Code: Alles auswählenAufklappen

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von NABIL (14-09-2016 17:25:15)
Gestartet von C:\Users\NABIL\Desktop
Windows 10 Pro Version 1511 (X64) (2016-04-30 05:33:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-225648569-1694930765-1264359465-500 - Administrator - Disabled)
asd (S-1-5-21-225648569-1694930765-1264359465-1004 - Administrator - Enabled) => C:\Users\asd
bazet (S-1-5-21-225648569-1694930765-1264359465-1008 - Administrator - Enabled) => C:\Users\bazet
DefaultAccount (S-1-5-21-225648569-1694930765-1264359465-503 - Limited - Disabled)
Gast (S-1-5-21-225648569-1694930765-1264359465-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-225648569-1694930765-1264359465-1002 - Limited - Enabled)
NABIL (S-1-5-21-225648569-1694930765-1264359465-1000 - Administrator - Enabled) => C:\Users\NABIL

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Disabled - Out of date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.426 - ABBYY Production LLC)
Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation)
AMD Catalyst Install Manager (HKLM\...\{14D58A97-B60E-A858-34D8-95469C02F7EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06 (HKLM-x32\...\Assassin's Creed 4 Black Flag Jackdaw Edition MULTI-2 1.06) (Version:  - )
Assassin's Creed Unity Gold Edition MULTi2 1.0 (HKLM-x32\...\Assassin's Creed Unity Gold Edition MULTi2 1.0) (Version:  - )
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
Batman: Arkham Cityâ„¢ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\GOGPACKBROKENSWORD5EP1EP2_is1) (Version: 2.0.0.2 - GOG.com)
Bully - Scholarship Edition (HKLM-x32\...\Bully - Scholarship Edition_is1) (Version:  - )
Call of Duty Black Ops III Version 1.0 (HKLM-x32\...\{322C0A98-947C-4EB4-A48B-C8C818B137C8}_is1) (Version: 1.0 - Activision Blizzard)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - â€*Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.1.8 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.8 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dead or Alive 5 Last Round Version 1.02A u1 (HKLM-x32\...\{344CBB83-6CB8-4B68-ACC0-56C41F292D5B}_is1) (Version: 1.02A u1 - Koei Tecmo)
Deponia The Complete Journey MULTi2 3.3.0155 (HKLM-x32\...\Deponia The Complete Journey MULTi2 3.3.0155) (Version:  - )
Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 13 MULTi2 v1.13.104.1220 (HKLM-x32\...\Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 13 MULTi2 v1.13.104.1220) (Version:  - )
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Emily Wants To Play (HKLM-x32\...\Emily Wants To Play_is1) (Version:  - )
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Epson Benutzerhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Useg) (Version:  - )
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FLV Player (HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\FLV Player) (Version: 1.0 - Somoto Ltd.) <==== ACHTUNG
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Dailymotion Download (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.55.1127 - DVDVideoSoft Ltd.)
Free Driver Scout (HKLM-x32\...\{50a7e828-15d3-40e6-a37d-22d5c5357878}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
HarryPotter und der Stein der Weisen (HKLM-x32\...\HarryPotter und der Stein der Weisen1.1) (Version: 1.1 - TheRaven1)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)
Life is Strange Complete First Season Version 1.0.0.371598 (HKLM-x32\...\{D5DF0D21-62C1-46E0-BD21-4E3DAE94DA32}_is1) (Version: 1.0.0.371598 - Square Enix)
Malwarebytes Anti-Exploit version 1.8.1.2572 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2572 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
Metal Gear Solid 5 The Phantom Pain MULTI8 1.005 (HKLM-x32\...\Metal Gear Solid 5 The Phantom Pain MULTI8 1.005) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mortal Kombat X Premium Edition MULTi2 1.0 (HKLM-x32\...\Mortal Kombat X Premium Edition MULTi2 1.0) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst (HKLM-x32\...\Naruto Shippuden - Ultimate Ninja Storm 3 Full Burst_is1) (Version:  - )
Nero 2014 (HKLM-x32\...\{A618CE26-1E36-4FA4-A1F4-D079DC6022B8}) (Version: 15.0.08500 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero Burning ROM 2014 (HKLM-x32\...\{A4DC74AA-F4DF-48B9-AA4B-C30CA0DBCA33}) (Version: 15.0.04600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nuance Cloud Connector (HKLM-x32\...\{128FBB62-9750-4C08-ABF9-47D73D9A3918}) (Version: 3.2.1084 - Nuance Communications, Inc.)
Nuance OmniPage Ultimate (HKLM-x32\...\{17223DA4-6B76-439E-BD49-5940FAD8AE19}) (Version: 19.16.0000 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM\...\{CB5B66BC-406C-4C1F-913D-A06E83C7CD81}) (Version: 8.20.6418 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM-x32\...\{CB5B66BC-406C-4C1F-913D-A06E83C7CD81}) (Version: 8.20.6418 - Nuance Communications, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 39.0.2256.71 (HKLM-x32\...\Opera 39.0.2256.71) (Version: 39.0.2256.71 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.0 - Tracker Software Products Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Runaway - A Road Adventure (HKLM-x32\...\GOGPACKRUNAWAY_is1) (Version: 2.0.0.3 - GOG.com)
Saints Row IV Game of the Century Edition 1.0 (HKLM-x32\...\Saints Row IV Game of the Century Edition 1.0) (Version:  - )
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Create (x32 Version:  - ) Hidden
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
Sherlock Holmes Crimes and Punishments German Subbed Edition 1.0 (HKLM-x32\...\Sherlock Holmes Crimes and Punishments German Subbed Edition 1.0) (Version:  - )
Sherlock Holmes: The Devil's Daughter (HKLM\...\Steam App 350640) (Version:  - Frogwares)
SiSoftware Sandra Lite 2015.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.27.2015.2 - SiSoftware)
Skypeâ„¢ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Hidden
South Park - The Stick of Truth Version 1.0.1353 (HKLM-x32\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
SSD Tweaker version 3.0.5 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.0.5 - Elpamsoft.com)
Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.0 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
Street Fighter V Deluxe Edition MULTi13 1.0 (HKLM-x32\...\Street Fighter V Deluxe Edition MULTi13 1.0) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Book of Unwritten Tales Collection Version 1.0 (HKLM-x32\...\{552EE0FA-C570-4283-9E79-358A95068DCA}_is1) (Version: 1.0 - Nordic Games)
The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02 (HKLM-x32\...\The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02) (Version:  - )
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version:  - )
