Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Bootzeit von Windows lange!

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 - als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 08.11.2014, 13:51   #1
nabil21
 
Bootzeit von Windows lange! - Standard

Problem: Bootzeit von Windows lange!



Hallo bin neu hier im Board

Hab ein wenig im Internet geschaut wieso mein Rechner so langsam bootet, zu Anfang hat der Rechner von nicht eingeschalteten Rechner bis zum Desktop grad mal 12 Sekunden ca. gebraucht. jetzt braucht der über 2 Minuten, obwohl ich eine SSD Festplatte auf meinen Rechner habe.

Generell ist mein Rechner sehr langsam geworden. Ich kenne mich leider nicht sehr gut aus mit Virenprogrammen usw. hab mir durch Berichte hier vom Board Emsisoft runtergeladen und über den Rechner ein Virencheck durchlaufen lassen, ungefähr 350 Malware wurden unter Quarantäne gepackt.

Leider hat sich nichts an der Geschwindigkeit meines Rechners geändert.


Ich würde gerne die Logdatein hier reinkopieren aber ich finde sie nicht auch nicht mit der Anleitung wie sie im Link beschrieben ist...


Ich hoffe ihr könnt mir weiterhelfen und bedanke mich.

Alt 08.11.2014, 15:33   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange! Anleitung / Hilfe



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 09.11.2014, 14:05   #3
nabil21
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange! Details



Vielen dank für die Antwort!!

ne also andere sind mir nicht bekannt die ich ausgeführt habe nur halt mit Emsisoft, wie gesagt finde ich nur leider nicht die log datei...

Hier einmal die Logdatein von Frist.txt und Addition.txt:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014
Ran by NABIL (administrator) on NABIL-PC on 09-11-2014 14:58:12
Running from C:\Users\NABIL\Downloads
Loaded Profile: NABIL (Available profiles: NABIL & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILEE.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4873248 2014-10-13] (Emsisoft GmbH)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\MountPoints2: {457e9596-aa77-11e3-9ea1-bc5ff4cb03d5} - G:\Setup.exe
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\MountPoints2: {4ef2e9aa-5185-11e4-a45b-bc5ff4cb03d5} - E:\setup.exe
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\MountPoints2: {85bd4523-2d64-11e3-a804-bc5ff4cb03d5} - E:\setup.exe
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\MountPoints2: {bc793812-51d2-11e4-9c0f-bc5ff4cb03d5} - E:\setup.exe
AppInit_DLLs-x32: C:\Users\NABIL\AppData\Local\Smartbar\Application\Resources\crdlil.dll => "C:\Users\NABIL\AppData\Local\Smartbar\Application\Resources\crdlil.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * sdnclean64.exeaswBoot.exe /M:576a9e96 /wow /dir:"C:\Program Files\AVAST Software\Avast"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:49245;https=127.0.0.1:49245
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82L-jjqNsntcc1QYiEBexLYhkF5VYnmuj-z1AHN5bC91-jkDLamPRxFRjURvf_MNff4p9OOUKPqB4jctylTcnPVm9v5-VxCItCaUQ-QxcoxDQXyCG_UZE9VcZiqW14x2oGZT0smWZVEfTfoq2dQJm5-g25b0Z9naVcQRmQ,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82L-jjqNsntcc1QYiEBexLYhkF5VYnmuj-z1AHN5bC91-jkDLamPRxFRjURvf_MNff4p9OOUKPqB4jctylTcnPVm9v5-VxCItCaUQ-QxcoxDQXyCG_UZE9VcZiqW14x2oGZT0smWZVEfTfoq2dQJm5-g25b0Z9naVcQRmQ,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68&q={searchTerms}
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=102&systemid=473&v=a11465-233&apn_uid=1160181572044903&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82L-jjqNsntcc1QYiEBexLYhkF5VYnmuj-z1AHN5bC91-jkDLamPRxFRjURvf_MNff4p9OOUKPqB4jctylTcnPVm9v5-VxCItCaUQ-QxcoxDQXyCG_UZE9VcZiqW14x2oGZT0smWZVEfTfoq2dQJm5-g25b0Z9naVcQRmQ,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82L-jjqNsntcc1QYiEBexLYhkF5VYnmuj-z1AHN5bC91-jkDLamPRxFRjURvf_MNff4p9OOUKPqB4jctylTcnPVm9v5-VxCItCaUQ-QxcoxDQXyCG_UZE9VcZiqW14x2oGZT0smWZVEfTfoq2dQJm5-g25b0Z9naVcQRmQ,,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: SmartSaver+ 15 -> {11111111-1111-1111-1111-110611171196} -> C:\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho64.dll (smart-saverplus)
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: SmartSaver+ 15 -> {11111111-1111-1111-1111-110611171196} -> C:\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho.dll (smart-saverplus)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {b7b6b079-f2f7-452e-99da-9e9bb57217fe} ->  No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> m:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release6352.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha206.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ff
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-10-16]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ff [Not Found]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=55&CUI=&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=55&CUI=&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultNewTabURL: Default -> https://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SAT=CNTS
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-29]
CHR Extension: (YouTube) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-05]
CHR Extension: (Google-Suche) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-05]
CHR Extension: (AdBlock) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-10-25]
CHR Extension: (Google Wallet) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-25]
CHR Extension: (Google Mail) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-05]
CHR HKLM-x32\...\Chrome\Extension: [dabiojiiidaepijppfchfinldmhhfhok] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ch\RichMediaViewV1release6352.crx []
CHR HKLM-x32\...\Chrome\Extension: [oacphlebognfhmpckkjjgpnlddonanpe] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ch\TrustMediaViewerV1alpha206.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4816568 2014-10-13] (Emsisoft GmbH)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] ()
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-11] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-11] (globalUpdate) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-12] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-05-24] ()
S1 BdfNdisf; \??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [X]
S3 ISCT; system32\DRIVERS\ISCTD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 14:58 - 2014-11-09 14:58 - 00022358 _____ () C:\Users\NABIL\Downloads\FRST.txt
2014-11-09 14:57 - 2014-11-09 14:58 - 00000000 ____D () C:\FRST
2014-11-09 14:57 - 2014-11-09 14:57 - 02115584 _____ (Farbar) C:\Users\NABIL\Downloads\FRST64.exe
2014-11-08 05:13 - 2014-11-08 05:13 - 00001704 _____ () C:\EamClean.log
2014-11-08 04:40 - 2014-11-08 04:40 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-11-08 03:57 - 2014-11-09 14:02 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-08 03:57 - 2014-11-08 03:57 - 00001091 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-11-08 03:57 - 2014-11-08 03:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-11-08 03:54 - 2014-11-08 03:54 - 161707240 _____ (Emsisoft GmbH ) C:\Users\NABIL\Downloads\EmsisoftAntiMalwareSetup.exe
2014-11-04 23:24 - 2014-11-04 23:24 - 10255080 _____ (Lavalys, Inc. ) C:\Users\NABIL\Downloads\everestultimate550.exe
2014-11-04 23:24 - 2014-11-04 23:24 - 00001122 _____ () C:\Users\NABIL\Desktop\EVEREST Ultimate Edition.lnk
2014-11-04 23:13 - 2014-11-04 23:13 - 05378177 _____ () C:\Users\NABIL\Downloads\p95v285.win64.zip
2014-11-01 22:48 - 2014-11-01 22:48 - 00000000 ____D () C:\Users\NABIL\Desktop\Shaders
2014-11-01 22:47 - 2014-11-08 05:13 - 00323174 _____ () C:\Windows\PFRO.log
2014-11-01 22:10 - 2014-11-01 22:10 - 00002136 _____ () C:\Users\NABIL\Desktop\Bully.lnk
2014-11-01 21:50 - 2014-11-01 21:52 - 00000000 ____D () C:\Users\NABIL\Documents\Bully Scholarship Edition
2014-11-01 21:40 - 2014-11-01 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-11-01 21:33 - 2014-11-01 21:34 - 00017513 _____ () C:\Windows\DirectX.log
2014-10-27 15:08 - 2014-10-27 15:09 - 00043928 _____ () C:\Users\NABIL\AppData\Roaming\test.jar
2014-10-26 00:00 - 2014-11-08 05:13 - 00189973 _____ () C:\Windows\setupact.log
2014-10-26 00:00 - 2014-10-26 00:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-22 04:32 - 2014-10-22 04:32 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-22 04:32 - 2014-10-22 04:32 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-20 13:34 - 2014-11-08 05:13 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-20 13:34 - 2014-10-20 13:34 - 130462856 _____ (AVAST Software) C:\Users\NABIL\Downloads\avast_free_antivirus_setup-rc2.exe
2014-10-20 13:26 - 2014-10-20 13:26 - 00000000 ____D () C:\Windows\pss
2014-10-20 13:25 - 2014-10-20 13:25 - 00092484 _____ () C:\Users\NABIL\Documents\cc_20141020_142507.reg
2014-10-20 13:23 - 2014-10-20 13:23 - 03836936 _____ (Piriform Ltd) C:\Users\NABIL\Downloads\ccsetup418_slim.exe
2014-10-16 00:12 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 00:12 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 00:12 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 00:12 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 00:12 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 00:12 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 00:12 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 00:12 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 00:12 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 00:12 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 00:12 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 00:12 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 00:12 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 00:12 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 00:12 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 00:12 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 00:12 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 00:12 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 00:12 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 00:12 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 00:12 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 00:12 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 00:12 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 00:12 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 00:12 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 00:12 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 00:12 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 00:12 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 00:12 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 00:12 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 00:12 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 00:12 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 00:12 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 00:12 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 00:12 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 00:12 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 00:12 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 00:12 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 00:12 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 00:12 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 00:12 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 00:12 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 00:12 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 00:12 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 00:12 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 00:12 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 00:12 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 00:12 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 00:12 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 00:12 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 00:12 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 00:12 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 00:12 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 00:12 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 00:12 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 00:12 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 00:12 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 00:12 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 00:12 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 00:12 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 00:12 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 00:12 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 00:11 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 00:11 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 00:11 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 00:11 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 00:11 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 00:11 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 00:11 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 00:11 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 00:11 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 00:11 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-12 17:53 - 2014-09-27 13:29 - 00000000 ____D () C:\Users\NABIL\Desktop\The.Sims.4.Update.3.and.Crack.v7
2014-10-12 17:51 - 2014-10-12 17:52 - 97307499 _____ () C:\Users\NABIL\Downloads\The.Sims.4.Update.3.and.Crack.v7.rar
2014-10-12 17:36 - 2014-10-21 02:28 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\Win Update
2014-10-12 17:26 - 2014-10-12 17:26 - 00000000 ____D () C:\Users\NABIL\AppData\Local\RocketTab
2014-10-12 11:57 - 2014-10-12 11:57 - 00000000 ____D () C:\Users\NABIL\Documents\CAPCOM
2014-10-12 11:55 - 2014-10-12 11:55 - 00000599 _____ () C:\Users\Public\Desktop\Ultra Street Fighter IV.lnk
2014-10-12 11:55 - 2014-10-12 11:55 - 00000599 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra Street Fighter IV.lnk
2014-10-12 11:51 - 2014-11-08 05:10 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-10-12 11:51 - 2014-11-08 05:10 - 00000000 ____D () C:\Program Files (x86)\RocketTab
2014-10-12 11:51 - 2014-10-20 13:27 - 00004140 _____ () C:\Windows\System32\Tasks\RocketTab Update Task
2014-10-12 11:51 - 2014-10-20 13:27 - 00003354 _____ () C:\Windows\System32\Tasks\RocketTab
2014-10-12 11:50 - 2014-10-12 11:50 - 00001950 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-10-12 11:50 - 2014-10-12 11:50 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\mystartsearch
2014-10-12 11:49 - 2014-10-12 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-10-12 11:49 - 2014-10-12 11:49 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-10-12 11:49 - 2014-10-12 11:49 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-10-12 11:48 - 2014-10-12 11:50 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\Panda Security
2014-10-12 11:48 - 2014-10-12 11:50 - 00000000 ____D () C:\ProgramData\Panda Security
2014-10-12 11:48 - 2014-10-12 11:50 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-10-12 11:48 - 2014-10-12 11:48 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-10-12 11:47 - 2014-10-12 11:47 - 00765768 _____ ( ) C:\Users\NABIL\Downloads\DTLite4491-0356_inst.exe
2014-10-12 11:08 - 2011-02-18 15:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-10-12 10:23 - 2014-10-12 10:23 - 00000085 _____ () C:\Windows\wininit.ini
2014-10-11 22:28 - 2014-11-08 05:10 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-10-11 22:28 - 2014-10-12 11:50 - 00002502 _____ () C:\Users\NABIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-11 22:28 - 2014-10-12 11:50 - 00002455 _____ () C:\Users\NABIL\Desktop\Search.lnk
2014-10-11 22:27 - 2014-11-08 05:10 - 00000000 ____D () C:\Users\NABIL\AppData\Local\LPT
2014-10-11 21:28 - 2012-12-10 15:21 - 00163376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-10-11 21:28 - 2012-11-26 10:10 - 00221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2014-10-11 21:28 - 2012-07-06 19:03 - 00617816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2014-10-11 21:28 - 2012-05-02 10:17 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2014-10-11 21:28 - 2011-01-12 12:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71deu.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71ita.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71fra.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71esp.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71enu.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71kor.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71jpn.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71cht.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71chs.dll
2014-10-11 21:28 - 2011-01-12 12:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-10-11 21:28 - 2011-01-12 11:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2014-10-11 21:28 - 2010-02-16 13:22 - 00659264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00443488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshflxgd.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00415552 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00278352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00258880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00252240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00222528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00218432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00215880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00178512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00170080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2014-10-11 21:28 - 2010-02-16 13:22 - 00126800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00119616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00107840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
2014-10-11 21:28 - 2010-02-16 13:22 - 00100160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00080208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2014-10-11 21:28 - 2007-02-01 21:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-10-11 21:28 - 2007-02-01 18:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-10-11 21:28 - 2007-01-30 21:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-10-11 21:28 - 2006-08-25 23:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2014-10-11 21:28 - 2006-08-25 23:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2014-10-11 21:28 - 2006-08-25 22:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2014-10-11 21:28 - 2006-04-10 12:41 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl32.ocx
2014-10-11 21:28 - 2005-01-20 18:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2014-10-11 21:28 - 2002-01-05 04:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
2014-10-11 21:28 - 2001-08-22 23:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-10-11 21:28 - 1996-01-12 02:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb40032.dll
2014-10-11 21:28 - 1993-07-23 18:31 - 00210944 _____ () C:\Windows\SysWOW64\msvcrt10.dll
2014-10-11 21:24 - 2014-10-11 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
2014-10-11 19:12 - 2014-11-09 14:12 - 00004480 _____ () C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-4.job
2014-10-11 19:12 - 2014-11-09 14:12 - 00003438 _____ () C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-1.job
2014-10-11 19:12 - 2014-11-09 14:12 - 00002432 _____ () C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5_user.job
2014-10-11 19:12 - 2014-11-09 14:12 - 00002432 _____ () C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5.job
2014-10-11 19:12 - 2014-11-09 14:12 - 00002096 _____ () C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-2.job
2014-10-11 19:12 - 2014-11-09 11:30 - 00001332 _____ () C:\Windows\Tasks\GOO.job
2014-10-11 19:12 - 2014-10-11 19:12 - 01539488 _____ (smart-saverplus) C:\Users\NABIL\AppData\Roaming\GOO.exe
2014-10-11 19:11 - 2014-11-09 14:11 - 00005170 _____ () C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-11.job
2014-10-11 19:11 - 2014-11-09 14:11 - 00004144 _____ () C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-6.job
2014-10-11 19:11 - 2014-11-09 14:11 - 00003800 _____ () C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-7.job
2014-10-11 19:11 - 2014-11-09 14:11 - 00003456 _____ () C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-3.job
2014-10-11 19:11 - 2014-11-09 09:01 - 00001686 _____ () C:\Windows\Tasks\ICWGRTHR.job
2014-10-11 19:11 - 2014-11-08 20:16 - 00000958 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-11 19:11 - 2014-11-08 05:10 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 15
2014-10-11 19:11 - 2014-10-11 19:11 - 00000000 ____D () C:\Users\NABIL\AppData\Local\globalUpdate
2014-10-11 19:11 - 2014-10-11 19:11 - 00000000 ____D () C:\Program Files (x86)\globalUpdate

