduled Autoupdate 1446938337 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-05] (Opera Software)
Task: {A49341F1-6E31-4579-A298-5EEC4CBCDC01} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-09-14] (Microsoft Corporation)
Task: {A7F242A1-2D4C-49E1-A99B-BA4F6A5EE323} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {AB2CC5D3-ADF9-4165-A0D9-A63DBD3260B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {B27D50C5-906A-4AD6-BE29-AAD1BD3EB5D7} - System32\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {CF27364E-6CD6-49E3-BE7A-BDBBAE6AAF2D} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {F9DB0870-59E2-4373-90D5-AE97BB6D64C7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {FCB0CF30-3917-45CE-AA1D-466F4D9E1D17} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{00138945-9C65-4A60-B651-17E309D19196} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{92EF7091-E3AF-4879-84FE-EE26D1C3216F} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== VerknÃ¼pfungen =============================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)

Shortcut: C:\Users\NABIL\Desktop\Metal Gear Solid 5 The Phantom Pain TimeZone geÃ¤ndert.lnk -> M:\Program Files (x86)\Metal Gear Solid 5 The Phantom Pain\MGS TimeZone geÃ¤ndert.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2012-09-11 17:27 - 2012-09-11 17:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2016-06-17 22:09 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-08-08 05:03 - 2013-08-08 05:03 - 00222544 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
2016-09-13 22:58 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-13 22:58 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 23:55 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-09-13 22:55 - 2016-09-07 06:15 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-13 22:55 - 2016-09-07 06:10 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-13 22:55 - 2016-09-07 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-13 22:55 - 2016-09-07 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-24 12:51 - 2016-06-24 12:51 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-04-30 10:34 - 2016-04-30 10:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-08-25 17:48 - 2016-08-25 17:48 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
2013-08-08 04:53 - 2013-08-08 04:53 - 00293200 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\sqlite3.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00080208 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\zlib125.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00016720 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-11-08 01:54 - 2014-10-16 04:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-08 04:54 - 2013-08-08 04:54 - 00158032 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui_GER.dll
2013-08-08 04:57 - 2013-08-08 04:57 - 00252240 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSBr_nuance.dll
2016-08-08 23:33 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-08 23:33 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\AcroTray.deu
2016-04-30 10:34 - 2016-04-30 10:34 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-30 10:34 - 2016-04-30 10:34 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:A303874F [173]
AlternateDataStreams: C:\Users\NABIL\Downloads\amddriverdownloader.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\CrystalDiskInfo6_1_8-en.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\everesthome220.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\UseNeXTSetup_5.62.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\WebInstallerJD2_c.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7863 mehr Seiten.

IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2009-07-14 04:34 - 2016-08-15 21:49 - 00000064 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NABIL\Desktop\burj_khalifa_tower_dubai-wide.jpg
HKU\S-1-5-21-225648569-1694930765-1264359465-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\asd\AppData\Local\Microsoft\Windows\Themes\ujzkh.jpg
HKU\S-1-5-21-225648569-1694930765-1264359465-1008\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-225648569-1694930765-1264359465-501\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{278F36E3-E5E5-496D-9967-86C892CB0535}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{61F0B3D8-6E05-4631-B607-765D7888E1B3}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{DFE35632-8DAB-41EB-AA84-01F9977553B9}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{C76F638A-9504-42D7-A763-B3F7C7C77A4D}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{3FA6F97C-FD99-443D-B260-7E179B357C71}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{94D1B07C-EDAF-4C90-8CC3-5785A62BEC09}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{33FC0D78-00E7-4EE7-826F-357D76533C66}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{3191DBD4-99B4-4FA6-94B8-51273941163D}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{188F0954-4EC3-4399-83F6-EE0BF23AE077}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{4C434557-268B-4506-8795-E89E79BDC932}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{022D5197-F34E-469E-AF46-4EBF7D76F20B}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{C19E7C2E-71DE-4E7D-9003-455B4F7AF125}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{8F0D9833-8AF0-4F46-ACA3-C18E8E68626D}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{B2DF9200-F7FB-4ACE-ADFE-93A335FFDED7}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{9132CCF3-4021-44E6-BB4F-750D84997DCE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7C628337-5393-4F4D-8B3A-0FC8A0871292}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03C5A55C-FEDA-4462-B1A6-7A5125C08CD3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E126A09-ED1B-4853-9FD3-7F730C3A7720}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{654A073E-6ED1-4003-8F42-5F7EB86A0D98}M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{C978A76E-96DC-413F-8615-462A2C9BBABF}M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{B8231BBE-8C3E-434C-85CD-600F133918B2}C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C1B67484-1EFA-4BCE-BF47-57706EF1AA68}C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7EF7F052-A6A9-443E-9F38-54442346F206}M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe] => (Allow) M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [TCP Query User{0D6A2E0E-9E9B-4A8E-822F-36F70C8168E0}M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe] => (Allow) M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [UDP Query User{EEAE159A-8B3C-4675-87AE-3BD636F1750A}C:\program files (x86)\steamless counterstrikesource pack\hl2.exe] => (Block) C:\program files (x86)\steamless counterstrikesource pack\hl2.exe
FirewallRules: [TCP Query User{021BE0C6-E61D-4499-952C-FE8DB4E21874}C:\program files (x86)\steamless counterstrikesource pack\hl2.exe] => (Block) C:\program files (x86)\steamless counterstrikesource pack\hl2.exe
FirewallRules: [{A32FAF58-1412-4155-B798-F363DD50CC08}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{E303A31E-16CA-4844-8AE1-F60109DBA675}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [UDP Query User{600F0A67-9FF7-4CB5-9863-3DF6FF0C2D6B}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe
FirewallRules: [TCP Query User{4EA24165-101E-41CF-9C45-B4F69E5A3C74}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe
FirewallRules: [{50617DBB-D641-4217-B751-BD810DB7F119}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E3DF5FD2-B668-4E3E-9D3E-8E5BB0BF87BA}] => (Allow) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{89114CC2-34F0-4122-B301-61AA4319945F}] => (Allow) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2440C70A-7A6B-4B6D-A123-712FBD70A9CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6462BAA3-0284-4552-A8DE-589A37AC6BCE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9852CEB2-2423-4233-B583-35544D84D9A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2215C6AB-62FB-4EEB-8717-07E567C59244}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{51D35BE1-7AFF-4262-BE02-61BD921DF615}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0781B69A-4B35-473F-AB47-89CE6318ED73}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{47FD8685-D285-49CB-ABD0-0977F2F84DD8}M:\games\call of duty black ops iii\blackops3.exe] => (Allow) M:\games\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{20E12BCC-D3DD-4775-BE35-10FF60E010BB}M:\games\call of duty black ops iii\blackops3.exe] => (Allow) M:\games\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{978374A8-AD20-4359-BE77-A67D94DA9896}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{1C42E517-0CBF-4D71-8D85-969177EA4138}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{9558C53E-37FF-45E7-9A8B-1EC4C71880C3}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{0578CCF7-AE1D-4C9C-943C-C69726E231B2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{80785240-54DC-4A65-81ED-4E4E4935CBE0}M:\jdownloader\jre\bin\javaw.exe] => (Allow) M:\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{42847236-F025-4A30-B7B4-2AE9BF5DCCF1}M:\jdownloader\jre\bin\javaw.exe] => (Allow) M:\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1D8D5B98-EB69-4C6A-AC19-F712EFF883CC}M:\jdownloader\jre\bin\java.exe] => (Allow) M:\jdownloader\jre\bin\java.exe
FirewallRules: [UDP Query User{994936E9-37C4-47A0-BDEB-6A846D73F363}M:\jdownloader\jre\bin\java.exe] => (Allow) M:\jdownloader\jre\bin\java.exe
FirewallRules: [{BDBA1559-0767-4003-B9C0-F7E1807BB450}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{054F7E49-BAC3-46B6-B654-491B7FC98899}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{8F4C311D-D711-48C8-8940-A2C3CC194115}M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe] => (Allow) M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe
FirewallRules: [UDP Query User{15C82FC6-62AB-4904-B306-70AD69A9F8AD}M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe] => (Allow) M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe
FirewallRules: [{21FE5001-0179-4A7F-B498-5A4FC555CC78}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{39F833ED-D645-4DF5-83B4-831D54CC965E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{68B18BCB-3874-46A4-80DD-9699222566CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A816DD60-DD86-4EA0-B739-3C9B7863C439}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F6B58786-8162-49F8-A162-73C2A3240B33}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe
FirewallRules: [{911438D9-1E32-4989-84B7-DEB3B3280F77}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\RpcSandraSrv.exe
FirewallRules: [TCP Query User{2848611B-7895-4823-B6D6-EF1CB0A006B6}M:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) M:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{1A33A746-BD72-44D4-9EDC-C53D8F2E8C08}M:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) M:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{68E4D429-DBA5-4597-951D-CAF7117A56F2}] => (Allow) M:\Program Files (x86)\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{B263A842-E664-4611-B127-0E9041E80D1E}] => (Allow) M:\Program Files (x86)\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{C5DFAF2D-B544-4910-A68A-FC0155A1ACAF}M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{D9AE8798-8B04-4742-93CA-7AB2A9C5D39A}M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [{9EA90930-8669-4BCB-AE2C-B41D164F14E5}] => (Allow) M:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4380FC8-563B-472A-81A3-22FADE6734CA}] => (Allow) M:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A2E30EF8-99FA-4ABA-B833-741974D6BC05}] => (Allow) M:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B48BF075-2C5F-47F9-ACAF-2980D48ACE01}] => (Allow) M:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BAC03561-5F5C-4155-9946-6B82F61A6381}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4C4C228A-CE78-4F94-AB6A-9A37178B6087}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{994B3FD3-15BE-418D-AFEA-A70CBBEC89AE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{20526224-9C49-480F-803C-192E53CF7DCD}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{FD77485A-0F7F-4A3B-8533-96CD5272A824}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7A16777D-B0E9-46FE-888E-9F62CD0D5ECB}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [UDP Query User{C342B424-54BE-42BC-91AD-47F83EDEA9AC}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [{661DF73C-B241-477E-AA84-B087393EEA7F}] => (Allow) M:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{95BA97EC-4661-448D-8FDE-F28C87808F43}] => (Allow) M:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [TCP Query User{16AE10AB-38F4-486C-A014-611576649CED}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{E3E6A7A6-5CEA-406B-949D-09673533E769}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{CE4FA322-8732-4E69-A9FF-C35A1E697952}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C7266C32-357F-4EF1-A933-EE8B0E33FA21}] => (Allow) M:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A3A7A281-EA5E-4FF3-AC60-4833EC72D1C3}] => (Allow) M:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/14/2016 05:05:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:23:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\Nuance\OmniPage19\LaunchPad.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:15:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:14:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\Nuance\OmniPage19\omnipage.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.