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Valiant Hearts: The Great War (HKLM-x32\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Vocalizer (HKLM-x32\...\{7F267540-71F7-4FC0-A39D-DD0206142814}) (Version: 19.16.0000 - Nuance Communications, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare MobileGo(Version 8.2.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.0 - Wondershare)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01955A10-3280-46FE-B295-16984CFF4AB3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0CE42A92-4C76-4FD1-83EE-B48021CBA13F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {163A17B5-F3DE-486E-9FD8-AE460A042434} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\XmasPromote.exe
Task: {1BDC3015-055B-4643-A612-B548F44B3168} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {1D6EAC2C-CCCC-48D3-A9B2-0BF073A859DD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1F55AC57-5BA5-4A77-8512-E48E7F663F7A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {1FA75676-E7D0-44FA-A6E4-D1CC7124E499} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2219BAF3-970C-442B-AA03-6D10302BA04F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {25E967C3-EA75-4CB8-9FCC-0AE64DE1D754} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {2776DC5D-B0AC-4588-AB90-45257F175B71} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {2F910DE1-C01D-4F91-9672-CA57A347D8A0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {30EE4FCD-E88C-4FFB-B957-A3D82F648A03} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {348F3260-4BAE-4743-A9D1-B023A55EE5E3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {37EEDB11-5C90-47E8-B40F-144D8F9FEA33} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {40FCA32E-2588-4671-A0E1-8E12C100365B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5113B6CC-4DE8-44AF-9599-C0219896EAB8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5B6CC23A-D5C6-4522-B4DF-D1F35D4DFA74} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {5EF0F301-E74A-461C-813D-D5298404EB44} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {6B05F11A-0FAA-459F-8398-5A68E112F578} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7499461B-5DC4-4C2A-8990-F17947981EE7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {781B7E50-8B6D-4764-8AFA-46E8C7417708} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {78C2FD3D-5725-47D8-9751-10D343A2894F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7AF61DD3-4CD4-4508-97E1-778984972570} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {7ED06AB3-3419-4D6E-9C9D-0856A9156FF4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7F34203D-7E5A-4698-9622-D093B9BBFA68} - System32\Tasks\{77584C26-73F5-4330-9F49-0396C6D171AE} => pcalua.exe -a C:\Users\NABIL\AppData\Roaming\key-find\UninstallManager.exe -c  -ptid=cvs
Task: {876EA98A-187D-4A26-8183-339326B7D990} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8775F958-4DC9-4F38-82B3-381C6FF519B6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)
Task: {96771FD7-B11F-43D3-B439-011C2B276961} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {97432494-44EB-4E0E-BAB5-1A73A165C1FE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {9CD4DDF6-33D0-4174-A137-9A84D7B4B263} - System32\Tasks\Opera scheduled Autoupdate 1446938337 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-05] (Opera Software)
Task: {A49341F1-6E31-4579-A298-5EEC4CBCDC01} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-09-14] (Microsoft Corporation)
Task: {A7F242A1-2D4C-49E1-A99B-BA4F6A5EE323} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {AB2CC5D3-ADF9-4165-A0D9-A63DBD3260B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {B27D50C5-906A-4AD6-BE29-AAD1BD3EB5D7} - System32\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {CF27364E-6CD6-49E3-BE7A-BDBBAE6AAF2D} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {F9DB0870-59E2-4373-90D5-AE97BB6D64C7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {FCB0CF30-3917-45CE-AA1D-466F4D9E1D17} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {00138945-9C65-4A60-B651-17E309D19196}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{00138945-9C65-4A60-B651-17E309D19196} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {92EF7091-E3AF-4879-84FE-EE26D1C3216F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{92EF7091-E3AF-4879-84FE-EE26D1C3216F} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\NABIL\Desktop\Metal Gear Solid 5 The Phantom Pain TimeZone geändert.lnk -> M:\Program Files (x86)\Metal Gear Solid 5 The Phantom Pain\MGS TimeZone geändert.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2012-09-11 17:27 - 2012-09-11 17:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2016-06-17 22:09 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-08-08 05:03 - 2013-08-08 05:03 - 00222544 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
2016-09-13 22:58 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-13 22:58 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 23:55 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-09-13 22:55 - 2016-09-07 06:15 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-13 22:55 - 2016-09-07 06:10 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-13 22:55 - 2016-09-07 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-13 22:55 - 2016-09-07 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-24 12:51 - 2016-06-24 12:51 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-04-30 10:34 - 2016-04-30 10:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-08-25 17:48 - 2016-08-25 17:48 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
2013-08-08 04:53 - 2013-08-08 04:53 - 00293200 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\sqlite3.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00080208 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\zlib125.dll
2013-08-08 04:53 - 2013-08-08 04:53 - 00016720 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-05-14 19:07 - 2015-11-27 13:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-11-08 01:54 - 2014-10-16 04:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-08 04:54 - 2013-08-08 04:54 - 00158032 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui_GER.dll
2013-08-08 04:57 - 2013-08-08 04:57 - 00252240 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSBr_nuance.dll
2016-08-08 23:33 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-08 23:33 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\AcroTray.deu
2016-04-30 10:34 - 2016-04-30 10:34 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-30 10:34 - 2016-04-30 10:34 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:A303874F [173]
AlternateDataStreams: C:\Users\NABIL\Downloads\amddriverdownloader.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\CrystalDiskInfo6_1_8-en.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\everesthome220.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\UseNeXTSetup_5.62.exe:BDU [0]
AlternateDataStreams: C:\Users\NABIL\Downloads\WebInstallerJD2_c.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7863 mehr Seiten.

IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-225648569-1694930765-1264359465-501\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-08-15 21:49 - 00000064 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-225648569-1694930765-1264359465-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NABIL\Desktop\burj_khalifa_tower_dubai-wide.jpg
HKU\S-1-5-21-225648569-1694930765-1264359465-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\asd\AppData\Local\Microsoft\Windows\Themes\ujzkh.jpg
HKU\S-1-5-21-225648569-1694930765-1264359465-1008\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-225648569-1694930765-1264359465-501\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{278F36E3-E5E5-496D-9967-86C892CB0535}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{61F0B3D8-6E05-4631-B607-765D7888E1B3}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{DFE35632-8DAB-41EB-AA84-01F9977553B9}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{C76F638A-9504-42D7-A763-B3F7C7C77A4D}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{3FA6F97C-FD99-443D-B260-7E179B357C71}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{94D1B07C-EDAF-4C90-8CC3-5785A62BEC09}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{33FC0D78-00E7-4EE7-826F-357D76533C66}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{3191DBD4-99B4-4FA6-94B8-51273941163D}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{188F0954-4EC3-4399-83F6-EE0BF23AE077}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{4C434557-268B-4506-8795-E89E79BDC932}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{022D5197-F34E-469E-AF46-4EBF7D76F20B}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{C19E7C2E-71DE-4E7D-9003-455B4F7AF125}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{8F0D9833-8AF0-4F46-ACA3-C18E8E68626D}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{B2DF9200-F7FB-4ACE-ADFE-93A335FFDED7}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{9132CCF3-4021-44E6-BB4F-750D84997DCE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7C628337-5393-4F4D-8B3A-0FC8A0871292}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03C5A55C-FEDA-4462-B1A6-7A5125C08CD3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E126A09-ED1B-4853-9FD3-7F730C3A7720}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{654A073E-6ED1-4003-8F42-5F7EB86A0D98}M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{C978A76E-96DC-413F-8615-462A2C9BBABF}M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) M:\games\emily wants to play\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{B8231BBE-8C3E-434C-85CD-600F133918B2}C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C1B67484-1EFA-4BCE-BF47-57706EF1AA68}C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\asd\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7EF7F052-A6A9-443E-9F38-54442346F206}M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe] => (Allow) M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [TCP Query User{0D6A2E0E-9E9B-4A8E-822F-36F70C8168E0}M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe] => (Allow) M:\users\nabil\downloads\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [UDP Query User{EEAE159A-8B3C-4675-87AE-3BD636F1750A}C:\program files (x86)\steamless counterstrikesource pack\hl2.exe] => (Block) C:\program files (x86)\steamless counterstrikesource pack\hl2.exe
FirewallRules: [TCP Query User{021BE0C6-E61D-4499-952C-FE8DB4E21874}C:\program files (x86)\steamless counterstrikesource pack\hl2.exe] => (Block) C:\program files (x86)\steamless counterstrikesource pack\hl2.exe
FirewallRules: [{A32FAF58-1412-4155-B798-F363DD50CC08}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{E303A31E-16CA-4844-8AE1-F60109DBA675}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [UDP Query User{600F0A67-9FF7-4CB5-9863-3DF6FF0C2D6B}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe
FirewallRules: [TCP Query User{4EA24165-101E-41CF-9C45-B4F69E5A3C74}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe
FirewallRules: [{50617DBB-D641-4217-B751-BD810DB7F119}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E3DF5FD2-B668-4E3E-9D3E-8E5BB0BF87BA}] => (Allow) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{89114CC2-34F0-4122-B301-61AA4319945F}] => (Allow) M:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2440C70A-7A6B-4B6D-A123-712FBD70A9CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6462BAA3-0284-4552-A8DE-589A37AC6BCE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9852CEB2-2423-4233-B583-35544D84D9A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2215C6AB-62FB-4EEB-8717-07E567C59244}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{51D35BE1-7AFF-4262-BE02-61BD921DF615}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0781B69A-4B35-473F-AB47-89CE6318ED73}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{47FD8685-D285-49CB-ABD0-0977F2F84DD8}M:\games\call of duty black ops iii\blackops3.exe] => (Allow) M:\games\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{20E12BCC-D3DD-4775-BE35-10FF60E010BB}M:\games\call of duty black ops