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 14:37 - 2013-10-25 17:03 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 14:26 - 2014-05-21 12:26 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job
2014-11-09 14:26 - 2014-05-21 12:26 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job
2014-11-09 14:06 - 2013-10-19 02:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 05:37 - 2013-10-25 17:03 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 03:00 - 2014-03-05 20:00 - 01351250 _____ () C:\Windows\WindowsUpdate.log
2014-11-08 05:20 - 2009-07-14 05:45 - 00038848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-08 05:20 - 2009-07-14 05:45 - 00038848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-08 05:17 - 2010-11-21 07:50 - 00700130 _____ () C:\Windows\system32\perfh007.dat
2014-11-08 05:17 - 2010-11-21 07:50 - 00149768 _____ () C:\Windows\system32\perfc007.dat
2014-11-08 05:17 - 2009-07-14 06:13 - 01622706 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 05:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-08 05:10 - 2014-07-07 14:26 - 00000000 ____D () C:\Program Files (x86)\Valiant Hearts The Great War
2014-11-08 03:53 - 2014-05-07 16:50 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-11-04 23:24 - 2013-11-19 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2014-11-04 23:24 - 2013-11-19 14:50 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-04 02:30 - 2013-10-25 15:49 - 00000000 ____D () C:\Users\NABIL\AppData\Local\Microsoft Help
2014-11-02 15:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-01 21:51 - 2014-03-19 16:30 - 00000000 ____D () C:\Users\NABIL\AppData\Local\JDownloader 2.0
2014-11-01 21:50 - 2013-10-05 03:21 - 00000000 ____D () C:\Users\NABIL\AppData\Local\VirtualStore
2014-11-01 21:40 - 2013-10-05 02:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-01 21:35 - 2014-07-07 14:09 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-11-01 21:32 - 2013-10-05 03:37 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\DAEMON Tools Lite
2014-11-01 21:31 - 2014-05-28 00:57 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\Raptr
2014-10-31 03:17 - 2013-10-19 23:37 - 00130925 _____ () C:\Users\NABIL\Documents\TombRaider.log
2014-10-31 01:45 - 2014-06-17 22:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-28 20:38 - 2013-10-25 17:03 - 00002385 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-23 18:26 - 2014-06-22 17:34 - 00000000 ____D () C:\Users\NABIL\AppData\Local\Nero
2014-10-23 18:23 - 2013-11-19 23:50 - 00000000 ____D () C:\ProgramData\Origin
2014-10-20 13:24 - 2014-05-23 16:33 - 00000000 ____D () C:\Windows\Minidump
2014-10-20 13:24 - 2014-03-05 19:52 - 00000000 ____D () C:\Windows\Panther
2014-10-20 13:24 - 2013-10-05 17:20 - 00000000 ____D () C:\Users\NABIL\AppData\Local\CrashDumps
2014-10-20 09:33 - 2013-11-19 23:50 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-20 02:00 - 2013-10-25 15:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-20 02:00 - 2013-10-25 15:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 09:52 - 2014-03-05 20:04 - 00111520 _____ () C:\Users\NABIL\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-16 03:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 02:22 - 2009-07-14 05:45 - 00433376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 02:06 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-10-16 02:02 - 2013-10-05 02:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 02:00 - 2014-03-05 21:02 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-12 19:17 - 2013-10-08 20:23 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\vlc
2014-10-12 18:05 - 2014-08-18 01:41 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-12 17:46 - 2013-11-12 21:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-12 17:45 - 2014-03-17 04:41 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-10-12 11:50 - 2014-03-05 20:04 - 00001643 _____ () C:\Users\NABIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-12 10:23 - 2014-08-18 01:42 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
ZeroAccess:
C:\Users\NABIL\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install

Some content of TEMP:
====================
C:\Users\NABIL\AppData\Local\Temp\proxy_vole5588583318294036657.dll
C:\Users\NABIL\AppData\Local\Temp\System.Data.SQLite28695.dll
C:\Users\NABIL\AppData\Local\Temp\System.Data.SQLite40051.dll
C:\Users\NABIL\AppData\Local\Temp\System.Data.SQLite73447.dll
C:\Users\NABIL\AppData\Local\Temp\System.Data.SQLite94083.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 00:26