Error: (09/14/2016 03:12:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:12:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\Nuance\OmniPage19\LaunchPad.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:12:56 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\Nuance\OmniPage19\OpAgent.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:12:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:12:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Users\NABIL\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:12:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "c:\users\nabil\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.


Systemfehler:
=============
Error: (09/14/2016 03:18:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/14/2016 03:18:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NABIL\AppData\Local\Temp\ehdrv.sys

Error: (09/14/2016 03:18:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/14/2016 03:18:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NABIL\AppData\Local\Temp\ehdrv.sys

Error: (09/14/2016 03:18:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/14/2016 03:18:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NABIL\AppData\Local\Temp\ehdrv.sys

Error: (09/14/2016 03:14:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/14/2016 03:14:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NABIL\AppData\Local\Temp\ehdrv.sys

Error: (09/14/2016 03:14:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/14/2016 03:14:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NABIL\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-09-14 15:10:28.011
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-14 15:08:31.839
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-14 06:19:09.003
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-13 17:17:55.051
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-13 17:17:55.041
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-13 17:17:54.973
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-13 17:17:54.887
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-11 20:10:10.298
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-05 13:28:14.266
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-05 13:28:14.231
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8111.46 MB
Verfügbarer physikalischer RAM: 4930.62 MB
Summe virtueller Speicher: 16303.46 MB
Verfügbarer virtueller Speicher: 12570.04 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:42.36 GB) NTFS
Drive e: (Emily Wants To Play) (CDROM) (Total:2.26 GB) (Free:0 GB) UDF
Drive f: (Adobe Acrobat XI) (CDROM) (Total:0.74 GB) (Free:0 GB) CDFS
Drive g: (OMNIPAGE ULTIMAT) (CDROM) (Total:3.05 GB) (Free:0 GB) CDFS
Drive h: (LifeIsStrange) (CDROM) (Total:8.72 GB) (Free:0 GB) UDF
Drive m: (Volume) (Fixed) (Total:1863.01 GB) (Free:1008.97 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4A40E047)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5AC0E83E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

Danke für alles wurde nun alles entfernt

?

und ich wollte genau das selbe bei meinem Laptop machen könntest du mir da auch behilflich sein?

13.09.2016, 15:18	#9
M-K-D-B /// TB-Ausbilder	Laptop/Rechner bootet und arbeitet langsam.. Servus, gut gemacht. Es fehlt noch die Logdatei von JRT und die zwei von FRST.

Laptop/Rechner bootet und arbeitet langsam..

Plagegeister aller Art und deren Bekämpfung: Laptop/Rechner bootet und arbeitet langsam..