iii\blackops3.exe] => (Allow) M:\games\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{978374A8-AD20-4359-BE77-A67D94DA9896}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{1C42E517-0CBF-4D71-8D85-969177EA4138}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{9558C53E-37FF-45E7-9A8B-1EC4C71880C3}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{0578CCF7-AE1D-4C9C-943C-C69726E231B2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{80785240-54DC-4A65-81ED-4E4E4935CBE0}M:\jdownloader\jre\bin\javaw.exe] => (Allow) M:\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{42847236-F025-4A30-B7B4-2AE9BF5DCCF1}M:\jdownloader\jre\bin\javaw.exe] => (Allow) M:\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1D8D5B98-EB69-4C6A-AC19-F712EFF883CC}M:\jdownloader\jre\bin\java.exe] => (Allow) M:\jdownloader\jre\bin\java.exe
FirewallRules: [UDP Query User{994936E9-37C4-47A0-BDEB-6A846D73F363}M:\jdownloader\jre\bin\java.exe] => (Allow) M:\jdownloader\jre\bin\java.exe
FirewallRules: [{BDBA1559-0767-4003-B9C0-F7E1807BB450}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{054F7E49-BAC3-46B6-B654-491B7FC98899}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{8F4C311D-D711-48C8-8940-A2C3CC194115}M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe] => (Allow) M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe
FirewallRules: [UDP Query User{15C82FC6-62AB-4904-B306-70AD69A9F8AD}M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe] => (Allow) M:\program files (x86)\saints row iv game of the century edition\saintsrowiv.exe
FirewallRules: [{21FE5001-0179-4A7F-B498-5A4FC555CC78}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{39F833ED-D645-4DF5-83B4-831D54CC965E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{68B18BCB-3874-46A4-80DD-9699222566CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A816DD60-DD86-4EA0-B739-3C9B7863C439}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F6B58786-8162-49F8-A162-73C2A3240B33}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe
FirewallRules: [{911438D9-1E32-4989-84B7-DEB3B3280F77}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1\WNt600x64\RpcSandraSrv.exe
FirewallRules: [TCP Query User{2848611B-7895-4823-B6D6-EF1CB0A006B6}M:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) M:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{1A33A746-BD72-44D4-9EDC-C53D8F2E8C08}M:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) M:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{68E4D429-DBA5-4597-951D-CAF7117A56F2}] => (Allow) M:\Program Files (x86)\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{B263A842-E664-4611-B127-0E9041E80D1E}] => (Allow) M:\Program Files (x86)\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{C5DFAF2D-B544-4910-A68A-FC0155A1ACAF}M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{D9AE8798-8B04-4742-93CA-7AB2A9C5D39A}M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) M:\program files (x86)\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [{9EA90930-8669-4BCB-AE2C-B41D164F14E5}] => (Allow) M:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4380FC8-563B-472A-81A3-22FADE6734CA}] => (Allow) M:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A2E30EF8-99FA-4ABA-B833-741974D6BC05}] => (Allow) M:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B48BF075-2C5F-47F9-ACAF-2980D48ACE01}] => (Allow) M:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BAC03561-5F5C-4155-9946-6B82F61A6381}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4C4C228A-CE78-4F94-AB6A-9A37178B6087}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{994B3FD3-15BE-418D-AFEA-A70CBBEC89AE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{20526224-9C49-480F-803C-192E53CF7DCD}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{FD77485A-0F7F-4A3B-8533-96CD5272A824}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7A16777D-B0E9-46FE-888E-9F62CD0D5ECB}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [UDP Query User{C342B424-54BE-42BC-91AD-47F83EDEA9AC}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe
FirewallRules: [{661DF73C-B241-477E-AA84-B087393EEA7F}] => (Allow) M:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{95BA97EC-4661-448D-8FDE-F28C87808F43}] => (Allow) M:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [TCP Query User{16AE10AB-38F4-486C-A014-611576649CED}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{E3E6A7A6-5CEA-406B-949D-09673533E769}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{CE4FA322-8732-4E69-A9FF-C35A1E697952}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C7266C32-357F-4EF1-A933-EE8B0E33FA21}] => (Allow) M:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A3A7A281-EA5E-4FF3-AC60-4833EC72D1C3}] => (Allow) M:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/14/2016 05:05:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:23:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nuance\OmniPage19\LaunchPad.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:15:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:14:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nuance\OmniPage19\omnipage.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.