==================== End Of Log ============================
         
--- --- ---

--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014
Ran by NABIL at 2014-11-09 14:58:26
Running from C:\Users\NABIL\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06 (HKLM-x32\...\Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06) (Version:  - )
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\GOGPACKBROKENSWORD5EP1EP2_is1) (Version: 2.0.0.2 - GOG.com)
Bully Scholarship Edition (HKLM-x32\...\InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}) (Version: 1.00.0154 - Ihr Firmenname)
Bully Scholarship Edition (x32 Version: 1.00.0154 - Ihr Firmenname) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.1.8 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.8 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DAEMON Tools Packages (HKCU\...\DAEMON Tools Packages) (Version:  - ) <==== ATTENTION
Druckerdeinstallation für EPSON XP-412 413 415 Series (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Audio Converter version 5.0.43.605 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.43.605 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Harry Potter und der Orden des Phönix™ (HKLM-x32\...\{B69F28DF-CBB1-41B7-008A-210E4D0518FC}) (Version:  - )
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
L.A. Noire The Complete Edition Version 1.3.2617 (HKLM-x32\...\L.A. Noire The Complete Edition_is1) (Version: 1.3.2617 - Rockstar Games)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (HKLM\...\{3C28BFD4-90C7-3138-87EF-418DC16E9598}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (HKLM\...\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (HKLM-x32\...\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (HKLM-x32\...\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Murdered: Soul Suspect (HKLM-x32\...\{98B68ADF-BED8-4F73-AA8A-B0236D547574}_is1) (Version: 1.0 - Eidos Interactive)
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ATTENTION
Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst (HKLM-x32\...\Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst_is1) (Version:  - )
Naruto Shippuden Ultimate Ninja Storm Revolution (HKLM-x32\...\Naruto Shippuden Ultimate Ninja Storm Revolution_is1) (Version:  - )
Nero 2014 (HKLM-x32\...\{A618CE26-1E36-4FA4-A1F4-D079DC6022B8}) (Version: 15.0.08500 - Nero AG)
Nero Burning ROM 2014 (HKLM-x32\...\{A4DC74AA-F4DF-48B9-AA4B-C30CA0DBCA33}) (Version: 15.0.04600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.0 - Tracker Software Products Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
RocketTab (HKLM-x32\...\RocketTab) (Version:  - RocketTab) <==== ATTENTION
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Saints Row IV Game of the Century Edition 1.0 (HKLM-x32\...\Saints Row IV Game of the Century Edition 1.0) (Version:  - )
SAMSUNG Android USB Modem Software (HKLM\...\SAMSUNG Android USB Modem) (Version: V5.28.2.1 - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SmartSaver+ 15 (HKLM-x32\...\SmartSaver+ 15) (Version: 1.35.9.29 - smart-saverplus) <==== ATTENTION
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
South Park - The Stick of Truth Version 1.0.1353 (HKLM-x32\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
SSD Tweaker version 3.0.5 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.0.5 - Elpamsoft.com)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
The SIMS 4 Deluxe Edition, версия 1.0 (HKLM-x32\...\The SIMS 4 Deluxe Edition_is1) (Version: 1.0 - )
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version:  - )
Tony Hawk's Pro Skater 2 (HKLM-x32\...\Activision_THPS2UninstallKey) (Version:  - )
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Valiant Hearts: The Great War (HKLM-x32\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Yahoo Community Smartbar (HKLM-x32\...\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU\...\{5eb5b6cd-f37b-4d75-9f81-cf74e506c74e}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

02-11-2014 01:43:36 Windows Update
05-11-2014 08:38:33 Windows Update
08-11-2014 02:51:13 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-18 02:47 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0199DAEA-2CDC-4158-8133-8B3CA8217565} - \04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-7 No Task File <==== ATTENTION
Task: {0F82604F-B3D0-4C4E-B5FE-7D703CE1EC22} - \GOO No Task File <==== ATTENTION
Task: {12BCA6B7-7CDC-432F-90C4-30FC837C51A0} - \04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5 No Task File <==== ATTENTION
Task: {188C11F5-E10E-47B6-A625-829DC81F8E28} - \04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-11 No Task File <==== ATTENTION
Task: {2219BAF3-970C-442B-AA03-6D10302BA04F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {238610D6-9699-44BC-A5B0-E5679E67D1A0} - \EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196} No Task File <==== ATTENTION
Task: {24876B7C-32FE-4959-8BB5-D59B10BDDBF1} - \ICWGRTHR No Task File <==== ATTENTION
Task: {27B49083-4E57-43A3-8339-DF6843AB4125} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {341F501E-48C2-4514-9DA5-881E88F866FF} - \EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196} No Task File <==== ATTENTION
Task: {4624FBD3-1D5F-4E4A-8396-CB978A1BD656} - \IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon No Task File <==== ATTENTION
Task: {49EE3DC5-FE46-41EF-A913-76570F92D6E7} - \04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-1 No Task File <==== ATTENTION
Task: {5AD867B7-969A-4C8E-838F-142BDF03A379} - \{B35262DE-0950-4BEA-9A58-BE682D815EEE} No Task File <==== ATTENTION
Task: {5D4784AA-3D2A-47D1-AA9E-FA412CD8B09C} - \{3A70AE66-2161-45F1-BC81-E4451C4BF737} No Task File <==== ATTENTION
Task: {6B05F11A-0FAA-459F-8398-5A68E112F578} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-25] (Google Inc.)
Task: {706F87B7-627A-4CC1-86FF-79677BE97B45} - \04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-4 No Task File <==== ATTENTION
Task: {76BA8275-C927-4500-B0BA-C5810F141449} - \04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-6 No Task File <==== ATTENTION
Task: {770593FD-5DCE-4284-80C5-1B4C297A7465} - \04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-2 No Task File <==== ATTENTION
Task: {7736A164-4121-4B69-B310-4F3CDF31E690} - \{F61289EF-9E48-408A-9F0F-A38888488027} No Task File <==== ATTENTION
Task: {77B9CDDC-6BCD-4FD2-B681-C755E0F2A57C} - \04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5_user No Task File <==== ATTENTION
Task: {77C747D9-C6AA-4A9E-A75D-25ACB3C35BF7} - \{ED28B8C6-213A-407F-A2A3-4DA0C0FE19D2} No Task File <==== ATTENTION
Task: {876EA98A-187D-4A26-8183-339326B7D990} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-25] (Google Inc.)
Task: {948479EC-5D12-420E-BF1B-55B1953E3A14} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {AAA14B36-E703-45C3-A4C9-2E289BD112BC} - \{2E26820B-A83B-49A3-ADCC-EA6C07463424} No Task File <==== ATTENTION
Task: {AC35A4A8-300E-4C39-ABA4-0852D55E9634} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\RocketTab\uninstall.exe <==== ATTENTION
Task: {B6FB57AF-5104-4E12-9FD5-88D761B2AED5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C73C890A-65BB-4592-9041-E69B1F9BC14A} - \Adobe-Online-Aktualisierungsprogramm No Task File <==== ATTENTION
Task: {D05228F7-20DA-4A45-9C0B-696C1ED33576} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {D0DD6EB6-BC1B-4C0E-B618-AB1787A282E0} - \04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-3 No Task File <==== ATTENTION
Task: {D51162AA-E1CD-4B81-8553-8DBAB2655E92} - \{38EEE14A-0C6A-49CC-A422-EC4827DFABC8} No Task File <==== ATTENTION
Task: {DBCCFDB7-E380-42A4-82BA-B20BC69765B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E468E327-3D33-44C1-B90F-CD9AC9587272} - \IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 No Task File <==== ATTENTION
Task: {E8954B57-E73D-4999-AE33-38760C133E97} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\RocketTab\Client.exe" /Preferred=true <==== ATTENTION
Task: C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-1.job => C:\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-codedownloader.exe
Task: C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-11.job => C:\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-11.exe
Task: C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-2.job => C:\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-2.exe
Task: C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-3.job => C:\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-3.exe
Task: C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-4.job => C:\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-4.exe
Task: C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5.job => C:\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5.exe
Task: C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5_user.job => C:\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5.exe
Task: C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-6.job => C:\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-6.exe
Task: C:\Windows\Tasks\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-7.job => C:\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-7.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GOO.job => C:\Users\NABIL\AppData\Roaming\GOO.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ICWGRTHR.job => C:\Users\NABIL\AppData\Roaming\ICWGRTHR.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2012-09-11 16:27 - 2012-09-11 16:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2014-11-08 03:57 - 2014-10-06 17:43 - 00775400 _____ () C:\Program Files (x86)\Emsisoft Anti-Malware\fw32.dll
2013-10-05 02:02 - 2013-03-12 12:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\NABIL\Downloads\ac3filter_2_6_0b.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\amddriverdownloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\AW Bewerbung.eml:OECustomProperty
AlternateDataStreams: C:\Users\NABIL\Downloads\CrystalDiskInfo6_1_8-en.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\Dropbox - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\everesthome220.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\FreeYouTubeToMP3Converter (2).exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\OriginThinSetup.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\Samsung Android USB Composite Device Treiber - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\Samsung Kies - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\SoftonicDownloader_fuer_ac3filter.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\UseNeXTSetup_5.62.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\WebInstallerJD2_c.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\WinZip175_mfse_fah.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

========================= Accounts: ==========================

Administrator (S-1-5-21-225648569-1694930765-1264359465-500 - Administrator - Disabled)
asd (S-1-5-21-225648569-1694930765-1264359465-1004 - Administrator - Enabled)
Gast (S-1-5-21-225648569-1694930765-1264359465-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-225648569-1694930765-1264359465-1002 - Limited - Enabled)
NABIL (S-1-5-21-225648569-1694930765-1264359465-1000 - Administrator - Enabled) => C:\Users\NABIL

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: BitDefender Firewall NDIS 6 Filter Driver
Description: BitDefender Firewall NDIS 6 Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BdfNdisf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2014 05:33:53 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/08/2014 05:23:25 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/08/2014 05:15:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2014 05:13:25 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CISCTPnpDriverApi::CreateInstance   *****Unable to open the ISCT device driver

Error: (11/07/2014 06:46:51 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/06/2014 03:28:14 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/05/2014 00:19:58 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/04/2014 01:57:37 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/03/2014 05:23:23 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/02/2014 02:43:15 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={663EE6E1-99C1-435B-8B23-7E8AC7278C30}: Der Benutzer "NABIL-PC\NABIL" hat eine Verbindung mit dem Namen "NETHERLANDS VPN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.


System errors:
=============
Error: (11/08/2014 05:13:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BdfNdisf

Error: (11/05/2014 09:35:34 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (11/05/2014 09:35:33 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (11/05/2014 09:35:33 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (11/05/2014 09:35:32 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (11/02/2014 09:27:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BdfNdisf

Error: (11/02/2014 02:32:21 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BdfNdisf

Error: (11/01/2014 11:19:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BdfNdisf

Error: (11/01/2014 10:58:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BdfNdisf

Error: (11/01/2014 10:52:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BdfNdisf


Microsoft Office Sessions:
=========================
Error: (11/09/2014 05:33:53 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/08/2014 05:23:25 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/08/2014 05:15:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2014 05:13:25 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CISCTPnpDriverApi::CreateInstance   *****Unable to open the ISCT device driver

Error: (11/07/2014 06:46:51 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/06/2014 03:28:14 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/05/2014 00:19:58 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/04/2014 01:57:37 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/03/2014 05:23:23 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/02/2014 02:43:15 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {663EE6E1-99C1-435B-8B23-7E8AC7278C30}NABIL-PC\NABILNETHERLANDS VPN691


CodeIntegrity Errors:
===================================
  Date: 2013-11-19 14:50:13.492
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\NABIL\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-19 14:50:13.476
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\NABIL\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-19 14:50:13.433
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-19 14:50:13.417
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 31%
Total physical RAM: 8111.47 MB
Available physical RAM: 5587.15 MB
Total Pagefile: 16221.12 MB
Available Pagefile: 12793.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:11.19 GB) NTFS
Drive d: (PC Receiver) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
Drive f: (MULTIBOOT) (Removable) (Total:1.86 GB) (Free:1.07 GB) FAT32
Drive m: (Volume) (Fixed) (Total:1863.01 GB) (Free:941.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4A40E047)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5AC0E83E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: B0BCD68E)
No partition Table on disk 2.

==================== End Of Log ============================
         
__________________

Alt 09.11.2014, 14:57   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bootzeit von Windows lange! - Standard

Lösung: Bootzeit von Windows lange!



Zitat:
C:\Users\NABIL\Desktop\The.Sims.4.Update.3.and.Crack.v7
Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.11.2014, 15:20   #5
nabil21
 
Bootzeit von Windows lange! - Standard

Wie Bootzeit von Windows lange!