Error: (09/14/2016 03:12:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:12:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nuance\OmniPage19\LaunchPad.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:12:56 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nuance\OmniPage19\OpAgent.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:12:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:12:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\NABIL\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.

Error: (09/14/2016 03:12:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\nabil\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_a2ddb3caa539acce.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.589_none_ea8aeaa1b9b5d5d4.manifest.


Systemfehler:
=============
Error: (09/14/2016 03:18:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/14/2016 03:18:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NABIL\AppData\Local\Temp\ehdrv.sys

Error: (09/14/2016 03:18:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/14/2016 03:18:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NABIL\AppData\Local\Temp\ehdrv.sys

Error: (09/14/2016 03:18:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/14/2016 03:18:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NABIL\AppData\Local\Temp\ehdrv.sys

Error: (09/14/2016 03:14:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/14/2016 03:14:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NABIL\AppData\Local\Temp\ehdrv.sys

Error: (09/14/2016 03:14:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/14/2016 03:14:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\NABIL\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-09-14 15:10:28.011
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-14 15:08:31.839
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-14 06:19:09.003
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-13 17:17:55.051
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-13 17:17:55.041
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-13 17:17:54.973
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-13 17:17:54.887
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-11 20:10:10.298
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-05 13:28:14.266
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-05 13:28:14.231
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8111.46 MB
Verfügbarer physikalischer RAM: 4930.62 MB
Summe virtueller Speicher: 16303.46 MB
Verfügbarer virtueller Speicher: 12570.04 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:42.36 GB) NTFS
Drive e: (Emily Wants To Play) (CDROM) (Total:2.26 GB) (Free:0 GB) UDF
Drive f: (Adobe Acrobat XI) (CDROM) (Total:0.74 GB) (Free:0 GB) CDFS
Drive g: (OMNIPAGE ULTIMAT) (CDROM) (Total:3.05 GB) (Free:0 GB) CDFS
Drive h: (LifeIsStrange) (CDROM) (Total:8.72 GB) (Free:0 GB) UDF
Drive m: (Volume) (Fixed) (Total:1863.01 GB) (Free:1008.97 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4A40E047)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5AC0E83E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================
         

Danke für alles wurde nun alles entfernt ?


und ich wollte genau das selbe bei meinem Laptop machen könntest du mir da auch behilflich sein?

Servus,

Zitat:

Zitat von nabil21

wurde nun alles entfernt ?

Kann ich noch nicht sagen, da du mir zweimal die fixlog.txt von FRST gepostet hast, aber nicht die Logdatei von ESET. Diese bitte noch nachreichen.

Zitat:

Zitat von nabil21

und ich wollte genau das selbe bei meinem Laptop machen könntest du mir da auch behilflich sein?

Können wir tun, wenn wir hiermit fertig sind.

Code: Alles auswählenAufklappen

ATTFilter

esetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c61e3cf1e23ee64aa8eccdca73fef43b
# end=init
# utc_time=2016-01-26 03:09:06
# local_time=2016-01-26 04:09:06 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27822
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c61e3cf1e23ee64aa8eccdca73fef43b
# end=updated
# utc_time=2016-01-26 03:11:16
# local_time=2016-01-26 04:11:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c61e3cf1e23ee64aa8eccdca73fef43b
# engine=27822
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-01-26 04:55:05
# local_time=2016-01-26 05:55:05 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 68865 17301317 0 0
# compatibility_mode_1='Emsisoft Anti-Malware'
# compatibility_mode=16898 16777213 100 100 6637 255069593 0 0
# scanned=334446
# found=58
# cleaned=0
# scan_time=6228
sh=01C53FBC0030066FE9032FEC431D9EA26B5811CC ft=1 fh=af8c82510ee8e748 vn="Win32/AlteredSoftware.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe.vir"
sh=0E7CC420B0BE38296EF8516DC3786361119F1F5F ft=1 fh=02f58beb2edcfbd2 vn="Win32/AlteredSoftware.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe.vir"
sh=01C53FBC0030066FE9032FEC431D9EA26B5811CC ft=1 fh=af8c82510ee8e748 vn="Win32/AlteredSoftware.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe.vir"
sh=A565AA91F7873179776579995E9F4D2B2894AE5A ft=1 fh=22e3a81795d8fb05 vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe.vir"
sh=F1A0D0D29F924A24AF0F0521CF6F9A9150A10ECC ft=1 fh=22e3a817befc6b5a vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe.vir"
sh=644F7D7493337B1C476B3EDAED8C9816BB5C9063 ft=1 fh=c71c001192caf50d vn="Variante von Win32/AlteredSoftware.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir"
sh=CAD24D6941B07E51808468EFF1EE3F03FD485F0D ft=1 fh=d9cdf1c8ff17595a vn="Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir"
sh=2055099DED487DBDF3DDCC0B68EE57715E67F22B ft=1 fh=c71c0011fea7552e vn="Variante von Win32/AlteredSoftware.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.vir"
sh=EDB4A6C7E75E18ACB805418EFFD78267BB2F37C4 ft=1 fh=c71c001126306ac8 vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir"
sh=399CE73FBD27EABB303FD899656E3C66C55B3F29 ft=1 fh=c71c001160921a34 vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir"
sh=FCE7690716A874C565611CDACCC01673147349B0 ft=1 fh=5c44dee634434d82 vn="Variante von MSIL/Adware.iBryte.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\RocketTab\Client.exe.vir"
sh=D62E826B13E242DC0BABCAD05E3A4613795A024F ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi.vir"
sh=052C721B2AD4E60FFF57F675C32B85437096D500 ft=1 fh=734410019c5d3506 vn="Variante von MSIL/Adware.PullUpdate.L.gen Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Browser\prompt.exe.vir"
sh=FF821C64CB1617DDD0CEC915CE0121C5C19E8BDB ft=1 fh=c391774cd82c2f19 vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\lDaJYKqItHu\tdMewt.exe.vir"
sh=48F0764B22F6145FB07BC70729241A422999CA13 ft=1 fh=60d6a65a5ae394a7 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\lDaJYKqItHu\dat\auomdtJ.dll.vir"
sh=B75F0DA1C622C072CDB9E7AE7269583F8393E983 ft=1 fh=430b37c738b4e4a5 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\lDaJYKqItHu\dat\dTfGwgbLxs.dll.vir"
sh=E7BDA99E388B6E8C1D44B665809641E308356943 ft=1 fh=505611e25627b91e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\lDaJYKqItHu\dat\tJaSCqpwtmG.exe.vir"
sh=B7B102FDB305B695E31A533F5632D3E6190D701A ft=1 fh=e7285a030844b44a vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\lDaJYKqItHu\dat\TorbDGfae.exe.vir"
sh=3A1DE088355D742505A4701312031F4F77FF768C ft=1 fh=a6caf9f78e785786 vn="Variante von Win32/RiskWare.Astori.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\NABIL\AppData\Roaming\InetStat\inetstat.exe.vir"
sh=1CC7430534BA7E26DA02CA2B89A4E2E92DA881D1 ft=1 fh=b92bf5d4a3842d70 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\NABIL\Downloads\Dropbox - CHIP-Downloader.exe.xBAD"
sh=DBEB502DC305CEDD6F20478D072C94182CC45D61 ft=1 fh=69c72753d01502df vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\NABIL\Downloads\FRAPS - CHIP-Downloader.exe.xBAD"
sh=2AC3D348D60A2A52448743287468EB00B27F7AE1 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\NABIL\Downloads\Keksonly.rar.xBAD"
sh=7354F1E9CAF884F18FC243D0897051C21E912BFC ft=1 fh=323860dc43afa4b8 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\NABIL\Downloads\Nero 2014 - CHIP-Installer.exe.xBAD"
sh=ABE781247F8B6E3DB7C06AB6DB7C14C928850AEF ft=1 fh=3d023e5296609c9b vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\NABIL\Downloads\PDF XChange Viewer - CHIP-Installer.exe.xBAD"
sh=10C4E2EFBD9AC903C6DE6B2FCAA1B2E74947EEEB ft=1 fh=d4ef9a40403b3a5e vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\NABIL\Downloads\Samsung Android USB Composite Device Treiber - CHIP-Downloader.exe.xBAD"
sh=84D10C5437EF79F11252841246EFD68C2704D77A ft=1 fh=d923723deb2048e6 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\NABIL\Downloads\Samsung Kies - CHIP-Downloader.exe.xBAD"
sh=363F1AC0BF6514C3ACEC2A72692BC7B3480E25EE ft=1 fh=9840bf1f917718f4 vn="Variante von Win32/InstallCore.BX evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\NABIL\Downloads\WinZip175_mfse_fah.exe.xBAD"