Verzeih, hier an diesem Rechner und an meinem Laptop ist mein Schwager oft dran. Hab nicht die Übersicht was der im Netz treibt alles.

Wird die Datei jetzt sofort löschen!

Danke für den Hinweis

Edit: GELÖSCHT!


Alt 09.11.2014, 15:31   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bootzeit von Windows lange! - Standard

Wo Bootzeit von Windows lange! Lösung!



Bitte stell sicher, dass alles an illegalem Zeugs runter ist, falls da noch mehr ist. Also nicht nur der Sims-Crack.
__________________
--> Bootzeit von Windows lange!

Alt 09.11.2014, 15:35   #7
nabil21
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange!



Zitat:
Zitat von cosinus Beitrag anzeigen
Bitte stell sicher, dass alles an illegalem Zeugs runter ist, falls da noch mehr ist. Also nicht nur der Sims-Crack.
Danke für die Info.

Ist nun erledigt hab einiges noch gefunden...

Alt 09.11.2014, 15:40   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange!



Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.11.2014, 15:59   #9
nabil21
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange!



Danke für die Antwort:

Hier die log Datei:

Code:
ATTFilter
ComboFix 14-11-09.01 - NABIL 09.11.2014  16:51:49.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8111.6140 [GMT 1:00]
ausgeführt von:: c:\users\NABIL\Desktop\ComboFix.exe
AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Config\uninstinethnfd.exe
c:\program files (x86)\Common Files\Config\ver.xml
c:\program files (x86)\Google\Desktop\Install
c:\program files (x86)\Google\Desktop\Install\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\9519~1\A535~1\E628~1\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\@
c:\program files (x86)\Google\Desktop\Install\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\9519~1\A535~1\E628~1\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\L\76603ac3
c:\program files (x86)\Google\Desktop\Install\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\9519~1\A535~1\E628~1\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\U\00000008.@
c:\program files (x86)\Google\Desktop\Install\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\9519~1\A535~1\E628~1\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\U\80000064.@
c:\program files (x86)\PSupport\uninstall.exe
c:\program files (x86)\ShoppingChip
c:\program files (x86)\SmartSaver+ 15
c:\program files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-2.exe
c:\program files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-4.exe
c:\program files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5.exe
c:\program files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-6.exe
c:\program files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-64.exe
c:\program files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-7.exe
c:\program files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65.crx
c:\program files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65.xpi
c:\program files (x86)\SmartSaver+ 15\0524d87e-15d1-4175-9d5d-8ff069da3fa1.crx
c:\program files (x86)\SmartSaver+ 15\0524d87e-15d1-4175-9d5d-8ff069da3fa1.dll
c:\program files (x86)\SmartSaver+ 15\1293297481.mxaddon
c:\program files (x86)\SmartSaver+ 15\a78b6eae-0a2e-49bb-951f-7df820f906a1.dll
c:\program files (x86)\SmartSaver+ 15\background.html
c:\program files (x86)\SmartSaver+ 15\bgNova.html
c:\program files (x86)\SmartSaver+ 15\d7f714fd-39c9-42c5-b936-c219f0405f7c.crx
c:\program files (x86)\SmartSaver+ 15\SmartSaver+ 15-bg.exe
c:\program files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho.dll
c:\program files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho64.dll
c:\program files (x86)\SmartSaver+ 15\SmartSaver+ 15-codedownloader.exe
c:\program files (x86)\SmartSaver+ 15\SmartSaver+ 15.ico
c:\program files (x86)\SmartSaver+ 15\Uninstall.exe
c:\program files (x86)\SmartSaver+ 15\utils.exe
c:\programdata\1399427748.5108.bin
c:\programdata\1399427748.5448.bin
c:\programdata\1399427748.8284.bin
c:\programdata\1399427748.8704.bin
c:\programdata\ShoppingChip
c:\users\NABIL\AppData\Local\Google\Desktop\Install
c:\users\NABIL\AppData\Local\Google\Desktop\Install\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\2E2F~1\28F0~1\E628~1\{d7e184a2-18e7-f1ee-c632-6349d03c442b}\@
c:\users\NABIL\AppData\Roaming\dclogs
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-12-1.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-15-4.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-16-5.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-17-6.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-18-7.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-19-1.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-20-2.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-21-3.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-22-4.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-23-5.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-24-6.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-25-7.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-26-1.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-27-2.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-28-3.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-29-4.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-30-5.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-10-31-6.dc
c:\users\NABIL\AppData\Roaming\dclogs\2014-11-01-7.dc
c:\users\NABIL\Desktop\Search.lnk
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
-------\Service_globalUpdate
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-10-09 bis 2014-11-09  ))))))))))))))))))))))))))))))
.
.
2014-11-09 15:54 . 2014-11-09 15:54	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-11-09 15:54 . 2014-11-09 15:54	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-11-09 13:57 . 2014-11-09 13:58	--------	d-----w-	C:\FRST
2014-11-08 07:02 . 2014-10-20 01:37	11627712	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{EB0A02ED-ACDD-447C-90D0-55580D987B35}\mpengine.dll
2014-11-08 03:40 . 2014-11-08 03:40	--------	d-----w-	c:\programdata\Emsisoft
2014-11-08 02:57 . 2014-11-09 15:55	--------	d-----w-	c:\program files (x86)\Emsisoft Anti-Malware
2014-11-08 02:51 . 2014-11-08 02:51	--------	d-s---w-	c:\windows\SysWow64\Microsoft
2014-10-20 12:34 . 2014-11-08 04:13	--------	d-----w-	c:\programdata\AVAST Software
2014-10-15 23:11 . 2014-07-17 02:07	235520	----a-w-	c:\windows\system32\winsta.dll
2014-10-12 16:36 . 2014-10-21 01:28	--------	d-----w-	c:\users\NABIL\AppData\Roaming\Win Update
2014-10-12 16:26 . 2014-10-12 16:26	--------	d-----w-	c:\users\NABIL\AppData\Local\RocketTab
2014-10-12 10:51 . 2014-11-08 04:10	--------	d-----w-	c:\program files (x86)\RocketTab
2014-10-12 10:51 . 2014-11-08 04:10	--------	d-----w-	c:\programdata\WindowsMangerProtect
2014-10-12 10:50 . 2014-10-12 10:50	--------	d-----w-	c:\users\NABIL\AppData\Roaming\mystartsearch
2014-10-12 10:49 . 2014-10-12 10:49	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2014-10-12 10:49 . 2014-10-12 10:49	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2014-10-12 10:48 . 2014-10-12 10:48	--------	d-----w-	c:\users\NABIL\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-10-12 10:48 . 2014-10-12 10:50	--------	d-----w-	c:\users\NABIL\AppData\Roaming\Panda Security
2014-10-12 10:48 . 2014-10-12 10:50	--------	d-----w-	c:\program files (x86)\Panda Security
2014-10-12 10:48 . 2014-10-12 10:50	--------	d-----w-	c:\programdata\Panda Security
2014-10-12 10:08 . 2011-02-18 14:07	447752	----a-w-	c:\windows\SysWow64\vp6vfw.dll
2014-10-12 10:00 . 2014-10-12 10:00	--------	d-----w-	c:\program files (x86)\Microsoft
2014-10-11 21:28 . 2014-11-08 04:10	--------	d-----w-	c:\program files (x86)\LPT
2014-10-11 21:27 . 2014-11-08 04:10	--------	d-----w-	c:\users\NABIL\AppData\Local\LPT
2014-10-11 18:12 . 2014-10-11 18:12	1539488	----a-w-	c:\users\NABIL\AppData\Roaming\GOO.exe
2014-10-11 18:11 . 2014-10-11 18:11	--------	d-----w-	c:\users\NABIL\AppData\Local\globalUpdate
2014-10-11 18:11 . 2014-10-11 18:11	--------	d-----w-	c:\program files (x86)\globalUpdate
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-04 13:30 . 2010-11-21 03:27	275080	------w-	c:\windows\system32\MpSigStub.exe
2014-10-16 01:00 . 2014-03-05 20:02	103265616	----a-w-	c:\windows\system32\MRT.exe
2014-10-15 17:21 . 2014-09-24 02:19	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-09-30 02:35 . 2014-08-29 02:29	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-09-30 02:35 . 2014-08-29 02:29	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-09-26 04:08 . 2014-09-10 01:34	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-09-26 04:08 . 2014-09-10 01:34	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-09-26 04:08 . 2014-08-29 02:28	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-09-25 02:08 . 2014-09-30 18:13	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-09-30 18:13	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-15 22:32 . 2014-09-15 22:32	128384	----a-w-	c:\windows\system32\amdhcp64.dll
2014-09-15 22:32 . 2014-09-15 22:32	118096	----a-w-	c:\windows\SysWow64\amdhcp32.dll
2014-09-15 22:32 . 2014-09-15 22:32	78432	----a-w-	c:\windows\system32\atimpc64.dll
2014-09-15 22:32 . 2014-09-15 22:32	78432	----a-w-	c:\windows\system32\amdpcom64.dll
2014-09-15 22:32 . 2014-09-15 22:32	71704	----a-w-	c:\windows\SysWow64\atimpc32.dll
2014-09-15 22:32 . 2014-09-15 22:32	71704	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2014-09-15 22:31 . 2013-10-08 14:01	144328	----a-w-	c:\windows\system32\atiuxp64.dll
2014-09-15 22:31 . 2014-05-23 02:28	126848	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2014-09-15 22:31 . 2013-10-08 14:01	118096	----a-w-	c:\windows\system32\atiu9p64.dll
2014-09-15 22:31 . 2013-10-08 14:01	100032	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2014-09-15 22:31 . 2013-10-08 14:01	1335544	----a-w-	c:\windows\system32\aticfx64.dll
2014-09-15 22:31 . 2013-10-08 14:01	1113576	----a-w-	c:\windows\SysWow64\aticfx32.dll
2014-09-15 22:31 . 2013-10-08 14:00	10826488	----a-w-	c:\windows\system32\atidxx64.dll
2014-09-15 22:31 . 2014-05-23 02:27	9254184	----a-w-	c:\windows\SysWow64\atidxx32.dll
2014-09-15 22:31 . 2013-10-08 14:00	7207592	----a-w-	c:\windows\SysWow64\atiumdva.dll
2014-09-15 22:31 . 2013-10-08 14:00	7028336	----a-w-	c:\windows\SysWow64\atiumdag.dll
2014-09-15 22:31 . 2013-10-08 14:00	8044976	----a-w-	c:\windows\system32\atiumd6a.dll
2014-09-15 22:31 . 2013-10-08 14:00	8296296	----a-w-	c:\windows\system32\atiumd64.dll
2014-09-15 22:29 . 2014-09-15 22:29	293088	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2014-09-15 22:26 . 2014-09-15 22:26	16750080	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2014-09-15 22:18 . 2014-09-15 22:18	235008	----a-w-	c:\windows\system32\clinfo.exe
2014-09-15 22:18 . 2014-09-15 22:18	98816	----a-w-	c:\windows\system32\OpenVideo64.dll
2014-09-15 22:17 . 2014-09-15 22:17	83456	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2014-09-15 22:17 . 2014-09-15 22:17	86528	----a-w-	c:\windows\system32\OVDecode64.dll
2014-09-15 22:17 . 2014-09-15 22:17	73216	----a-w-	c:\windows\SysWow64\OVDecode.dll
2014-09-15 22:17 . 2014-09-15 22:17	33867264	----a-w-	c:\windows\system32\amdocl64.dll
2014-09-15 22:17 . 2014-09-15 22:17	28770304	----a-w-	c:\windows\SysWow64\amdocl.dll
2014-09-15 22:16 . 2014-09-15 22:16	65024	----a-w-	c:\windows\system32\OpenCL.dll
2014-09-15 22:16 . 2014-09-15 22:16	58880	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-09-15 22:13 . 2014-09-15 22:13	27918336	----a-w-	c:\windows\system32\atio6axx.dll
2014-09-15 22:09 . 2014-09-15 22:09	48128	----a-w-	c:\windows\system32\amdmmcl6.dll
2014-09-15 22:09 . 2014-09-15 22:09	37888	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2014-09-15 22:09 . 2014-09-15 22:09	127488	----a-w-	c:\windows\system32\mantle64.dll
2014-09-15 22:09 . 2014-09-15 22:09	113664	----a-w-	c:\windows\SysWow64\mantle32.dll
2014-09-15 22:09 . 2014-09-15 22:09	5639168	----a-w-	c:\windows\system32\amdmantle64.dll
2014-09-15 22:08 . 2014-09-15 22:08	23375360	----a-w-	c:\windows\SysWow64\atioglxx.dll
2014-09-15 22:07 . 2014-09-15 22:07	367104	----a-w-	c:\windows\system32\atiapfxx.exe
2014-09-15 22:07 . 2014-09-15 22:07	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2014-09-15 22:07 . 2014-09-15 22:07	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2014-09-15 22:07 . 2014-09-15 22:07	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2014-09-15 22:07 . 2014-09-15 22:07	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2014-09-15 22:07 . 2014-09-15 22:07	15716352	----a-w-	c:\windows\system32\aticaldd64.dll
2014-09-15 22:06 . 2014-09-15 22:06	14302208	----a-w-	c:\windows\SysWow64\aticaldd.dll
2014-09-15 22:05 . 2014-09-15 22:05	4480000	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2014-09-15 22:03 . 2013-10-08 12:54	442368	----a-w-	c:\windows\system32\atidemgy.dll
2014-09-15 22:03 . 2014-09-15 22:03	31232	----a-w-	c:\windows\system32\atimuixx.dll
2014-09-15 22:03 . 2014-09-15 22:03	619008	----a-w-	c:\windows\system32\atieclxx.exe
2014-09-15 22:03 . 2014-09-15 22:03	239616	----a-w-	c:\windows\system32\atiesrxx.exe
2014-09-15 22:03 . 2014-09-15 22:03	91648	----a-w-	c:\windows\system32\mantleaxl64.dll
2014-09-15 22:03 . 2014-09-15 22:03	85504	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2014-09-15 22:03 . 2014-09-15 22:03	190976	----a-w-	c:\windows\system32\atitmm64.dll
2014-09-15 22:00 . 2014-09-15 22:00	95744	----a-w-	c:\windows\system32\amdave64.dll
2014-09-15 22:00 . 2014-09-15 22:00	90112	----a-w-	c:\windows\SysWow64\amdave32.dll
2014-09-15 21:59 . 2014-09-15 21:59	89088	----a-w-	c:\windows\system32\atisamu64.dll
2014-09-15 21:59 . 2014-09-15 21:59	80896	----a-w-	c:\windows\SysWow64\atisamu32.dll
2014-09-15 21:59 . 2014-09-15 21:59	827392	----a-w-	c:\windows\system32\coinst_14.30.dll
2014-09-15 21:59 . 2013-10-08 12:28	1210880	----a-w-	c:\windows\system32\atiadlxx.dll
2014-09-15 21:59 . 2014-05-23 01:12	900608	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2014-09-15 21:59 . 2014-09-15 21:59	75264	----a-w-	c:\windows\system32\atig6pxx.dll
2014-09-15 21:59 . 2014-09-15 21:59	69632	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2014-09-15 21:59 . 2014-09-15 21:59	69632	----a-w-	c:\windows\system32\atiglpxx.dll
2014-09-15 21:59 . 2014-09-15 21:59	146944	----a-w-	c:\windows\system32\atig6txx.dll
2014-09-15 21:59 . 2014-09-15 21:59	133632	----a-w-	c:\windows\SysWow64\atigktxx.dll
2014-09-15 21:59 . 2014-09-15 21:59	576000	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2014-09-15 21:58 . 2014-09-15 21:58	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2014-09-15 16:21 . 2014-09-15 16:21	51200	----a-w-	c:\windows\system32\kdbsdk64.dll
2014-09-15 16:19 . 2014-09-15 16:19	38912	----a-w-	c:\windows\SysWow64\kdbsdk32.dll
2014-09-09 22:11 . 2014-09-24 03:19	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 03:19	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-08-23 02:07 . 2014-08-28 10:15	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 10:15	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-16 08:46 . 2014-08-16 08:46	687	----a-w-	C:\awh5A77.tmp
2014-08-13 15:30 . 2014-08-13 15:30	687	----a-w-	C:\awhC16A.tmp
2014-08-13 14:30 . 2014-08-13 14:30	687	----a-w-	C:\awhC551.tmp
2014-08-11 22:22 . 2014-08-11 22:22	687	----a-w-	C:\awhDA41.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-09-16 11:57	1729232	----a-w-	c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-09-16 11:57	1729232	----a-w-	c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-09-16 11:57	1729232	----a-w-	c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE" [2013-01-24 297024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"emsisoft anti-malware"="c:\program files (x86)\emsisoft anti-malware\a2guard.exe" [2014-10-13 4873248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sdnclean64.exe\0aswBoot.exe /M:576a9e96 /wow /dir:C:\Program
.
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe  [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [x]
S1 a2injectiondriver;a2injectiondriver;c:\program files (x86)\Emsisoft Anti-Malware\a2dix64.sys;c:\program files (x86)\Emsisoft Anti-Malware\a2dix64.sys [x]
S1 a2util;a-squared Malware-IDS utility driver;c:\program files (x86)\Emsisoft Anti-Malware\a2util64.sys;c:\program files (x86)\Emsisoft Anti-Malware\a2util64.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 a2AntiMalware;Emsisoft Protection Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x]
S2 Asus Product Register Service;Asus Product Register Service;c:\program files (x86)\ASUS\APRP\AsusProductRegisterService.exe;c:\program files (x86)\ASUS\APRP\AsusProductRegisterService.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - avc3
*Deregistered* - BDVEDISK
*Deregistered* - gzflt
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-28 19:37	1089352	----a-w-	c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-19 01:04]
.
2014-11-09 c:\windows\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2014-05-21 23:20]
.
2014-11-09 c:\windows\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2014-05-21 23:20]
.
2014-11-09 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-11 18:11]
.
2014-11-09 c:\windows\Tasks\GOO.job
- c:\users\NABIL\AppData\Roaming\GOO.exe [2014-10-11 18:12]
.
2014-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-25 16:03]
.
2014-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-25 16:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-09-16 11:53	2334416	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-09-16 11:53	2334416	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-09-16 11:53	2334416	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68
mStart Page = hxxp://www.mystartsearch.com/?type=hp&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68&q={searchTerms}
mDefault_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68
mDefault_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68&q={searchTerms}
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:49245;https=127.0.0.1:49245
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82L-jjqNsntcc1QYiEBexLYhkF5VYnmuj-z1AHN5bC91-jkDLamPRxFRjURvf_MNff4p9OOUKPqB4jctylTcnPVm9v5-VxCItCaUQ-QxcoxDQXyCG_UZE9VcZiqW14x2oGZT0smWZVEfTfoq2dQJm5-g25b0Z9naVcQRmQ,,&q={searchTerms}
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: NameServer = 208.67.222.222 208.67.220.220
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{11111111-1111-1111-1111-110611171196} - c:\program files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho.dll
BHO-{b7b6b079-f2f7-452e-99da-9e9bb57217fe} - (no file)
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
BHO-{31ad400d-1b06-4e33-a59a-90c2c140cba0} - (no file)
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-L.A. Noire The Complete Edition_is1 - m:\program files (x86)\L.A. Noire The Complete Edition\unins000.exe
AddRemove-RocketTab - c:\program files (x86)\RocketTab\uninstall.exe
AddRemove-SmartSaver+ 15 - c:\program files (x86)\SmartSaver+ 15\Uninstall.exe
AddRemove-The SIMS 4 Deluxe Edition_is1 - c:\program files (x86)\The SIMS 4 Deluxe Edition\unins000.exe
AddRemove-WindowsMangerProtect - c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ed,9d,4b,9a,a5,db,89,4c,ba,e9,87,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ed,9d,4b,9a,a5,db,89,4c,ba,e9,87,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\APRP\APRP.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-11-09  16:56:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-11-09 15:56
.
Vor Suchlauf: 6.055.546.880 Bytes frei
Nach Suchlauf: 5.301.280.768 Bytes frei
.
- - End Of File - - FD3CBC6B18CAE0D19743DFE62B5BAE2E
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 09.11.2014, 16:03   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange! [gelöst]