sh=44C239840FB295279C2078E9E9CB7081FA517D19 ft=1 fh=b75aaecba1cb0f99 vn="Variante von Win32/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\PSupport\uninstall.exe.vir"
sh=709FB299B4A0A5BBA0072F5BB69D734E176D4B71 ft=1 fh=903404f51ed6679b vn="Variante von Win32/Toolbar.CrossRider.AX evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-4.exe.vir"
sh=A2993D4A136D510B3AF838814D1CD66D56A47FC5 ft=1 fh=e4e4e3a13329c606 vn="Variante von Win32/Toolbar.CrossRider.AY evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-5.exe.vir"
sh=0803FC30F73CCC06041B60E57260A7FF40BC8770 ft=1 fh=0a2c388a9a9fa06c vn="Variante von Win32/Toolbar.CrossRider.AY evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-6.exe.vir"
sh=2B7F75BEC530EEA3CD1C6321A421A9B6BD232D47 ft=1 fh=3d40e2856eb9e4f9 vn="Variante von Win64/Toolbar.Crossrider.K evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-64.exe.vir"
sh=4339361213DCFB23DC3CFEA40E22680B0EB55CC0 ft=1 fh=493651f7343d6bc6 vn="Variante von Win32/Toolbar.CrossRider.AY evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65-7.exe.vir"
sh=C8B2CEC60214481EA8CB863B918E5FEB056D25F5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.R evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65.crx.vir"
sh=306F316CB72EA012F084C650EE6EE3E395DD1727 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\04a0ad5c-2a17-4ce0-a4a7-4a5ed3494d65.xpi.vir"
sh=C8B2CEC60214481EA8CB863B918E5FEB056D25F5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.R evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\0524d87e-15d1-4175-9d5d-8ff069da3fa1.crx.vir"
sh=660079CE9B154351F9F72F47A0EF80F63D906895 ft=1 fh=c8b4d5a58893dc9c vn="Variante von Win32/Toolbar.CrossRider.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\0524d87e-15d1-4175-9d5d-8ff069da3fa1.dll.vir"
sh=4F1A1ECBC53648728576DC417328B2DD70532367 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\1293297481.mxaddon.vir"
sh=9685EAA3F8461BB78E66B5DE82821BEF92CA085A ft=1 fh=d8df130b7df81745 vn="Variante von Win64/Toolbar.Crossrider.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\a78b6eae-0a2e-49bb-951f-7df820f906a1.dll.vir"
sh=D84525F80FE03B3899C008BB98470A4EAE11E807 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\d7f714fd-39c9-42c5-b936-c219f0405f7c.crx.vir"
sh=D81AEAD41699CADE10D283ACA0878917BCA47F16 ft=1 fh=fd2b15607023fea7 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bg.exe.vir"
sh=D2962C06A3EF79A1335348CCF9EF0275AF5D0D23 ft=1 fh=52714caa905c048c vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho.dll.vir"
sh=76408B9DD3B0F6EA1899BFF27CBAA6AD9857FD9F ft=1 fh=58961e204b569c1e vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-bho64.dll.vir"
sh=4339361213DCFB23DC3CFEA40E22680B0EB55CC0 ft=1 fh=493651f7343d6bc6 vn="Variante von Win32/Toolbar.CrossRider.AY evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\SmartSaver+ 15-codedownloader.exe.vir"
sh=4B826FEE9670FCC0F1B4E89984F4D4B5BB7610DE ft=1 fh=18d3e6619224514e vn="Variante von Win32/Toolbar.CrossRider.AW evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\Uninstall.exe.vir"
sh=3899924EE3DB873BD76E70F0BB5341C6DFAB306A ft=1 fh=807a54f47accc1f7 vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SmartSaver+ 15\utils.exe.vir"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\AppData\Roaming\ICWGRTHR"
sh=451F074BC7E799D776DE015CEC5EDB882A26662C ft=0 fh=0000000000000000 vn="Variante von Java/Adwind.E Trojaner" ac=I fn="C:\Users\NABIL\AppData\Roaming\test.jar"
sh=9D3D1058E3881097DA025B2D7F8CC261482D7C1B ft=1 fh=7bd79b6823683bac vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\64bit_Win7_Win8_Win81_R274 - CHIP-Installer.exe"
sh=A1A072DB872FECFD7ABD12CE631034F97A24224F ft=1 fh=9e477a1c2fb11da8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\Classic Shell - CHIP-Installer.exe"
sh=33D62D71E9666C8AADCF9A45ACCF4B8474EEEF06 ft=1 fh=4913cb7a2b6ab5df vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\Driver Booster Free - CHIP-Installer.exe"
sh=1829B9DB344B868946F30D73125A494D68FD332B ft=1 fh=81ada027727dae29 vn="Variante von Win32/InstallCore.ABZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\EPSON EXPRESSION HOME XP-415 user guide.cpl"
sh=36B61A1C2E3359F9830ECC2794A1E97387F0907D ft=1 fh=a2e9f370502c9973 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\Free Dailymotion Download - CHIP-Installer.exe"
sh=18FF35DD70FEB821142778DACEF4CBCD40510D84 ft=1 fh=5ab494aa5e8ab7a5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\NetStress - CHIP-Installer.exe"
sh=566F9766964A993B00A3407BAAA3E0C43D537507 ft=1 fh=cc0e196260e688a4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\Perfect Lohn und Gehalt - CHIP-Installer.exe"
sh=7D5615E14FE6CFE3F38BFEF65100E4077AEB4618 ft=1 fh=845d73311731334b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\Samsung Kies - CHIP-Installer.exe"
sh=5973A806ECF1DC3C942A7149323943456FFF03C7 ft=1 fh=9cbf6da870e24ee6 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\SiSoft Sandra Lite 2015 - CHIP-Installer.exe"
sh=3682B2771DBE41683F7AF3912E47997B72B7D8B3 ft=1 fh=f66a87d64557e1f0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\NABIL\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"
         