Adware/Junkware/Toolbars entfernen

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.11.2014, 16:33   #11
nabil21
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange! [gelöst]



Hier die Logdatei vom Cleaner

Code:
ATTFilter
# AdwCleaner v4.100 - Bericht erstellt am 09/11/2014 um 17:15:41
# DB v2014-11-07.1
# Aktualisiert 08/11/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : NABIL - NABIL-PC
# Gestartet von : C:\Users\NABIL\Desktop\AdwCleaner_4.100.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : globalUpdatem

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\f3590ad02d4f9c26
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\LPT
Ordner Gelöscht : C:\Program Files (x86)\RocketTab
Ordner Gelöscht : C:\Users\NABIL\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\NABIL\AppData\Local\LPT
Ordner Gelöscht : C:\Users\NABIL\AppData\Local\RocketTab
Ordner Gelöscht : C:\Users\NABIL\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\NABIL\AppData\Roaming\mystartsearch
Datei Gelöscht : C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : globalUpdateUpdateTaskMachineCore
Task Gelöscht : RocketTab Update Task
Task Gelöscht : RocketTab

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\NABIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\NABIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verknüpfung Desinfiziert : C:\Users\NABIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\NABIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\NABIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171196}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172296}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175596}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176696}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171196}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172296}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175596}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176696}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\RocketTabInstalled
Schlüssel Gelöscht : HKCU\Software\Search Extensions
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\RocketTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\TrustMediaViewerV1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v38.0.2125.111

[C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M34E514AE-E9DE-430E-AA3F-0FD5E7F2E11F&SearchSource=58&CUI=&UM=5&UP=SP78E93C3A-BBAD-4A6E-A2B3-4A694CEC808B&q={searchTerms}&SSPV=
[C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M34E514AE-E9DE-430E-AA3F-0FD5E7F2E11F&SearchSource=58&CUI=&UM=5&UP=SP78E93C3A-BBAD-4A6E-A2B3-4A694CEC808B&q={searchTerms}&SSPV=
[C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68&q={searchTerms}
[C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68&q={searchTerms}

-\\ Chromium v

[C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M34E514AE-E9DE-430E-AA3F-0FD5E7F2E11F&SearchSource=58&CUI=&UM=5&UP=SP78E93C3A-BBAD-4A6E-A2B3-4A694CEC808B&q={searchTerms}&SSPV=
[C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M34E514AE-E9DE-430E-AA3F-0FD5E7F2E11F&SearchSource=58&CUI=&UM=5&UP=SP78E93C3A-BBAD-4A6E-A2B3-4A694CEC808B&q={searchTerms}&SSPV=
[C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68&q={searchTerms}
[C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1413111031&from=smt&uid=ST2000DM001-1CH164_Z1E54Z68XXXXZ1E54Z68&q={searchTerms}

*************************

AdwCleaner[R1].txt - [15609 octets] - [09/11/2014 17:14:51]
AdwCleaner[S1].txt - [15463 octets] - [09/11/2014 17:15:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15524 octets] ##########
         

Hier die Logdatei vom Junkware Removal Tool:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Professional x64
Ran by NABIL on 09.11.2014 at 17:35:26,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b7b6b079-f2f7-452e-99da-9e9bb57217fe}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{b7b6b079-f2f7-452e-99da-9e9bb57217fe}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b7b6b079-f2f7-452e-99da-9e9bb57217fe}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{b7b6b079-f2f7-452e-99da-9e9bb57217fe}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.11.2014 at 17:38:54,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

und von Frst die Log datei und die Addition:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Professional x64
Ran by NABIL on 09.11.2014 at 17:35:26,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b7b6b079-f2f7-452e-99da-9e9bb57217fe}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{b7b6b079-f2f7-452e-99da-9e9bb57217fe}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b7b6b079-f2f7-452e-99da-9e9bb57217fe}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{b7b6b079-f2f7-452e-99da-9e9bb57217fe}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.11.2014 at 17:38:54,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014
Ran by NABIL at 2014-11-09 17:46:42
Running from C:\Users\NABIL\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Anti-Malware (Disabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06 (HKLM-x32\...\Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06) (Version:  - )
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\GOGPACKBROKENSWORD5EP1EP2_is1) (Version: 2.0.0.2 - GOG.com)
Bully Scholarship Edition (HKLM-x32\...\InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}) (Version: 1.00.0154 - Ihr Firmenname)
Bully Scholarship Edition (x32 Version: 1.00.0154 - Ihr Firmenname) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.1.8 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.8 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DAEMON Tools Packages (HKCU\...\DAEMON Tools Packages) (Version:  - ) <==== ATTENTION
Druckerdeinstallation für EPSON XP-412 413 415 Series (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Audio Converter version 5.0.43.605 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.43.605 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Harry Potter und der Orden des Phönix™ (HKLM-x32\...\{B69F28DF-CBB1-41B7-008A-210E4D0518FC}) (Version:  - )
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
L.A. Noire The Complete Edition Version 1.3.2617 (HKLM-x32\...\L.A. Noire The Complete Edition_is1) (Version: 1.3.2617 - Rockstar Games)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (HKLM\...\{3C28BFD4-90C7-3138-87EF-418DC16E9598}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (HKLM\...\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (HKLM-x32\...\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (HKLM-x32\...\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}) (Version: 11.0.51106 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Murdered: Soul Suspect (HKLM-x32\...\{98B68ADF-BED8-4F73-AA8A-B0236D547574}_is1) (Version: 1.0 - Eidos Interactive)
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ATTENTION
Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst (HKLM-x32\...\Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst_is1) (Version:  - )
Naruto Shippuden Ultimate Ninja Storm Revolution (HKLM-x32\...\Naruto Shippuden Ultimate Ninja Storm Revolution_is1) (Version:  - )
Nero 2014 (HKLM-x32\...\{A618CE26-1E36-4FA4-A1F4-D079DC6022B8}) (Version: 15.0.08500 - Nero AG)
Nero Burning ROM 2014 (HKLM-x32\...\{A4DC74AA-F4DF-48B9-AA4B-C30CA0DBCA33}) (Version: 15.0.04600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.0 - Tracker Software Products Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Saints Row IV Game of the Century Edition 1.0 (HKLM-x32\...\Saints Row IV Game of the Century Edition 1.0) (Version:  - )
SAMSUNG Android USB Modem Software (HKLM\...\SAMSUNG Android USB Modem) (Version: V5.28.2.1 - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SmartSaver+ 15 (HKLM-x32\...\SmartSaver+ 15) (Version: 1.35.9.29 - smart-saverplus) <==== ATTENTION
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
South Park - The Stick of Truth Version 1.0.1353 (HKLM-x32\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
SSD Tweaker version 3.0.5 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.0.5 - Elpamsoft.com)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
The SIMS 4 Deluxe Edition, версия 1.0 (HKLM-x32\...\The SIMS 4 Deluxe Edition_is1) (Version: 1.0 - )
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version:  - )
Tony Hawk's Pro Skater 2 (HKLM-x32\...\Activision_THPS2UninstallKey) (Version:  - )
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Valiant Hearts: The Great War (HKLM-x32\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Yahoo Community Smartbar Engine (HKCU\...\{5eb5b6cd-f37b-4d75-9f81-cf74e506c74e}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-11-2014 15:51:15 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-09 16:55 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F82604F-B3D0-4C4E-B5FE-7D703CE1EC22} - \GOO No Task File <==== ATTENTION
Task: {2219BAF3-970C-442B-AA03-6D10302BA04F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {238610D6-9699-44BC-A5B0-E5679E67D1A0} - \EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196} No Task File <==== ATTENTION
Task: {27B49083-4E57-43A3-8339-DF6843AB4125} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {341F501E-48C2-4514-9DA5-881E88F866FF} - \EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196} No Task File <==== ATTENTION
Task: {4624FBD3-1D5F-4E4A-8396-CB978A1BD656} - \IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon No Task File <==== ATTENTION
Task: {5AD867B7-969A-4C8E-838F-142BDF03A379} - \{B35262DE-0950-4BEA-9A58-BE682D815EEE} No Task File <==== ATTENTION
Task: {5D4784AA-3D2A-47D1-AA9E-FA412CD8B09C} - \{3A70AE66-2161-45F1-BC81-E4451C4BF737} No Task File <==== ATTENTION
Task: {6B05F11A-0FAA-459F-8398-5A68E112F578} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-25] (Google Inc.)
Task: {7736A164-4121-4B69-B310-4F3CDF31E690} - \{F61289EF-9E48-408A-9F0F-A38888488027} No Task File <==== ATTENTION
Task: {77C747D9-C6AA-4A9E-A75D-25ACB3C35BF7} - \{ED28B8C6-213A-407F-A2A3-4DA0C0FE19D2} No Task File <==== ATTENTION
Task: {876EA98A-187D-4A26-8183-339326B7D990} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-25] (Google Inc.)
Task: {948479EC-5D12-420E-BF1B-55B1953E3A14} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {AAA14B36-E703-45C3-A4C9-2E289BD112BC} - \{2E26820B-A83B-49A3-ADCC-EA6C07463424} No Task File <==== ATTENTION
Task: {B6FB57AF-5104-4E12-9FD5-88D761B2AED5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C73C890A-65BB-4592-9041-E69B1F9BC14A} - \Adobe-Online-Aktualisierungsprogramm No Task File <==== ATTENTION
Task: {D51162AA-E1CD-4B81-8553-8DBAB2655E92} - \{38EEE14A-0C6A-49CC-A422-EC4827DFABC8} No Task File <==== ATTENTION
Task: {DBCCFDB7-E380-42A4-82BA-B20BC69765B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E468E327-3D33-44C1-B90F-CD9AC9587272} - \IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\Windows\Tasks\GOO.job => C:\Users\NABIL\AppData\Roaming\GOO.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2012-09-11 16:27 - 2012-09-11 16:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2014-11-08 03:57 - 2014-10-06 17:43 - 00775400 _____ () C:\Program Files (x86)\Emsisoft Anti-Malware\fw32.dll
2013-10-05 02:02 - 2013-03-12 12:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-09-10 10:37 - 2012-09-10 10:37 - 00192512 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2012-09-27 10:08 - 2012-09-27 10:08 - 00049152 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 20:38 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\NABIL\Downloads\ac3filter_2_6_0b.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\amddriverdownloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\AW Bewerbung.eml:OECustomProperty
AlternateDataStreams: C:\Users\NABIL\Downloads\CrystalDiskInfo6_1_8-en.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\Dropbox - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\everesthome220.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\FreeYouTubeToMP3Converter (2).exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\OriginThinSetup.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\Samsung Android USB Composite Device Treiber - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\Samsung Kies - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\SoftonicDownloader_fuer_ac3filter.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\UseNeXTSetup_5.62.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\WebInstallerJD2_c.exe:BDU
AlternateDataStreams: C:\Users\NABIL\Downloads\WinZip175_mfse_fah.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

========================= Accounts: ==========================

Administrator (S-1-5-21-225648569-1694930765-1264359465-500 - Administrator - Disabled)
asd (S-1-5-21-225648569-1694930765-1264359465-1004 - Administrator - Enabled)
Gast (S-1-5-21-225648569-1694930765-1264359465-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-225648569-1694930765-1264359465-1002 - Limited - Enabled)
NABIL (S-1-5-21-225648569-1694930765-1264359465-1000 - Administrator - Enabled) => C:\Users\NABIL

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: BitDefender Firewall NDIS 6 Filter Driver
Description: BitDefender Firewall NDIS 6 Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BdfNdisf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-09 16:54:16.419
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-09 16:54:16.387
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-19 14:50:13.492
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\NABIL\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-19 14:50:13.476
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\NABIL\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-19 14:50:13.433
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-19 14:50:13.417
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 25%
Total physical RAM: 8111.47 MB
Available physical RAM: 6078.39 MB
Total Pagefile: 16221.12 MB
Available Pagefile: 13917.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:12.93 GB) NTFS
Drive d: (PC Receiver) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
Drive f: (MULTIBOOT) (Removable) (Total:1.86 GB) (Free:1.07 GB) FAT32
Drive m: (Volume) (Fixed) (Total:1863.01 GB) (Free:956.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4A40E047)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5AC0E83E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: B0BCD68E)
No partition Table on disk 2.

==================== End Of Log ============================
         

Geändert von nabil21 (09.11.2014 um 16:48 Uhr)

Alt 09.11.2014, 22:09   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange! [gelöst]



FRST.txt fehlt
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.11.2014, 22:35   #13
nabil21
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange! [gelöst]



sorry ist das der richtige?