ist das hier das richtige ?

Servus,

Zitat:

Zitat von nabil21

ist das hier das richtige ?

ja

Zitat:

CHIP-Installer.exe

Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?

Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

start
CloseProcesses:
C:\Users\NABIL\AppData\Roaming\ICWGRTHR
C:\Users\NABIL\AppData\Roaming\test.jar
C:\Users\NABIL\Downloads\*CHIP-Installer*.exe
DeleteKey: HKU\S-1-5-21-225648569-1694930765-1264359465-501\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
DeleteKey: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113}
CMD: reg delete "HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION" /v SnapDo.exe /f
CMD: reg delete "HKU\S-1-5-21-225648569-1694930765-1264359465-501\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION" /v SnapDo.exe /f
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!









Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Cleanup:
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.

• Schließe alle offenen Programme.
• Starte die delfix.exe mit einem Doppelklick.
• Setze vor jede Funktion ein Häkchen.
• Klicke auf Start.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.





Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.






Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.




Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .




Abschließend noch ein paar grundsätzliche Bemerkungen:

• Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
• Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
• Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Code: Alles auswählenAufklappen

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von NABIL (17-09-2016 01:20:09) Run:2
Gestartet von C:\Users\NABIL\Desktop
Geladene Profile: NABIL & asd & bazet & Gast & DefaultAppPool (Verfügbare Profile: NABIL & asd & bazet & Gast & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
C:\Users\NABIL\AppData\Roaming\ICWGRTHR
C:\Users\NABIL\AppData\Roaming\test.jar
C:\Users\NABIL\Downloads\*CHIP-Installer*.exe
DeleteKey: HKU\S-1-5-21-225648569-1694930765-1264359465-501\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
DeleteKey: HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113}
CMD: reg delete "HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION" /v SnapDo.exe /f
CMD: reg delete "HKU\S-1-5-21-225648569-1694930765-1264359465-501\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION" /v SnapDo.exe /f
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.
"C:\Users\NABIL\AppData\Roaming\ICWGRTHR" => nicht gefunden.
"C:\Users\NABIL\AppData\Roaming\test.jar" => nicht gefunden.

=========== "C:\Users\NABIL\Downloads\*CHIP-Installer*.exe" ==========

C:\Users\NABIL\Downloads\Realtek HD Audio Treiber inoffizielle WHQL Treiber - CHIP-Installer.exe => erfolgreich verschoben

========= Ende -> "C:\Users\NABIL\Downloads\*CHIP-Installer*.exe" ========

HKU\S-1-5-21-225648569-1694930765-1264359465-501\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113} => Schlüssel nicht gefunden. 

========= reg delete "HKU\S-1-5-21-225648569-1694930765-1264359465-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION" /v SnapDo.exe /f =========

Der Vorgang wurde erfolgreich beendet.


========= Ende von CMD: =========


========= reg delete "HKU\S-1-5-21-225648569-1694930765-1264359465-501\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION" /v SnapDo.exe /f =========

Der Vorgang wurde erfolgreich beendet.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13112542 B
Java, Flash, Steam htmlcache => 10507698 B
Windows/system/drivers => 1304543 B
Edge => 0 B
Chrome => 549966875 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile32 => 0 B
LocalService => 1566 B
NetworkService => 7014 B
NABIL => 32141155 B
asd => 0 B
bazet => 0 B
Gast => 0 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 579 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 01:20:18 ====
         

ich danke dir vielmals !!!!! hast mir echt geholfen
Echt klasse Support hier wirklich!!!!!!!!!!!!!!!!!!

Ich werde die Tage das gleiche mit meinem Lappi tuhen

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.