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014
Ran by NABIL (administrator) on NABIL-PC on 09-11-2014 17:46:30
Running from C:\Users\NABIL\Downloads
Loaded Profile: NABIL (Available profiles: NABIL & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILEE.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4873248 2014-10-13] (Emsisoft GmbH)
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * sdnclean64.exeaswBoot.exe /M:576a9e96 /wow /dir:C:\Program
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:49245;https=127.0.0.1:49245
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F37B658C-DD8B-4CF0-8B0B-6CE9D411B48F}: [NameServer] 208.67.222.222 208.67.220.220

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> m:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release6352.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha206.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ff
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-10-16]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ff [Not Found]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=55&CUI=&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=55&CUI=&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultNewTabURL: Default -> https://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SAT=CNTS
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-29]
CHR Extension: (YouTube) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-05]
CHR Extension: (Google-Suche) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-05]
CHR Extension: (AdBlock) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-10-25]
CHR Extension: (Google Wallet) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-25]
CHR Extension: (Google Mail) - C:\Users\NABIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-05]
CHR HKLM-x32\...\Chrome\Extension: [dabiojiiidaepijppfchfinldmhhfhok] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ch\RichMediaViewV1release6352.crx []
CHR HKLM-x32\...\Chrome\Extension: [oacphlebognfhmpckkjjgpnlddonanpe] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ch\TrustMediaViewerV1alpha206.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4816568 2014-10-13] (Emsisoft GmbH)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] ()
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-12] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-05-24] ()
S1 BdfNdisf; \??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ISCT; system32\DRIVERS\ISCTD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 17:38 - 2014-11-09 17:38 - 00001289 _____ () C:\Users\NABIL\Desktop\JRT.txt
2014-11-09 17:35 - 2014-11-09 17:35 - 01706808 _____ (Thisisu) C:\Users\NABIL\Downloads\JRT.exe
2014-11-09 17:35 - 2014-11-09 17:35 - 00000000 ____D () C:\Windows\ERUNT
2014-11-09 17:14 - 2014-11-09 17:15 - 00000000 ____D () C:\AdwCleaner
2014-11-09 17:08 - 2014-11-09 17:08 - 02145792 _____ () C:\Users\NABIL\Desktop\AdwCleaner_4.100.exe
2014-11-09 16:56 - 2014-11-09 16:56 - 00036668 _____ () C:\ComboFix.txt
2014-11-09 16:50 - 2014-11-09 16:50 - 00001459 _____ () C:\Users\NABIL\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-11-09 16:49 - 2014-11-09 16:49 - 05593358 ____R (Swearware) C:\Users\NABIL\Desktop\ComboFix.exe
2014-11-09 16:42 - 2014-11-09 16:56 - 00000000 ____D () C:\Qoobox
2014-11-09 16:42 - 2014-11-09 16:55 - 00000000 ____D () C:\Windows\erdnt
2014-11-09 16:42 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-09 16:42 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-09 16:42 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-09 16:42 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-09 16:42 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-09 16:42 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-09 16:42 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-09 16:42 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-09 14:58 - 2014-11-09 17:46 - 00016900 _____ () C:\Users\NABIL\Downloads\FRST.txt
2014-11-09 14:58 - 2014-11-09 14:58 - 00037060 _____ () C:\Users\NABIL\Downloads\Addition.txt
2014-11-09 14:57 - 2014-11-09 17:46 - 00000000 ____D () C:\FRST
2014-11-09 14:57 - 2014-11-09 14:57 - 02115584 _____ (Farbar) C:\Users\NABIL\Downloads\FRST64.exe
2014-11-08 05:13 - 2014-11-08 05:13 - 00001704 _____ () C:\EamClean.log
2014-11-08 04:40 - 2014-11-08 04:40 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-11-08 03:57 - 2014-11-09 17:30 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-08 03:57 - 2014-11-08 03:57 - 00001091 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-11-08 03:57 - 2014-11-08 03:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-11-08 03:54 - 2014-11-08 03:54 - 161707240 _____ (Emsisoft GmbH ) C:\Users\NABIL\Downloads\EmsisoftAntiMalwareSetup.exe
2014-11-04 23:24 - 2014-11-04 23:24 - 10255080 _____ (Lavalys, Inc. ) C:\Users\NABIL\Downloads\everestultimate550.exe
2014-11-04 23:24 - 2014-11-04 23:24 - 00001122 _____ () C:\Users\NABIL\Desktop\EVEREST Ultimate Edition.lnk
2014-11-04 23:13 - 2014-11-04 23:13 - 05378177 _____ () C:\Users\NABIL\Downloads\p95v285.win64.zip
2014-11-01 22:48 - 2014-11-01 22:48 - 00000000 ____D () C:\Users\NABIL\Desktop\Shaders
2014-11-01 22:47 - 2014-11-09 17:16 - 00324592 _____ () C:\Windows\PFRO.log
2014-11-01 22:10 - 2014-11-01 22:10 - 00002136 _____ () C:\Users\NABIL\Desktop\Bully.lnk
2014-11-01 21:50 - 2014-11-01 21:52 - 00000000 ____D () C:\Users\NABIL\Documents\Bully Scholarship Edition
2014-11-01 21:40 - 2014-11-01 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-11-01 21:33 - 2014-11-01 21:34 - 00017513 _____ () C:\Windows\DirectX.log
2014-10-27 15:08 - 2014-10-27 15:09 - 00043928 _____ () C:\Users\NABIL\AppData\Roaming\test.jar
2014-10-26 00:00 - 2014-11-09 17:16 - 00254773 _____ () C:\Windows\setupact.log
2014-10-26 00:00 - 2014-10-26 00:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-22 04:32 - 2014-10-22 04:32 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-22 04:32 - 2014-10-22 04:32 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-20 13:34 - 2014-11-08 05:13 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-20 13:34 - 2014-10-20 13:34 - 130462856 _____ (AVAST Software) C:\Users\NABIL\Downloads\avast_free_antivirus_setup-rc2.exe
2014-10-20 13:26 - 2014-10-20 13:26 - 00000000 ____D () C:\Windows\pss
2014-10-20 13:25 - 2014-10-20 13:25 - 00092484 _____ () C:\Users\NABIL\Documents\cc_20141020_142507.reg
2014-10-20 13:23 - 2014-10-20 13:23 - 03836936 _____ (Piriform Ltd) C:\Users\NABIL\Downloads\ccsetup418_slim.exe
2014-10-16 00:12 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 00:12 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 00:12 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 00:12 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 00:12 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 00:12 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 00:12 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 00:12 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 00:12 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 00:12 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 00:12 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 00:12 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 00:12 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 00:12 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 00:12 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 00:12 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 00:12 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 00:12 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 00:12 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 00:12 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 00:12 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 00:12 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 00:12 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 00:12 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 00:12 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 00:12 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 00:12 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 00:12 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 00:12 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 00:12 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 00:12 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 00:12 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 00:12 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 00:12 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 00:12 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 00:12 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 00:12 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 00:12 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 00:12 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 00:12 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 00:12 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 00:12 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 00:12 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 00:12 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 00:12 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 00:12 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 00:12 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 00:12 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 00:12 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 00:12 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 00:12 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 00:12 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 00:12 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 00:12 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 00:12 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 00:12 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 00:12 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 00:12 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 00:12 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 00:12 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 00:12 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 00:12 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 00:12 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 00:11 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 00:11 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 00:11 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 00:11 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 00:11 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 00:11 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 00:11 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 00:11 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 00:11 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 00:11 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 00:11 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-12 17:51 - 2014-10-12 17:52 - 97307499 _____ () C:\Users\NABIL\Downloads\The.Sims.4.Update.3.and.Crack.v7.rar
2014-10-12 17:36 - 2014-10-21 02:28 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\Win Update
2014-10-12 11:57 - 2014-10-12 11:57 - 00000000 ____D () C:\Users\NABIL\Documents\CAPCOM
2014-10-12 11:55 - 2014-10-12 11:55 - 00000599 _____ () C:\Users\Public\Desktop\Ultra Street Fighter IV.lnk
2014-10-12 11:55 - 2014-10-12 11:55 - 00000599 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra Street Fighter IV.lnk
2014-10-12 11:50 - 2014-10-12 11:50 - 00001950 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-10-12 11:49 - 2014-10-12 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-10-12 11:49 - 2014-10-12 11:49 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-10-12 11:49 - 2014-10-12 11:49 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-10-12 11:48 - 2014-10-12 11:50 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\Panda Security
2014-10-12 11:48 - 2014-10-12 11:50 - 00000000 ____D () C:\ProgramData\Panda Security
2014-10-12 11:48 - 2014-10-12 11:50 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-10-12 11:48 - 2014-10-12 11:48 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-10-12 11:47 - 2014-10-12 11:47 - 00765768 _____ ( ) C:\Users\NABIL\Downloads\DTLite4491-0356_inst.exe
2014-10-12 11:08 - 2011-02-18 15:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-10-11 22:28 - 2014-11-09 17:31 - 00001354 _____ () C:\Users\NABIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-11 21:28 - 2012-12-10 15:21 - 00163376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-10-11 21:28 - 2012-11-26 10:10 - 00221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2014-10-11 21:28 - 2012-07-06 19:03 - 00617816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2014-10-11 21:28 - 2012-05-02 10:17 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2014-10-11 21:28 - 2011-01-12 12:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71deu.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71ita.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71fra.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71esp.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71enu.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71kor.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71jpn.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71cht.dll
2014-10-11 21:28 - 2011-01-12 12:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71chs.dll
2014-10-11 21:28 - 2011-01-12 12:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-10-11 21:28 - 2011-01-12 11:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2014-10-11 21:28 - 2010-02-16 13:22 - 00659264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00443488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshflxgd.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00415552 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00278352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00258880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00252240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00222528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00218432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00215880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00178512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00170080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2014-10-11 21:28 - 2010-02-16 13:22 - 00126800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00119616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00107840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
2014-10-11 21:28 - 2010-02-16 13:22 - 00100160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2014-10-11 21:28 - 2010-02-16 13:22 - 00080208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2014-10-11 21:28 - 2007-02-01 21:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-10-11 21:28 - 2007-02-01 18:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-10-11 21:28 - 2007-01-30 21:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-10-11 21:28 - 2006-08-25 23:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2014-10-11 21:28 - 2006-08-25 23:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2014-10-11 21:28 - 2006-08-25 23:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2014-10-11 21:28 - 2006-08-25 22:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2014-10-11 21:28 - 2006-04-10 12:41 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl32.ocx
2014-10-11 21:28 - 2005-01-20 18:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2014-10-11 21:28 - 2002-01-05 04:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
2014-10-11 21:28 - 2001-08-22 23:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-10-11 21:28 - 1996-01-12 02:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb40032.dll
2014-10-11 21:28 - 1993-07-23 18:31 - 00210944 _____ () C:\Windows\SysWOW64\msvcrt10.dll
2014-10-11 21:24 - 2014-10-11 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
2014-10-11 19:12 - 2014-11-09 17:30 - 00001332 _____ () C:\Windows\Tasks\GOO.job
2014-10-11 19:12 - 2014-10-11 19:12 - 01539488 _____ (smart-saverplus) C:\Users\NABIL\AppData\Roaming\GOO.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 17:37 - 2013-10-25 17:03 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 17:30 - 2013-10-25 17:03 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 17:26 - 2014-05-21 12:26 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job
2014-11-09 17:26 - 2014-05-21 12:26 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job
2014-11-09 17:23 - 2009-07-14 05:45 - 00038848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 17:23 - 2009-07-14 05:45 - 00038848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 17:20 - 2014-03-05 20:00 - 01372668 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 17:20 - 2010-11-21 07:50 - 00700130 _____ () C:\Windows\system32\perfh007.dat
2014-11-09 17:20 - 2010-11-21 07:50 - 00149768 _____ () C:\Windows\system32\perfc007.dat
2014-11-09 17:20 - 2009-07-14 06:13 - 01622706 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 17:16 - 2013-10-19 02:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 17:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 17:15 - 2014-03-05 20:04 - 00000995 _____ () C:\Users\NABIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-09 17:15 - 2013-10-25 17:03 - 00001278 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-09 17:15 - 2013-10-25 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-09 16:56 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-09 16:55 - 2009-07-14 03:34 - 92012544 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-11-09 16:55 - 2009-07-14 03:34 - 21495808 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-11-09 16:55 - 2009-07-14 03:34 - 04980736 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-11-09 16:55 - 2009-07-14 03:34 - 00028672 _____ () C:\Windows\system32\config\SAM.bak
2014-11-09 16:55 - 2009-07-14 03:34 - 00024576 _____ () C:\Windows\system32\config\SECURITY.bak
2014-11-09 16:55 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-09 16:54 - 2013-11-06 20:41 - 00000000 ____D () C:\Program Files (x86)\PSupport
2014-11-09 16:54 - 2009-07-14 03:34 - 44040192 _____ () C:\Windows\system32\config\COMPONENTS.bak
2014-11-09 16:50 - 2009-07-14 06:08 - 00023562 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-08 05:10 - 2014-07-07 14:26 - 00000000 ____D () C:\Program Files (x86)\Valiant Hearts The Great War
2014-11-08 03:53 - 2014-05-07 16:50 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-11-04 23:24 - 2013-11-19 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2014-11-04 23:24 - 2013-11-19 14:50 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-04 02:30 - 2013-10-25 15:49 - 00000000 ____D () C:\Users\NABIL\AppData\Local\Microsoft Help
2014-11-02 15:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-01 21:51 - 2014-03-19 16:30 - 00000000 ____D () C:\Users\NABIL\AppData\Local\JDownloader 2.0
2014-11-01 21:50 - 2013-10-05 03:21 - 00000000 ____D () C:\Users\NABIL\AppData\Local\VirtualStore
2014-11-01 21:40 - 2013-10-05 02:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-01 21:35 - 2014-07-07 14:09 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-11-01 21:32 - 2013-10-05 03:37 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\DAEMON Tools Lite
2014-11-01 21:31 - 2014-05-28 00:57 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\Raptr
2014-10-31 03:17 - 2013-10-19 23:37 - 00130925 _____ () C:\Users\NABIL\Documents\TombRaider.log
2014-10-31 01:45 - 2014-06-17 22:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-23 18:26 - 2014-06-22 17:34 - 00000000 ____D () C:\Users\NABIL\AppData\Local\Nero
2014-10-23 18:23 - 2013-11-19 23:50 - 00000000 ____D () C:\ProgramData\Origin
2014-10-20 13:24 - 2014-05-23 16:33 - 00000000 ____D () C:\Windows\Minidump
2014-10-20 13:24 - 2014-03-05 19:52 - 00000000 ____D () C:\Windows\Panther
2014-10-20 13:24 - 2013-10-05 17:20 - 00000000 ____D () C:\Users\NABIL\AppData\Local\CrashDumps
2014-10-20 09:33 - 2013-11-19 23:50 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-20 02:00 - 2013-10-25 15:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-20 02:00 - 2013-10-25 15:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 09:52 - 2014-03-05 20:04 - 00111520 _____ () C:\Users\NABIL\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-16 03:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 02:22 - 2009-07-14 05:45 - 00433376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 02:06 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-10-16 02:02 - 2013-10-05 02:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 02:00 - 2014-03-05 21:02 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-12 19:17 - 2013-10-08 20:23 - 00000000 ____D () C:\Users\NABIL\AppData\Roaming\vlc
2014-10-12 18:05 - 2014-08-18 01:41 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-12 17:46 - 2013-11-12 21:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-12 17:45 - 2014-03-17 04:41 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-10-12 10:23 - 2014-08-18 01:42 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

Some content of TEMP:
====================
C:\Users\NABIL\AppData\Local\Temp\Quarantine.exe
C:\Users\NABIL\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 00:26

==================== End Of Log ============================
         
--- --- ---

Alt 09.11.2014, 22:47   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange! [gelöst]



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyServer: http=127.0.0.1:49245;https=127.0.0.1:49245
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6352\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha206\ff [Not Found]
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=55&CUI=&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=55&CUI=&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultNewTabURL: Default -> https://www.trovi.com/?gd=&ctid=CT3326303&octid=EB_ORIGINAL_CTID&ISID=M94508079-98E9-448A-9B03-6FACE64A9248&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=6&UP=SPB320A8BE-0BEC-45B8-AF16-31AABDFC43EB&SAT=CNTS
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
C:\Users\NABIL\Downloads\p95v285.win64.zip
C:\Users\NABIL\Downloads\The.Sims.4.Update.3.and.Crack.v7.rar
C:\Users\NABIL\AppData\Roaming\0F1L1I1P0H1L1E1E1F
C:\Users\NABIL\Downloads\DTLite4491-0356_inst.exe
C:\Windows\Tasks\GOO.job
C:\Users\NABIL\AppData\Roaming\GOO.exe
Task: {0F82604F-B3D0-4C4E-B5FE-7D703CE1EC22} - \GOO No Task File <==== ATTENTIONTask: {238610D6-9699-44BC-A5B0-E5679E67D1A0} - \EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196} No Task File <==== ATTENTION
Task: {341F501E-48C2-4514-9DA5-881E88F866FF} - \EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196} No Task File <==== ATTENTION
Task: {4624FBD3-1D5F-4E4A-8396-CB978A1BD656} - \IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon No Task File <==== ATTENTION
Task: {5AD867B7-969A-4C8E-838F-142BDF03A379} - \{B35262DE-0950-4BEA-9A58-BE682D815EEE} No Task File <==== ATTENTION
Task: {5D4784AA-3D2A-47D1-AA9E-FA412CD8B09C} - \{3A70AE66-2161-45F1-BC81-E4451C4BF737} No Task File <==== ATTENTION
Task: {7736A164-4121-4B69-B310-4F3CDF31E690} - \{F61289EF-9E48-408A-9F0F-A38888488027} No Task File <==== ATTENTION
Task: {77C747D9-C6AA-4A9E-A75D-25ACB3C35BF7} - \{ED28B8C6-213A-407F-A2A3-4DA0C0FE19D2} No Task File <==== ATTENTION
Task: {948479EC-5D12-420E-BF1B-55B1953E3A14} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {AAA14B36-E703-45C3-A4C9-2E289BD112BC} - \{2E26820B-A83B-49A3-ADCC-EA6C07463424} No Task File <==== ATTENTION
Task: {C73C890A-65BB-4592-9041-E69B1F9BC14A} - \Adobe-Online-Aktualisierungsprogramm No Task File <==== ATTENTION
Task: {D51162AA-E1CD-4B81-8553-8DBAB2655E92} - \{38EEE14A-0C6A-49CC-A422-EC4827DFABC8} No Task File <==== ATTENTION
Task: {E468E327-3D33-44C1-B90F-CD9AC9587272} - \IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GOO.job => C:\Users\NABIL\AppData\Roaming\GOO.exe <==== ATTENTION
EmptyTemp:
Hosts:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.11.2014, 22:57   #15
nabil21
 
Bootzeit von Windows lange! - Standard

Bootzeit von Windows lange! [gelöst]



Edit: einen mom hab da was falsch verstanden.

Wird gleich hinzugefügt.

Antwort

Themen zu Bootzeit von Windows lange!
anleitung, check, daemon tools packages entfernen, desktop, fehlercode 0x5, fehlercode 24, fehlercode 28, fehlercode windows, geschwindigkeit, internet, kopieren, logdatei, minuten, mystartsearch uninstall entfernen, platte, programme, quarantäne, rockettab entfernen, sekunden, smartsaver+ 15 entfernen, this device cannot start. (code10), windowsmangerprotect20.0.0.722 entfernen, yahoo community smartbar entfernen



Ähnliche Themen: Bootzeit von Windows lange!


  1. Windows 7: Bootzeit von 10 Minuten, keine Malware sonder Windows Problem.
    Alles rund um Windows - 10.11.2014 (9)
  2. Windows 7: Bootzeit von 10 Minuten
    Log-Analyse und Auswertung - 10.11.2014 (17)
  3. Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar.
    Plagegeister aller Art und deren Bekämpfung - 05.11.2014 (9)
  4. Windows 7 Rechner braucht zu lange zum Starten
    Alles rund um Windows - 31.08.2014 (25)
  5. WIN XP: extrem lange Bootzeit, NT-AUTORITÄT\SYSTEM-Meldung (RPC) fährt den PC runter
    Log-Analyse und Auswertung - 30.08.2014 (21)
  6. Windows 7: u.A. Lange Bootzeit / Verdächtige Dateien im Ordner Windows/SysWOW64
    Log-Analyse und Auswertung - 23.09.2013 (21)
  7. Lange Bootzeit und ständige Kaspersky 2013 Fehler
    Plagegeister aller Art und deren Bekämpfung - 26.04.2013 (9)
  8. Erstausführung des Rechtsklicks dauert zu lange Windows 8
    Alles rund um Windows - 14.04.2013 (2)
  9. Lange Bootzeit und komisches Verhalten vom PC
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (1)
  10. Lange Bootzeit
    Alles rund um Windows - 13.11.2012 (5)
  11. XP SP3 - Bootzeit wird immer länger
    Alles rund um Windows - 15.09.2012 (1)
  12. Sehr lange Bootzeit von Win 7
    Plagegeister aller Art und deren Bekämpfung - 26.05.2012 (13)
  13. 10 Jahre Windows XP: Der lange Abschied
    Nachrichten - 25.10.2011 (0)
  14. Windows Start dauert sehr lange
    Plagegeister aller Art und deren Bekämpfung - 01.10.2010 (6)
  15. Windows Start dauert lange
    Log-Analyse und Auswertung - 30.01.2009 (0)
  16. PC hat seit kurzem sehr lange bootzeit + dauernde medlungen vom virenscanner
    Log-Analyse und Auswertung - 20.03.2007 (3)
  17. PC braucht lange bis er Windows startet
    Plagegeister aller Art und deren Bekämpfung - 23.08.2006 (6)

Zum Thema Bootzeit von Windows lange! - Hallo bin neu hier im Board Hab ein wenig im Internet geschaut wieso mein Rechner so langsam bootet, zu Anfang hat der Rechner von nicht eingeschalteten Rechner bis zum Desktop - Bootzeit von Windows lange!...
Archiv
Du betrachtest: Bootzeit von Windows lange! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.